Papers

Here’s a tentative list of the papers that will be discussed in the course. The list will be finalized by updating the course calendar with information specific papers for each session.

  1. Yajin Zhou; Xuxian Jiang, “Dissecting Android Malware: Characterization and Evolution,” Security and Privacy (SP), 2012 IEEE Symposium on , vol., no., pp.95,109, 20-23 May 2012.
  2. B. Livshits and J. Jungo, “Automatic mediation of privacy-sensitive resource access in smartphone applications,” in Proceedings of the 2013 USENIX Security Symposium, SEC’13, 2013.
  3. S. Bugiel, S. Heuser, and A.-R. Sadeghi, “Flexible and fine-grained mandatory access control on Android for diverse security and privacy policies,” in Proceedings of the 2013 USENIX Security Symposium, SEC’13, 2013.
  4. O. Riva, C. Qin, K. Strauss, D. Lymberopoulos, and D. S. Wallach, “Progressive authentication: Deciding when to authenticate on mobile phones,” in Proceedings of the 2012 USENIX Security Symposium, SEC’12, 2012.
  5. L. K. Yan and H. Yin, “DroidScope: Seamlessly reconstructing the OS and Dalvik semantic views for dynamic Android malware analysis,” in Proceedings of the 2012 USENIX Security Symposium, SEC’12, 2012.
  6. W. Enck, D. Octeau, P. McDaniel, and S. Chaudhuri, “A study of Android application security,” in Proceedings of the 2011 USENIX Security Symposium, SEC’11, 2011.
  7. A. P. Felt, H. J. Wang, A. Moshchuk, S. Hanna, and E. Chin, “Permission re-delegation: Attacks and defenses,” in Proceedings of the 2011 USENIX Security Symposium, SEC’11, 2011.
  8. R. Wang, L. Xing, X. Wang, and S. Chen, “Unauthorized origin crossing on mobile platforms: Threats and mitigation,” in Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS’13, 2013.
  9. L. Wu, M. Grace, Y. Zhou, C. Wu, and X. Jiang, “The impact of vendor customizations on Android security,” in Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS’13, 2013.
  10. C.-C. Lin, H. Li, X. Zhou, and X. Wang, “Screenmilker: How to milk your Android screen for secrets,” in Proceedings of the 2014 Network and Distributed System Security Symposium, NDSS’14, 2014.
  11. C. Marforio, N. Karapanos, C. Soriente, K. Kostiainen, and S. Capkun, “Smartphones as practical and secure location verification tokens for payments,” in Proceedings of the 2014 Network and Distributed System Security Symposium, NDSS’14, 2014.
  12. M. Georgiev, S. Jana, and V. Shmatikov, “Breaking and fixing origin-based access control in hybrid web/mobile application frameworks,” in Proceedings of the 2014 Network and Distributed System Security Symposium, NDSS’14, 2014.
  13. S. Bugiel, L. Davi, A. Dmitrienko, T. Fischer, A.-R. Sadeghi, and B. Shastry, “Towards taming privilege-escalation attacks on Android,” in Proceedings of the 2012 Network and Distributed System Security Symposium, NDSS’12, 2012.
  14. Chunyi Peng, Chi-Yu Li, Hongyi Wang, Guan-Hua Tu, Songwu Lu, “Real Threats to Your Data Bills: Security Loopholes and Defenses in Mobile Data Charging,” ACM CCS 2014.
  15. Serge Egelman, Sakshi Jain, Rebecca S. Portnoff, Kerwell Liao, Sunny Consolvo, David Wagner, “Are You Ready to Lock?” ACM CCS 2014
  16. Qinggang Yue, Zhen Ling, Xinwen Fu, Benyuan Liu, Kui Ren, Wei Zhao, “Blind Recognition of Touched Keys on Mobile Devices” ACM CCS 2014
  17. Zhengyang Qu, Vaibhav Rastogi, Xinyi Zhang, Yan Chen, Tiantian Zhu, Zhong Chen “AutoCog: Measuring the Description-to-permission Fidelity in Android Applications” ACM CCS 2014
  18. Markus Miettinen, N. Asokan, Thien Duc Nguyen, Ahmad-Reza Sadeghi, Majid Sobhani, “Context-Based Zero-Interaction Pairing and Key Evolution for Advanced Personal Devices” ACM CCS 2014
  19. Q. A. Chen, Z. Qian, and M. Mao, “Peeking into your app without actually seeing it: UI state inference and novel Android attacks,” in Proceedings of the 2014 USENIX Security Symposium, SEC’14, 2014.
  20. Y. Song, G. Cho, S. Oh, H. Kim, J. H. Huh, “On the Effectiveness of Pattern Lock Strength Meters – Measuring the Strength of Real World Pattern Locks,” in Proceedings of the 2015 ACM SIG CHI.