VU University of Amsterdam
Herbert Bos is professor of Security at VU University Amsterdam. He obtained his PhD from Cambridge University, and currently heads a group that works on System Security. In recent years, he received an ERC Starting Grant to work on reverse engineering and a VICI grant to work on techniques to detect vulnerabilities in binaries. He is an author of the Dutch National Cyber Security Research Agenda and the current PC chair of the RAID conference.
Presentation: Mobile Malware Analysis: Promising Directions and Stories to Scare the Kids
Herbert will discuss their work on dynamic malware analysis for Android. Specifically, he will describe TraceDroid: a scalable, automated framework for dynamic analysis of Android applications to detect suspicious, possibly malicious apps using a comprehensive method tracing scheme. Next, he will discuss some of the complex cases for any analysis framework, static or dynamic. In particular, he will describe their research into the problem of stealthy backdoors on Android and iOS devices with code that looks entirely benign, even upon manual inspection, but can be triggered to do anything an attacker does by providing it with the right input data. If time permits, he will discuss a new technique that makes infecting mobile phones as easy as infecting a browser on a desktop PC (literally), reducing two factor authentication using mobile phones to one factor authentication (and bringing users to tears).