BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Talks.cam//talks.cam.ac.uk//
X-WR-CALNAME:Talks.cam
BEGIN:VEVENT
SUMMARY:Aurasium: Practical Policy Enforcement for Android Applications - 
 Rubin Xu (University of Cambridge)
DTSTART:20121009T151500Z
DTEND:20121009T161500Z
UID:TALK39449@talks.cam.ac.uk
CONTACT:Wei Ming Khoo
DESCRIPTION:With the increasing popularity and growing market share of Goo
 gle's mobile platform Android\, it has become the top target of latest mob
 ile malware. Previous work on Android security and privacy control produce
 d solutions that require modification to the operating system itself. This
  requires the user to root his phone to install custom firmware due to sof
 tware\, hardware\, and policy choices by Google\, the phone manufacturers\
 , and cellular providers. There is no guarantee that these solutions will 
 ever make their way to consumers unless Google implements them in the main
  Android OS source code repository.\n\nWe developed a novel approach named
  Aurasium that bypasses the need to change the firmware. We automatically 
 rewrite arbitrary apps by attaching interposition code to closely watch th
 e application's behaviour for security and privacy violations\, such as at
 tempts to retrieve a user's sensitive information\, send SMS covertly to p
 remium numbers\, or access malicious IP addresses. Aurasium can also detec
 t and prevent cases of privilege escalation attacks. Experiments show that
  we can apply Aurasium to a large corpus of benign and malicious applicati
 ons with over 99% success rate.
LOCATION:Lecture Theatre 2\, Computer Laboratory\, William Gates Building
END:VEVENT
END:VCALENDAR