[liberationtech] At Stanford on Tue, Mar 29, 2016 -- Negin Salajegheh: Predictive information flow tracking for mobile security
Yosem Companys
companys at stanford.edu
Fri Mar 25 09:34:13 PDT 2016
From: David Wu <dwu4 at cs.stanford.edu>
Predictive information flow tracking for mobile security
Negin Salajegheh
Tuesday, March 29, 2016
Talk at 4:15pm
Gates 463A
Abstract:
Phones today carry sensitive information and have a great number
of ways to communicate that data. As a result, malware that steal
money, information, or simply disable functionality have hit the app
stores. Current security solutions for preventing undesirable data
leaks are mostly high-overhead and have not been practical enough
for smartphones. In this paper, we show that by simply monitoring
only memory loads and store instructions, it is possible to achieve
low overhead, and yet highly accurate information flow tracking. Our
method achieves 98% accuracy (0% false positive and 2% false negative)
over DroidBench. Our lightweight method was also able to successfully
catch real-world malware instances that steal phone number, location,
and device ID using SMS messages and HTTP connections.
Bio:
Negin Salajegheh is a senior research engineer at Qualcomm research
silicon valley (QRSV) where she has worked on mobile security, and
real-time malware detection in mobile phones. Her work also includes
data leak tracking, anomaly detection based on hardware behavior,
as well as security and privacy of IoT devices. Negin received
her PhD from University of Massachusetts Amherst on security and
reliability of embedded systems such as RFID tags, medical devices,
payment systems, and storage systems. She has published her work in
ASPLOS, PerCom, Usenix security, Usenix FAST, and ACM Transactions
on Embedded Computing Systems.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20160325/18962e9b/attachment.html>
More information about the liberationtech
mailing list