2:00 pm - 2:15 pm
Welcome & Opening
Alessandro Armando (Head of the CSecLab and head of the Security and Trust Unit, FBK. Trento)
Schedule: 2:15 pm - 3 pm
Title: Enforcing BYOD policies on Android Devices
Abstract: Mobile security is a hot research topic. Yet most of available techniques focus on securing individual applications and therefore cannot possibly tackle security weaknesses stemming from the combined use of one or more applications (e.g. confused deputy attacks). Preventing these types of attacks is crucial in many important application scenarios. For instance, their prevention is a prerequisite for the wi-despread adoption of the BYOD paradigm in the corporate setting. To this aim, in this talk we present a secure meta-market which supports the specification and enforcement of security policies spanning multiple applications. Moreover, the meta-market keeps track of the security state of devices and— through a functional combination of static analysis and code instrumentation techniques—supervises the installation of new applications thereby ensuring the enforcement of the security policies. Also, we discuss a prototype implementation of the secure meta-market and we used it for validating a wide range of popular Android applications against a security policy drawn from the US Government BYOD Security Guidelines. Experimental results obtained by running the prototype confirm the effectiveness of the approach.
Costa and Alessio Merlo
(Assistants Professor at DIBRIS - University of Genoa)
Schedule: 3 pm - 3:45 pm
Title: Trusted Execution Enviroments on mobile devices: a security perspective
Abstract: A Trusted Execution Environment (TEE) is a secure processing environment isolated from the "normal" environment of the operating system and applications. In the last years, mobile manufacturers have started to include hardware-based TEEs into mobile devices and today a wide range of smartphones and tablets contains a TEE. In this talk, we introduce the concept of a Trusted Execution Environment and then we focus on the security features provided by mobile TEEs.
We also discuss current TEE implementations, like ARM TrustZone, and their influence on the security of real use cases. Furthermore we sketch research activities on TEEs, identifing open problems for the near future.
(Ph.D. Student at DIBRIS)
Schedule: 3:45 pm - 4:30 pm
Title: Leveraging the Scale of Cyber Crime to Fight Malware Operations
Abstract: Malware is becoming a threat not only for traditional desktop computers, but also for mobile phones and Internet of Things (IoT) devices. Cyber criminals infect their victims by luring them into visiting a malicious web page, and have them join a botnet, which is a network of compromised hosts under their control. Miscreants then order their botnet to carry out malicious activity such as sending spam, stealing their owner's personal information, or performing denial of service attacks.
In this talk, I provide an overview of our efforts in fighting and disrupting botnets. First, I show that it is possible to leverage the complex network of servers that cybercriminals use to hide their malicious web pages to perform detection, and identify web pages serving malware before victims are infected. Then, I present two techniques to detect compromised devices that act under the control of the same botnet.
Since they are difficult for cyber criminals to circumvent, these techniques constitute important steps forward in the war between security researchers and miscreants.
(Assistant Professor at University College London)
Schedule: 4:30 pm - 5:15 pm
Title: Denial of Service Attacks to GSM and UMTS Networks Using SIM-Less Devices
Abstract: One of the fundamental security elements in cellular networks is the authentication procedure performed by means of the Subscriber Identity Module that is required to grant access to network services and hence protect the network from unauthorized usage. Nonetheless, a novel kind of denial of service attacks based on properly crafted SIM-less devices can be performed. Such attacks do not require any kind of user authentication and by exploiting specific features and performance bottlenecks of the GSM/UMTS network attachment process, they are potentially capable of introducing significant service degradation up to complete disruption of large sections of the cellular network coverage. In depth knowledge of this kind of attack may be beneficial to the process of strengthening both network applications and network equipment.
|Alessio Merlo (Assistant
Professor at DIBRIS) and Mauro
Migliardi (Associate Professor at
University of Padua)
Schedule: 5:15 pm - 6:00 pm
Discussion & Closing Remarks
Moderator: Alessandro Armando (Head of the CSecLab and head of the Security and Trust Unit, FBK. Trento)