Mobile Security Technologies (MoST) 2014

The MoST 2015 site is now hosted by IEEE, please check there for future workshops.

Saturday, May 17, 2014
The Fairmont Hotel, San Jose, CA

Mobile Security Technologies (MoST) brings together researchers, practitioners, policy makers, and hardware and software developers of mobile systems to explore the latest understanding and advances in the security and privacy for mobile devices, applications, and systems. (For full submission details, see the call for papers.)

Previous MoST Workshop:  2013  2012

Preliminary Program

7:30–8:30 Breakfast
8:45–9:00 Opening Remarks
9:00–10:15 Session 1: Contextual Authentication and Privacy (Session Chair: Hao Chen)

Data Driven Authentication: On the Effectiveness of User Behaviour Modelling with Mobile Device Sensors [Paper] [Slides]
Gunes Kayacik, Mike Just, Lynne Baillie (Glasgow Caledonian University), David Aspinall (University of Edinburgh) and Nicholas Micallef (Glasgow Caledonian University)

Differentially Private Location Privacy in Practice [Paper] [Slides]
Vincent Primault, Sonia Ben Mokhtar (LIRIS / Université de Lyon), Cédric Lauradoux (INRIA) and Lionel Brunie (LIRIS / Université de Lyon)

Location Privacy without Carrier Cooperation [Paper] [Slides]
Keen Sung, Brian Neil Levine and Marc Liberatore (University of Massachusetts Amherst)

10:15–10:45 Coffee Break
10:45–12:00 Session 2: Protection (Session Chair: Rajarshi Gupta)

An Application Package Configuration Approach to Mitigating Android SSL Vulnerabilities [Paper] [Slides]
Vasant Tendulkar and William Enck (North Carolina State University)

Two Novel Defenses against Motion-Based Keystroke Inference Attacks [Paper] [Slides]
Yihang Song, Madhur Kukreti, Rahul Rawat and Urs Hengartner (University of Waterloo)

Sprobes: Enforcing Kernel Code Integrity on the TrustZone Architecture [Paper] [Slides]
Xinyang Ge, Hayawardh Vijayakumar and Trent Jaeger (The Pennsylvania State University)

12:00–1:15 Lunch
1:15–2:30 Keynote: Ask us before you download: Lessons from Analyzing 3 Million Android Apps

Speaker: Dawn Song is an Associate Professor of Computer Science at UC Berkeley. Prior to joining UC Berkeley, she was an Assistant Professor at Carnegie Mellon University from 2002 to 2007. Her research interest lies in security and privacy issues in computer systems and networks, including areas ranging from software security, networking security, database security, distributed systems security, to applied cryptography. She is the recipient of various awards including the MacArthur Fellowship, the Guggenheim Fellowship, the NSF CAREER Award, the Alfred P. Sloan Research Fellowship, the MIT Technology Review TR-35 Award, the IBM Faculty Award, the George Tallman Ladd Research Award, the Okawa Foundation Research Award, the Li Ka Shing Foundation Women in Science Distinguished Lecture Series Award, and Best Paper Awards from top conferences. She founded Ensighta Security Inc. which was acquired by FireEye. She is currently Fellow at FireEye.

2:30–3:00 Coffee Break
3:00–5:20 Session 3: Analysis and Insights (Session Chair: Mihai Christodorescu)

Enter Sandbox: Android Sandbox Comparison [Paper] [Slides]
Sebastian Neuner (SBA Research), Victor van der Veen (VU University Amsterdam), Martina Lindorfer (Vienna University of Technology), Markus Huber, Georg Merzdovnik, Martin Mulazzani and Edgar Weippl (SBA Research)

Andlantis: Large-scale Android Dynamic Analysis [Paper] [Slides]
Michael Bierma (Sandia National Laboratories), Eric Gustafson (University of California, Davis), Jeremy Erickson, David Fritz and Yung Ryn Choe (Sandia National Laboratories)

A Systematic Security Evaluation of Android's Multi-User Framework [Paper] [Slides]
Paul Ratazzi, Yousra Aafer, Amit Ahlawat, Hao Hao, Yifei Wang and Wenliang Du (Syracuse University)

A First Look at Firefox OS Security [Paper] [Slides]
Daniel Defreez (University of California, Davis), Bhargava Shastry (Technische Universität Berlin), Hao Chen (University of California, Davis) and Jean-Pierre Seifert (Technische Universität Berlin)

Code Injection Attacks on HTML5-based Mobile Apps [Paper] [Slides]
Xing Jin, Tongbo Luo, Derek G. Tsui and Wenliang Du (Syracuse University)

5:20– Schmoozing

Workshop Co-Chairs

Hao Chen (University of California, Davis)
Larry Koved (IBM Research)

Program Chair

Kapil Singh (IBM Research)

Program Committee

Kevin Butler (University of Oregon)
Hao Chen (University of California, Davis)
William Enck (North Carolina State University)
Adrienne Porter Felt (Google)
Rajarshi Gupta (Qualcomm Research Silicon Valley)
Markus Jakobsson (Qualcomm Research Silicon Valley)
Jaeyeon Jung (Microsoft Research)
Larry Koved (IBM Research)
Zhichun Li (NEC Research Labs)
Long Lu (Stony Brook University)
Adrian Ludwig (Google)
David Wagner (University of California, Berkeley)