Tracing the Arc of Smartphone Application Security

The introduction of smart phones in the mid-2000s forever changed the way users interact with

data and computation– and through it prompted a renaissance of digital innovation. Yet, at the

same time, the architectures, applications and services that fostered this new reality

fundamentally altered the relationship between users and security and privacy. In this talk I

map the scientific community's evolving efforts over the last decade in evaluating smart phone

application security and privacy. I consider several key scientific questions and explore the

methods and tools used to answer them. Through this exposition, I show how our joint

understanding of adversary and industry practices have matured over time, and briefly consider

how these results have informed and shaped technical public policy in the United States. I

conclude with a discussion of the open problems and opportunities in mobile device security

and privacy.
Patrick McDaniel is a Distinguished Professor in the School of Electrical Engineering and Computer Science and Director of the Institute for Networking and Security Research at the Pennsylvania State University. Professor McDaniel is Fellow of the IEEE and ACM and program manager and lead scientist for the Army Research Laboratory's Cyber-Security Collaborative Research Alliance. Patrick’s research centrally focuses on a wide range of topics in security and technical public policy. Prior to joining Penn State in 2004, he was a senior research staff member at AT&T Labs-Research.