Today, we look back on our 2014 MoST Conference. This was held on May 17th, 2014 at The Fairmont Hotel in California. Let us explore the wisdom we managed to collect that day. Like the MoST conference the year before, our goal remains the same. We always aim to gather policy makers, hardware and software developers and provide a space to positively explore the advancements that mobile security has achieved in the past year.
Unlike previous years, the program did not start with the keynote speaker. Instead, the session focusing on Contextual Authentication and Privacy came first. In this session, there was quite an interesting paper submitted by students from the University of Massachusetts Amherst. It was entitled “Location Privacy without Carrier Cooperation”. It discussed how there was a need to preserve a phone user’s privacy from cellular network providers.
It was interesting in the sense that it brought emphasis to the fact that network providers could track the location of cell users as they make use of their devices. It relied on the signals being transmitted from the phone towards different towers and back. Most mobile device users were not fully aware of the dangers of this.
The session that followed was all about Protection. A presentation was given by University of Waterloo students entitled “Two Novel Defenses against Motion-Based Keystroke Inference Attacks”. Their paper discussed how while certain sensors in phones gather information to provide their users with better functionality, it also carried a risk of potentially leaking the user’s private information. Malicious apps that can be installed by an unsuspecting user can specifically target the accelerometer and gyroscope data of mobile devices. The students discussed methods in which to defend against keystroke attacks using IPS or network/bandwidth analysis tools.
These are the sort of discussions that we welcome wholeheartedly. Their experiments could unlock better ways to providing users with a boost in their mobile security.
At this point in time, smartphone users were consistently being targeted. The greatest commodity that attackers want is end user identity. Identity theft is an ever growing concern and people should fully be aware about it.
2014’s keynote speaker was Dawn Song. Her research primarily lies in security and privacy issues in computer systems and networks. At this point in time, she was an Associate Professor of Computer Science at UC Berkeley. She gave a talk entitled “Ask us before you download: Lessons from Analyzing 3 Million Android Apps”. She brought up the fact that there are apps out there that may look and seem innocuous but do in fact, have malware buried deep in their coding. The more common applications to have these are games apps and fake social media apps. Mimic apps have also seen a rise in 2014.
This is an issue that we still see today. Researchers continue to find more and more malware-infested applications in Google Play. It is refreshing to realize that issues such as these were already being discussed in 2014. Hindsight is truly a good way to appreciate discourse achievementRead More