Session Title | Safety and Security of Interactions between Applications
Emergent software ecosystems, boomed by the advent of smartphones and the Internet of Things (IoT) platforms, are perpetually sophisticated, deployed into highly dynamic environments, and facilitating interactions across heterogeneous domains. Accordingly, assessing the security of these interactions thereof is a pressing need, yet requires high levels of scalability and reliability to handle the dynamism involved in such volatile ecosystems. In this talk, I will present two approaches for detecting unsafe interactions between applications: (1) DINA a hybrid analysis approach for detecting vulnerable interactions between Android applications that leverage dynamic programming features for concealing the interactions; (2) IoTCOM a formal analysis approach for identifying unsafe interactions between smart home applications by considering physical and cyber channels. I will show how the proposed detection mechanisms can efficiently and effectively detect vulnerabilities in contemporary software platforms.
Mohannad Alhanahnah is a postdoctoral researcher at the University of Wisconsin-Madison working on software debloating. Mohannad's research interests revolve around leveraging program analysis techniques for assessing and boosting applications security. Mohannad completed his PhD in Computer Engineering at the University of Nebraska-Lincoln and obtained his MSc in Computer Security from the University of Kent. Mohannad worked as a researcher at iTrust lab at the Singapore University of Technology and Design and contributed to the development of Internet of Things Automatic Security Testbed. Mohannad worked also at Eindhoven University of Technology where he contributed to the EU project AU2EU, which aims to foster the adoption of security and privacy-by-design technologies. Mohannad received ACM SIGSOFT distinguished paper award and (ISC)2 graduate scholarship.