Modern OS Security

Consumer operating systems are changing. Android, iOS, and Windows 8 place a high priority on the user-application experience. They provide new abstractions for developing user-applications: applications fill the screen; they have complex lifecycles that respond to user and system events; and they use semantically rich OS provided application programming interfaces (APIs) such as "get location," "take picture," and "search address book." These functional changes caused OS designers to rethink security. The new application abstractions both enable and necessitate assigning each user application to a unique protection domain, rather than executing all user applications with the user's ambient authority (the norm in traditional OSes such as Windows and UNIX).

While modern operating systems improve on the protection model of traditional desktop and server OSes, they are insufficient. My research seeks to explore modern OS security and identify novel ways of improving their protection models. For example, applications do not operate in isolation. They frequently share data. Therefore, simple sandbox isolation is insufficient. Instead, security should be based on information flow. However, information flow control (IFC) cannot be blindly applied. My work on Aquifer defines a new IFC model based on user interface workflows.

Related Publications

Related Tools and Code

Android Application Analysis

A key driver behind the popularity of smartphones is the diversity and number of available third-party applications. Application markets such as the Google Play Store for Android and the Apple App Store for iOS provide over a million applications each. Android users can also download applications from third-party markets, which are popular in Asia. My research studies the security and privacy of Android applications using static and dynamic analysis. It has identified vulnerabilities, privacy-infringing functionality, as well as malware. For example, we developed TaintDroid and used it to identify that geographic location is frequently sent to advertisement servers without users' knowledge. TaintDroid has been released as open source and has been used in many follow on studies and systems. In a related project, we created a decompiler for Android applications and developed a set of Fortify SCA rules to identify vulnerabilities and dangerous behavior. We used these rules to study 1,100 popular applications and reported a breadth study of our findings. Many of the areas of our findings have been expanded on by other researchers in the field. My research continues to apply static and dynamic analysis techniques to studying malware as well as security and privacy concerns in Android applications.

Related Publications

Related Tools and Code

Using NLP for Security

While researching Android application analysis, we frequently found that the results of static and dynamic program analysis come with the caveat: unless the user expected X to happen. For example, TaintDroid can identify when geographic location is sent to a remote server, but it required a human to review the leak as well as the description of the application, the user interface, and any EULAs that may have been presented to the user. My research seeks to bridge the semantic gap between application functionality and user expectations through the application of natural language processing (NLP) and textual analysis. For example, Whyper uses NLP to analyze the description of applications provided by their developers. The semantic model extracted from the description is compared with the permissions the application requests to determine if the permissions are expected. Whyper is just the beginning. My research continues to explore different ways in which NLP and textual analysis can be applied to enhance security analysis.

Related Publications

Related Tools and Code

Mobile Web Security

Smartphones and mobile devices commonly access Web services. When a Web browser accesses a Web server, the server commonly checks the user agent string and serves a mobile-optimized page if the browser is on a mobile device. Mobile Web services are also accessed from native applications designed specifically for a Web site. In fact, many applications in application markets such as Apple's App Store and Google's Play Store are little more than thin containers around WebView UI widgets that render a mobile site. My research considers the security and privacy challenges and opportunities that arise as mobile devices access the Web.

Related Publications

Telecommunications Security

Securing national infrastructure such as the telecommunications network is of utmost importance. We discovered vulnerabilities in the celluar phone network that allow a careful attacker to deny voice service to metropolitain areas the size of Manhattan with little more than a cable modem by sending SMS messages from the Internet. We extended our original analysis by building a detailed GSM simulator. Through a combination of simulation and mathematical modeling, we derived a deeper understanding of the necessary preconditions for an attack, as well as an array of mitigation techniques.

Related Publications