The Threat in your Pocket: Trends, Challenges, and Solutions in Mobile Application Security


Professor Sam Malek
University of California, USA


Mobile devices are ubiquitous, with billions of smartphones and tablets used worldwide. Fueling the popularity of such devices is the abundance of apps available on a variety of markets (e.g., Google Play). This abundance of apps arises, in large part, due to the platform’s low barrier to entry for amateur and professional developers alike, where a re-usable infrastructure enables relatively quick production of apps. However, this low barrier to entry is associated with an increased risk of apps with defects, particularly in the form of security vulnerabilities. Consequently, developers and designers of such apps are in need of appropriate approaches, tools, and frameworks that aid them in producing secure apps. In this talk, I will first provide an overview of the security vulnerabilities in Android and the attacks that exploit them. I will then describe a few promising approaches that aim to resolve these security threats. Finally, I will conclude the talk with the lessons learned and the avenues for future research.