Home > Seminars > Soteris Demetriou - Security and Privacy Challenges in User-Facing, Complex, Interconnected Environments

Soteris Demetriou - Security and Privacy Challenges in User-Facing, Complex, Interconnected Environments

Start:

3/8/2018 at 3:30PM

End:

3/8/2018 at 4:30PM

Location:

126 DeBartolo

Host:

College of Engineering close button
headerbottom

Aaron Striegel

Aaron  Striegel

VIEW FULL PROFILE Email: striegel@nd.edu
Phone: 574-631-6896
Website: http://sites.nd.edu/aaron-striegel
Office: 384C Fitzpatrick

Affiliations

Department of Computer Science and Engineering Associate Professor and Associate Department Chair
Wireless Institute Executive Committee
College of Engineering Associate Professor
Computer Networking Computer Security Human Computer Interfacing
Click for more information about Aaron
574-631-6896
Add to calendar:
iCal vCal
In contrast with traditional ubiquitous computing, mobile devices are now user-facing, more complex and interconnected. Thus they introduce new attack surfaces which can result in severe private information leakage. Due to the rapid adoption of smart devices, there is an urgent need to address emerging security and privacy challenges to help realize the vision of a secure, smarter and personalized world.
 
In this talk, I will focus on the smartphone and its role in smart environments. First I will show how the smartphone’s complexity allows third-party applications and advertising networks to perform inference attacks and compromise user confidentiality. Further, I will demonstrate how combining techniques from both systems and data sciences can help us build tools to detect such leakage. Second, I will show how a weak mobile application adversary can exploit vulnerabilities hidden in the interplay between smartphones and smart devices. I will then describe how we can leverage both strong mandatory access control and flexible user-driven access control to design practical and robust systems to mitigate such threats. I will conclude, by discussing how in the future I want to enable a trustworthy Internet of Things, focusing not only on strengthening smartphones, but also emerging intelligent platforms and environments (e.g. automobiles, smart buildings/cities), and new user interaction modalities in IoT (acoustic signals).

In contrast with traditional ubiquitous computing, mobile devices are now user-facing, more complex and interconnected. Thus they introduce new attack surfaces which can result in severe private information leakage. Due to the rapid adoption of smart devices, there is an urgent need to address emerging security and privacy challenges to help realize the vision of a secure, smarter and personalized world. In this talk, I will focus on the smartphone and its role in smart environments. First I will show how the smartphone’s complexity allows third-party applications and advertising networks to perform inference attacks and compromise user confidentiality. Further, I will demonstrate how combining techniques from both systems and data sciences can help us build tools to detect such leakage. Second, I will show how a weak mobile application adversary can exploit vulnerabilities hidden in the interplay between smartphones and smart devices. I will then describe how we can leverage both strong mandatory access control and flexible user-driven access control to design practical and robust systems to mitigate such threats. I will conclude, by discussing how in the future I want to enable a trustworthy Internet of Things, focusing not only on strengthening smartphones, but also emerging intelligent platforms and environments (e.g. automobiles, smart buildings/cities), and new user interaction modalities in IoT (acoustic signals).

Seminar Speaker:

Soteris Demetriou

Soteris Demetriou

University of Illinois at Urbana-Champaign

Soteris Demetriou is a Ph.D. Candidate in Computer Science at the University of Illinois at Urbana-Champaign. His research interests lie at the intersection of mobile systems and, security and privacy, with a current focus on smartphones and IoT environments. He discovered side-channels in the virtual process filesystem (procfs) of the Linux kernel that can be exploited by malicious applications running on Android devices; he built Pluto, an open-source tool for detection of sensitive user information collected by mobile apps; he designed security enhancements for the Android OS which enable mandatory and discretionary access control for external devices. His work incited security additions in the popular Android operating system and is recognized by awards bestowed by Samsung Research America and Hewlett-Packard Enterprise. Soteris is a recipient of the Fulbright Scholarship, and in 2017 was selected by the Heidelberg Laureate Forum as one of the 200 most promising young researchers in the fields of mathematics and computer science.