BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Memento EPFL//
BEGIN:VEVENT
SUMMARY:IC Colloquium : Opposites Attract - Static analysis on mobile apps
  for security and privacy
DTSTART:20130204T161500
DTEND:20130204T173000
DTSTAMP:20260407T162241Z
UID:69403719dcc78c279bde1fa5503674b575c42da4103d0c847a22c42f
CATEGORIES:Conferences - Seminars
DESCRIPTION:Manuel Egele\, Carnegie Mellon University\nIC faculty candidat
 e\nAbstract\nMobile devices are ubiquitous. Apple sold over 360 million iO
 S devices to date\,and it has been reported that more than 500 million And
 roid-based devices are in customers' hands.  These devices open exciting 
 new avenues of innovation such as location-based services and mobile payme
 nt. Of course\, the user has a legitimate\ndesire to keep the privacy-sens
 itive data maintained and collected by these smart devices safe and secure
 . Unfortunately\, mobile devices frequently expose\nsuch information to pr
 ying third-party applications (apps). In this talk\, I will demonstrate ho
 w novel static analysis techniques can be used to automatically assess whe
 ther apps adhere to the user's expectation of privacy. My binary static an
 alysis platform (PiOS) has the capability to evaluate many different secur
 ity properties on iOS applications.  For example\, PiOS automatically det
 ected numerous popular applications that leak privacy sensitive data\, suc
 h as address book contents or location information over the Internet. Base
 d on PiOS\, we were also able to retrofit iOS applications with control fl
 ow integrity protection.  Android recently surpassed Apple as the most po
 pular smart phone operating system. Thus\, in this talk\, I will also cove
 r my research to leverage static analysis techniques to detect misuse of c
 ryptographic primitives in Android apps. Furthermore\, I will illustrate h
 ow these techniques can be used to refine and improve the existing coarse-
 grained Android permission system.Biography\nManuel Egele is a post-doctor
 al researcher at Carnegie Mellon University\, Cylab. Before starting at CM
 U\, he was a post-doctoral researcher at the Computer Security Group of th
 e Department of Computer Science at the University of California\, Santa B
 arbara.  He received his MSc (2006) and Ph.D.  (2011) degrees in compute
 r science from the University of Technology in Vienna. His research intere
 sts span numerous areas of systems security -- in particular\, mobile secu
 rity\, privacy\, and malicious code analysis. His PiOS work received a dis
 tinguished paper award at the Network and Distributed Systems Security Sym
 posium 2011. Lately\, he started investigating techniques to aid developer
 s in avoiding common pitfalls when applying cryptographic primitives in th
 eir mobile applications.
LOCATION:BC 420 https://plan.epfl.ch/?room==BC%20420
STATUS:CONFIRMED
END:VEVENT
END:VCALENDAR