Program Analysis to Secure the Mobile Ecosystem

Yanick Fratantonio
University of California, Santa Barbara


Abstract

The official Google and Apple stores currently host millions of mobile apps, which are used by billions of users. In an ideal world, these users should be able to fully trust their devices and apps, and apps developers would focus on developing core features and functionality, without being concerned about introducing security vulnerabilities. During my talk, I will first provide an overview of my research, which aims at bridging the gap between this ideal world and the world we currently live in, where sophisticated malware and vulnerabilities in benign apps pose severe security risks. I will then present “trigger analysis,” a novel program analysis technique to identify logic bombs, malicious functionality that is triggered only when certain (often narrow) conditions are satisfied. I will also argue that mobile apps need to be analyzed within the context of their execution environment, and cannot be analyzed in isolation. In particular, I will show how the event-driven nature of mobile apps introduces implicit control flow transitions that malicious apps can (ab)use to evade current analysis systems, and I will then present a novel technique to tackle this problematic aspect. Finally, I will share my future interests in addressing unexplored areas of mobile security, Internet of Things, and code complexity analysis to detect and prevent denial-of-service attacks.