Mobile Security Technologies (MoST) 2015

Thursday, May 21, 2015

The Fairmont Hotel, San Jose, CA

Mobile Security Technologies (MoST) brings together researchers, practitioners, policy makers, and hardware and software developers of mobile systems to explore the latest understanding and advances in the security and privacy for mobile devices, applications, and systems. (For full submission details, see the call for papers.)

Previous MoST Workshops: 2014 2013 2012

Preliminary Program

7:30-8:30 Breakfast
8:45-9:00 Opening Remarks
9:00-10:15 Session 1 (Session Chair: Hao Chen)

Graphical User Interface for Virtualized Mobile Handsets [Paper] [Slides]
Janis Danisevskis, Michael Peter, Jan Nordholz, Matthias Petschick, and Julian Vetter (Technische Universität Berlin)

Analyzing End-Users' Knowledge and Feelings Surrounding Smartphone Security and Privacy [Paper] [Slides]
Lydia Kraus, Tobias Fiebig, Viktor Miruchna, Sebastian Möller (Technische Universität Berlin), and Asaf Shabtai (Ben-Gurion University of the Negev)

A Security Analysis of Android Factory Resets [Paper] [Slides]
Laurent Simon and Ross Anderson (Cambridge University)

10:15-10:50 Mid-morning break
10:50-12:20 Session 2 (Session Chair: Yung Ryn Choe)

AppCracker: Widespread Vulnerabilities in User and Session Authentication in Mobile Apps [Paper] [Slides]
Fangda Cai, Hao Chen (ShanghaiTech University), Yuanyi Wu (Zhejiang Sci-Tech University), and Yuan Zhang (Fudan University)

Indirect File Leaks in Mobile Applications [Paper] [Slides]
Daoyuan Wu and Rocky K. C. Chang (Hong Kong Polytechnic University)

A Large-Scale Study of Mobile Web App Security* [Paper] [Slides]
Patrick Mutchler (Stanford University), Adam Doupe (Arizona State University), John Mitchell (Stanford University), Christopher Kruegel, and Giovanni Vigna (University of California, Santa Barbara)
* Recipient of the Best Paper Award

On the Need of Precise Inter-App ICC Classification for Detecting Android Malware Collusions [Paper] [Slides]
Karim Elish, Danfeng Yao, and Barbara Ryder (Virginia Tech)

12:20-13:30 Lunch
13:30-15:00 Keynote: Android Security Data and Research Directions

Speaker: Adrian Ludwig is the lead engineer for Android security at Google. In this role, he is responsible for the security of the Android platform and Google's applications and services for Android. Prior to joining Google, Adrian held technical leadership positions at Joyent, Adobe, Macromedia, @stake, and the National Security Agency. Adrian has a BA in Mathematics from Williams College and an MBA from the University of California, Berkeley.

15:00-15:40 Mid-afternoon break
15:40-16:55 Session 3 (Session Chair: Jonathan Crussell)

Static Detection and Automatic Exploitation of Intent Message Vulnerabilities in Android Applications [Paper] [Slides]
Daniele Gallingani (UIC - Polimi), Rigel Gjomemo, V.N. Venkatakrishnan (University of Illinois at Chicago), and Stefano Zanero (Politecnico di Milano)

PINPOINT: Efficient and Effective Resource Isolation for Mobile Security and Privacy [Paper] [Slides]
Paul Ratazzi, Ashok Bommisetti, Nian Ji, and Wenliang Du (Syracuse University)

Security Analysis of Consumer-Grade Anti-Theft Solutions Provided by Android Mobile Anti-Virus Apps [Paper] [Slides]
Laurent Simon and Ross Anderson (Cambridge University)

16:55-17:00 Closing Remarks

Workshop Co-Chairs

Program Chair

Program Committee