|Cybersecurity Lecture Series|
|Leveraging Software Instrumentation for Android Security Assessment and Privacy Enforcement|
|Aisha Ali‐Gombe, Ph.D.|
|Assistant Professor of Computer Science, Towson University|
|Digital Media Center 1034
March 19, 2018 - 02:00 pm
Modern malware is in use on an industrial scale by cybercrime organizations, and its development is often highly professional. On mobile devices, malicious applications can very effectively spy on users and their communications in real time, install root exploits to escalate their privileges, designate target devices as bots, etc. The information gathered by these applications is sufficient to uniquely and accurately profile users and can cause tremendous personal and financial damage. In many respects, this presents an enormous threat not just to users but organizations and nation states at large. On Android, security and privacy weaknesses in the operating system and framework code have created a whole new dynamic for malware and privacy exploitation. In this research, we leverage software instrumentation techniques to develop robust and highly adaptable tools for malware analysis and fine‐grain privacy enforcement for Android applications. Unlike existing literature, our user‐level approach provides a more efficient and platform‐independent methodology for security monitoring and low‐level access control in mobile Applications.