Tracing the Arc of Smartphone Application Security
The introduction of smart phones in the mid-2000s forever changed the way users interact with data and computation--and through it prompted a renaissance of digital innovation. Yet, at the same time, the architectures, applications and services that fostered this new landscape fundamentally altered the relationship between users and security and privacy. In this talk I map the scientific community's evolving efforts over the last dozen years in evaluating smart phone application security and privacy. I consider several key scientific questions and explore the methods and tools used to answer them. Here I show how our joint understanding of adversary and industry practices have matured over time, and briefly consider how these results have informed and shaped technical public policy in the United States. I conclude with a discussion of the open problems and opportunities in mobile device security and privacy.
Patrick McDaniel is the William L. Weiss Professor of Information and Communications Technology and Director of the Institute for Networking and Security Research in the School of Electrical Engineering and Computer Science at the Pennsylvania State University. Professor McDaniel is also a Fellow of the IEEE and ACM and the director of the NSF Frontier Center for Trustworthy Machine Learning. He also served as the program manager and lead scientist for the Army Research Laboratory's Cyber-Security Collaborative Research Alliance from 2013 to 2018. Patrick's research centrally focuses on a wide range of topics in computer and network security and technical public policy. Prior to joining Penn State in 2004, he was a senior research staff member at AT&T Labs-Research.