In contrast with traditional ubiquitous computing, mobile devices are now user-facing, more complex and interconnected. Thus they introduce new attack surfaces, which can result in severe private information leakage. Due to the rapid adoption of smart devices, there is an urgent need to address emerging security and privacy challenges to help realize the vision of a secure, smarter and personalized world.
In this talk, I will focus on the smartphone and its role in smart environments. First I will show how the smartphone's complex architecture allows third-party applications and advertising networks to perform inference attacks and compromise user confidentiality. Further, I will demonstrate how combining techniques from both systems and data sciences can help us build tools to detect such leakage. Second, I will show how a weak mobile application adversary can exploit vulnerabilities hidden in the interplay between smartphones and smart devices. I will then describe how we can leverage both strong mandatory access control and flexible user-driven access control to design practical and robust systems to mitigate such threats. I will conclude, by discussing how in the future I want to enable a trustworthy Internet of Things, focusing not only on strengthening smartphones, but also emerging intelligent platforms and environments (e.g. automobiles, smart buildings/cities), and new user interaction modalities in IoT (acoustic signals).
Soteris Demetriou is a Ph.D. Candidate in Computer Science at the University of Illinois at Urbana- Champaign. His research interests lie at the intersection of mobile systems and, security and privacy, with a current focus on smartphones and IoT environments. He discovered side-channels in the virtual process filesystem (procfs) of the Linux kernel that can be exploited by malicious applications running on Android devices; he built Pluto, an open-source tool for detection of sensitive user information collected by mobile apps; he designed security enhancements for the Android OS which enable mandatory and discretionary access control for external devices. His work incited security additions in the popular Android operating system, has received a distinguished paper award at NDSS, and is recognized by awards bestowed by Samsung Research America and Hewlett-Packard Enterprise. Soteris is a recipient of the Fulbright Scholarship, and in 2017 was selected by the Heidelberg Laureate Forum as one of the 200 most promising young researchers in the fields of Mathematics and Computer Science.
Date: Mar. 14, 2018
Time: 10:15-11:15 am
Place: Innovation Center, Room 2277