Faculty Colloq: Predictive information flow tracking for mobile security

Tuesday, April 5, 2016 - 12:00 to 13:30
Room 220, New Computer Science Building, Stony Brook University

The CS department is lucky to have Mihai Christodorescu from Qualcomm Research Silicon Valley visiting us and giving a talk at noon on mobile device security. Please see detailed info below.

Christodorescu will present, "Predictive information flow tracking for mobile security". Christodorescu's bio and abstract are presented below.

Phones today carry sensitive information and have a great number of ways to communicate that data. As a result, malware that steal money, information, or simply disable functionality have hit the app stores. Current security solutions for preventing undesirable data leaks are mostly high-overhead and have not been practical enough for smartphones. In this paper, we show that by simply monitoring only memory loads and store instructions, it is possible to achieve low overhead, and yet highly accurate information flow tracking. Our method achieves 98% accuracy (0% false positive and 2% false negative) over DroidBench. Our lightweight method was also able to successfully catch real-world malware instances that steal phone number, location, and device ID using SMS messages and HTTP connections.

Mihai Christodorescu is senior research staff at the Qualcomm Research Silicon Valley lab, where he addresses a variety of cybersecurity challenges. His current focus is on autonomous application security using online machine learning, on privacy in cloud and IoT settings, and on the usability of web privacy. Mihai’s past research in real-time, behavioral security for smartphones is now available in the Qualcomm Snapdragon Smart Protect product. He holds a PhD in computer sciences from University of Wisconsin, Madison, where he developed novel techniques for program analysis to detect and characterize malware, while advised by Professor Somesh Jha. When not tackling cyberthreats, he rows at the Los Gatos Rowing Club and tries to keep up with his high-energy 5-year old son.

Computed Event Type: 
Event Title: 
Faculty Colloq: Predictive information flow tracking for mobile security