ACE Seminar: Security and Privacy Issues due to Android Intents

Speaker: Prof. Dr. Christian Hammer

Date/Time: 18-Jul-2019, 16:00 UTC

Venue: Roberts 309

Details

Abstract

Android components communicate via message-passing through Intents. Intents can be transmitted to the system or to components in the same or different applications, thus—depending on the specification of the receiver—may intentionally or benignly transmit sensitive information to a component that is not entrusted by the user to handle such information. Apart from that, Intents can be transmitted to another component for later execution with the identity and permissions of the creator, potentially leading to privilege escalation attacks. This talk presents our static analyses that investigate the potential communication behavior of app components to determine potential security or privacy violations, and reports on the violations encountered during our experiments with realistic applications from the Google app store.

Bio

My main research interests lie at the borderline between programming languages and software engineering. My expertise includes both static and dynamic program analyses, in particular program slicing, language-based security, information flow and concurrency. I’ve been working intensively with concurrent, object-oriented, as well as functional and scripting languages. Specialties: static and dynamic program analyses, program slicing, security, information flow, concurrency, programming languages and paradigms, scripting languages

Add to Calendar

This page was last modified on 27 Mar 2014.