3月26日(周一)下午2:15,在我院生物电子学国家重点实验室(逸夫科技馆)三楼会议室召开“陈浩客座教授聘任会”,浦副校长前来参加。仪式后陈浩教授报告:Android智能手机的使用安全
欢迎老师和同学们参加。
陈浩是加州大学戴维斯分校副教授,我校聘任的客座教授。陈浩是我们的杰出校友,在我校生医学院获得学士和硕士学位,在加州伯克利大学获得博士学位。研究方向为计算机安全,无线通信、智能手机和网络安全。他获得2007年“美国自然科学基金会事业奖”,2010年“加州大学戴维斯分校工学院优秀教师奖”。他所取得成果得到美国平面媒体和广播媒体,例如《纽约时报》等的宣传。
学术报告简介
Improving Security and Privacy of Android Ad Libraries
Recent years have witnessed incredible growth in the popularity andprevalence of smart phones and their application markets. Mobile applications may have a direct purchasing cost or be free butad-supported. Unlike in- bowser ads, the security and privacy implications of ads in Android applications have not been thoroughly explored. We compare the similarities and differences of in-browser ads and in-app ads. We examine the effect on user privacy of popular Android ad providers by reviewing their use of permissions. Worryingly, several ad libraries take advantage of permissions beyond the required and optional ones listed in their documentation, including dangerous permissions like camera, write calendar, and write contacts. Further, we discover the insecure use of Android's JavaScript extension mechanism in several ad libraries. We show that users can be tracked by a network sniffer across ad providers and by an ad provider across applications. Finally, we discuss several possible solutions to the privacy issues identified above.