Our weekly seminar series welcomes Schwartz Reisman Research Lead David Lie, professor in the Department of Electrical and Computer Engineering at the University of Toronto and a Tier 1 Canada Research Chair in Secure and Reliable Systems. Lie’s current work is focused on securing mobile platforms, cloud computing security and bridging the divide between technology and policy.
Talk title
“A look at security and privacy on smartphones”
Abstract
This talk will examine the evolution of both threats and defenses on the Android platform over the last 10 years. We start with the original design of smartphone permission systems and marketplace infrastructure, which was partially motivated by lessons learned from the PC ecosystem. We then describe the Lie research group's ongoing work in analysis of smartphone operating systems, malware, and applications with respect to security and privacy. We close with a global user study we conducted on the behaviours and attitudes of 1800 participants across 10 countries towards smartphone application privacy.
Recommended readings
I. Pustogarov, Q. Wu, and D. Lie, “Ex-vivo dynamic analysis framework for Android device drivers.” Proceedings of the 41st IEEE Symposium on Security and Privacy, 2020. (1 minute overview, Full talk video.) [bibtex]
M. Wong and D. Lie, “Tackling runtime-based obfuscation in Android with TIRO.” Proceedings of the 27th USENIX Security Symposium, 2018. (slides, source code) [bibtex]
M. Wong and D. Lie, “IntelliDroid: A targeted input generator for the dynamic analysis of Android malware.” Proceedings of the 2016 Symposium on Network and Distributed System Security (NDSS), 2016. [bibtex]
K. Wain Yee Au, Y. Fan Zhou, Z. Huang, and D. Lie, “PScout: Analyzing the Android permission specification.” Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS), 2012. [bibtex]
K. Wain Yee Au, Y. Fan Zhou, Z. Huang, P. Gill, and D. Lie, “Short paper: A look at smartphone permission models.” The 1st Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM), pp. 63–67, 2011. [bibtex]
About David Lie
Schwartz Reisman Research Lead David Lie is professor in the Department of Electrical and Computer Engineering and a Tier 1 Canada Research Chair in Secure and Reliable Systems. He also holds appointments in the Department of Computer Science and the Faculty of Law. He is known for his seminal work on the XOM architecture, which was an early precursor to modern trusted execution processor architectures such as ARM Trustzone and Intel SGX. He was the recipient of a best paper award at SOSP for this work, and of the MRI Early Researcher Award and Connaught Global Challenge Award. He developed the PScout Android Permission mapping tool, whose datasets have been downloaded over 10,000 times and used in dozens of subsequent papers. David has served on various program committees including OSDI, Usenix Security, IEEE Security & Privacy, NDSS and CCS.
About the SRI Seminar Series
The SRI Seminar Series brings together the Schwartz Reisman community and beyond for a robust exchange of ideas that advance scholarship at the intersection of technology and society. Seminars are led by a leading or emerging scholar and feature extensive discussion.
Each week, a featured speaker will present for 45 minutes, followed by 45 minutes of discussion. Registered attendees will be emailed a Zoom link approximately one hour before the event begins. The event will be recorded and posted online.
David Lie