2011 Proceeding- General Chair:
- Xuxian Jiang,
- Program Chairs:
- Amiya Bhattacharya,
- Partha Dasgupta,
- William Enck
- Sponsor:
- sigsac
It is our great pleasure to welcome you to the First ACM Workshop on Security and Privacy in Smartphones and Mobile Devices -- SPSM'11, held in association with the 18th ACM Conference on Computer and Communications Security, October 17th, 2011 in Chicago, Illinois (USA).
The workshop was created to organize and foster discussion of security in the emerging area of smartphone and mobile device computing. As organizers of top security venues, we've observed an increasing number of submissions describing novel approaches to solving the challenges of this area. We hope that this workshop will provide a dedicated venue to discuss these challenges and promising approaches for future research directions.
The call for papers attracted 19 submissions from Canada, Europe, and the United States. The program committee accepted 9 papers that cover a variety of topics, including malware, application isolation, permission models, and the interaction of smartphones and the real world. We are especially pleased to have a keynote speech by Gustavo de los Reyes, an Executive Director of Technology Security at AT&T, on The Network as Mobility Security Platform. We hope that these proceedings will serve as a valuable reference for security researchers and developers.
Proceeding Downloads
The network as a mobility security platform
The network can be a powerful platform at the core of an advanced mobility security architecture. There are several unique benefits of using the network to provide security. Virtually all traffic - good and bad - traverses the network. Also, the network ...
A survey of mobile malware in the wild
Mobile malware is rapidly becoming a serious threat. In this paper, we survey the current state of mobile malware in the wild. We analyze the incentives behind 46 pieces of iOS, Android, and Symbian malware that spread in the wild from 2009 to 2011. We ...
Crowdroid: behavior-based malware detection system for Android
The sharp increase in the number of smartphones on the market, with the Android platform posed to becoming a market leader makes the need for malware analysis on this platform an urgent issue.
In this paper we capitalize on earlier approaches for ...
Location based power analysis to detect malicious code in smartphones
This paper proposes to exploit correlation between a user's location and power consumption pattern of his/her smartphone to detect the presence of malicious code in the smartphone. Based on the observation that user location plays an important role in ...
Delivering secure applications on commercial mobile devices: the case for bare metal hypervisors
A problem faced by security sensitive mobile applications is assurance of correct execution on a commercial device. Prior approaches typically address this problem by assuming a trusted operating system (OS) as part of their trusted computing base (TCB)...
L4Android: a generic operating system framework for secure smartphones
Smartphones became many people's primary means of communication. Emerging applications such as Near Field Communication require new levels of security that cannot be enforced by current smartphone operating systems. Therefore vendors resort to hardware ...
Practical and lightweight domain isolation on Android
In this paper, we introduce a security framework for practical and lightweight domain isolation on Android to mitigate unauthorized data access and communication among applications of different trust levels (e.g., private and corporate). We present the ...
Short paper: a look at smartphone permission models
Many smartphone operating systems implement strong sandboxing for 3rd party application software. As part of this sandboxing, they feature a permission system, which conveys to users what sensitive resources an application will access and allows users ...
Short paper: can your phone trust your friend selection?
In ad hoc communication, data packets are relayed over several hops before reaching their destination. Spontaneous communication requires that nodes trust each other as communication can be intentionally disturbed or privacy compromised by the ...
Securing electronic medical records using attribute-based encryption on mobile devices
- Joseph A. Akinyele,
- Matthew W. Pagano,
- Matthew D. Green,
- Christoph U. Lehmann,
- Zachary N.J. Peterson,
- Aviel D. Rubin
We provide a design and implementation of self-protecting electronic medical records (EMRs) using attribute-based encryption on mobile devices. Our system allows healthcare organizations to export EMRs to locations outside of their trust boundary. In ...
Security implications of Android: a closed system, open software mobile platform
Smartphones blur the boundaries between the traditional feature phone and a general purpose computer such as a laptop. The Android OS, from Google, was created to be an open alternative to fully closed platforms such as Apple's iOS or Microsoft's ...
