Defense Event

Regulating and Securing the Interfaces Across Mobile Apps, OS and Users

Huan Feng

Friday, November 18, 2016
09:00am - 11:00am
3725 Beyster Bldg.

Add to Google Calendar

About the Event

During the past decade, we are moving swiftly towards a mobile-centered world. This thriving mobile ecosystem builds upon the interplay of three important parties: the mobile user, OS, and app. These parties interact via designated interfaces many of which are newly invented for or introduced to the mobile platform. Nevertheless, as these new ways of interactions arise in the mobile ecosystem, what is enabled by these communication interfaces often violates the expectations of the communicating parties. This shakes the foundation of the mobile ecosystem and results in significant security and privacy hazards. In this proposal, we aim to fill this gap by: 1.) securing the conversations between trusted parties, 2.) regulating the interactions between partially trusted parties, and 3.) defending the communications between untrusted parties. First, we deal with the case of two opposing parties, mobile OS and app, and analyze the Inter-Process Communication protocol (Binder) between them. We found that the OS is frequently making unrealistic assumptions on the validity (sanity) of transactions from apps, thus creating significant security hazards. We analyzed the root cause of this emerging attack surface and secured this interface by developing effective precautionary testing framework and runtime diagnostic tool. Then, we study the deficiency of how existing mobile user interact with app, a party he can only partially trust. We found that in the current mobile ecosystem, information about the same user in different apps can be easily shared and aggregated, which clearly violates the conditional trust mobile user has on each app. We address this issue by providing two complementary options: an OS-level extension that allows the user to track and control, during runtime, the potential flow of his information across apps; and a user-level solution that allows the users to maintain multiple isolated profiles for each app. Last, we elaborate on how to secure the voice interaction channel between two trusted parties, mobile user and OS. The open nature of the voice channel makes applications that depend on voice interactions, such as voice assistants, difficult to secure and exposed to various attacks. We solve this problem by proposing the first system that provides continuous and usable authentication for voice commands. It takes advantage of the neck-surface acceleration to filter only those commands that originate from the voice of the owner.

Additional Information

Sponsor(s): Prof. Kang G. Shin

Open to: Public