Here’s a tentative list of the papers that will be discussed in the course. The list will be finalized by updating the course calendar with information specific papers for each session.
- Yajin Zhou; Xuxian Jiang, “Dissecting Android Malware: Characterization and Evolution,” Security and Privacy (SP), 2012 IEEE Symposium on , vol., no., pp.95,109, 20-23 May 2012.
- B. Livshits and J. Jungo, “Automatic mediation of privacy-sensitive resource access in smartphone applications,” in Proceedings of the 2013 USENIX Security Symposium, SEC’13, 2013.
- S. Bugiel, S. Heuser, and A.-R. Sadeghi, “Flexible and fine-grained mandatory access control on Android for diverse security and privacy policies,” in Proceedings of the 2013 USENIX Security Symposium, SEC’13, 2013.
- O. Riva, C. Qin, K. Strauss, D. Lymberopoulos, and D. S. Wallach, “Progressive authentication: Deciding when to authenticate on mobile phones,” in Proceedings of the 2012 USENIX Security Symposium, SEC’12, 2012.
- L. K. Yan and H. Yin, “DroidScope: Seamlessly reconstructing the OS and Dalvik semantic views for dynamic Android malware analysis,” in Proceedings of the 2012 USENIX Security Symposium, SEC’12, 2012.
- W. Enck, D. Octeau, P. McDaniel, and S. Chaudhuri, “A study of Android application security,” in Proceedings of the 2011 USENIX Security Symposium, SEC’11, 2011.
- A. P. Felt, H. J. Wang, A. Moshchuk, S. Hanna, and E. Chin, “Permission re-delegation: Attacks and defenses,” in Proceedings of the 2011 USENIX Security Symposium, SEC’11, 2011.
- R. Wang, L. Xing, X. Wang, and S. Chen, “Unauthorized origin crossing on mobile platforms: Threats and mitigation,” in Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS’13, 2013.
- L. Wu, M. Grace, Y. Zhou, C. Wu, and X. Jiang, “The impact of vendor customizations on Android security,” in Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS’13, 2013.
- C.-C. Lin, H. Li, X. Zhou, and X. Wang, “Screenmilker: How to milk your Android screen for secrets,” in Proceedings of the 2014 Network and Distributed System Security Symposium, NDSS’14, 2014.
- C. Marforio, N. Karapanos, C. Soriente, K. Kostiainen, and S. Capkun, “Smartphones as practical and secure location verification tokens for payments,” in Proceedings of the 2014 Network and Distributed System Security Symposium, NDSS’14, 2014.
- M. Georgiev, S. Jana, and V. Shmatikov, “Breaking and fixing origin-based access control in hybrid web/mobile application frameworks,” in Proceedings of the 2014 Network and Distributed System Security Symposium, NDSS’14, 2014.
- S. Bugiel, L. Davi, A. Dmitrienko, T. Fischer, A.-R. Sadeghi, and B. Shastry, “Towards taming privilege-escalation attacks on Android,” in Proceedings of the 2012 Network and Distributed System Security Symposium, NDSS’12, 2012.
- Chunyi Peng, Chi-Yu Li, Hongyi Wang, Guan-Hua Tu, Songwu Lu, “Real Threats to Your Data Bills: Security Loopholes and Defenses in Mobile Data Charging,” ACM CCS 2014.
- Serge Egelman, Sakshi Jain, Rebecca S. Portnoff, Kerwell Liao, Sunny Consolvo, David Wagner, “Are You Ready to Lock?” ACM CCS 2014
- Qinggang Yue, Zhen Ling, Xinwen Fu, Benyuan Liu, Kui Ren, Wei Zhao, “Blind Recognition of Touched Keys on Mobile Devices” ACM CCS 2014
- Zhengyang Qu, Vaibhav Rastogi, Xinyi Zhang, Yan Chen, Tiantian Zhu, Zhong Chen “AutoCog: Measuring the Description-to-permission Fidelity in Android Applications” ACM CCS 2014
- Markus Miettinen, N. Asokan, Thien Duc Nguyen, Ahmad-Reza Sadeghi, Majid Sobhani, “Context-Based Zero-Interaction Pairing and Key Evolution for Advanced Personal Devices” ACM CCS 2014
- Q. A. Chen, Z. Qian, and M. Mao, “Peeking into your app without actually seeing it: UI state inference and novel Android attacks,” in Proceedings of the 2014 USENIX Security Symposium, SEC’14, 2014.
- Y. Song, G. Cho, S. Oh, H. Kim, J. H. Huh, “On the Effectiveness of Pattern Lock Strength Meters – Measuring the Strength of Real World Pattern Locks,” in Proceedings of the 2015 ACM SIG CHI.