If you do not see this message displayed properly, please click here


The Faculty of Informatics is pleased to announce a seminar given by Yanick Fratantonio



Securing Mobile Devices from Evasive Malware
Speaker: Yanick Fratantonio
University of California, Santa Barbara, USA
Date: Monday, June 12, 2017
Place: USI Lugano Campus, room SI-013, Informatics building (Via G. Buffi 13)
Time: 14:30-15:30



The official Google and Apple stores currently host millions of mobile apps, which are used by billions of users. In an ideal world, these users should be able to fully trust their devices and apps, and apps developers would focus on developing core features and functionality, without being concerned about introducing security vulnerabilities. I will start my talk by providing an overview of my research, which aims at bridging the gap between this ideal world and the world we currently live in, where sophisticated malware and vulnerabilities in benign apps pose severe security risks. I will then present two recent research projects related to one of the most problematic classes of malware, evasive malware, malicious software written with the specific intent of evading currently analysis systems, an aspect that makes its automatic detection an open research problem. First, I will present “trigger analysis,” a novel program analysis technique to identify logic bombs, malicious functionality that is triggered only when certain (often narrow) conditions are satisfied. Then, I will present a new, previously-unknown class of attacks that can abuse several features of a smartphone's UI: during the talk, I will show how these techniques are very powerful and stealthy even when attacking tech-savvy users, thus constituting a potential next step for evasive malware samples of the future.



Yanick Fratantonio is a Ph.D. candidate in Computer Science at the University of California, Santa Barbara, and he is soon going to join EURECOM as an Assistant Professor. His research focuses on mobile systems security and privacy. In particular, his work aims at keeping users of mobile devices safe, and it spans different areas of mobile security, such as malware detection, vulnerability analysis, characterization of emerging threats, and the development of novel practical protection mechanisms. In his free time, he enjoys playing and organizing Capture The Flag competitions with the Shellphish hacking team.


Host: Prof. Miroslaw Malek


Faculty of Informatics

Faculty of Informatics
Università della Svizzera italiana
Via Giuseppe Buffi 13
CH-6904 Lugano
Tel.: +41 (0)58 666 46 90
Fax: +41 (0)58 666 45 36
Email: decanato.inf@usi.ch
Web: www.inf.usi.ch
Twitter: @USI_INF


Segui USI@EXPO2015 su Twitter Segui USI@EXPO2015 su Facebook Segui USI@EXPO2015 su Linkedin Segui USI@EXPO2015 su YouTube