This year the students in the Senior Capstone course developed 34 apps either for industrial clients, for USC members, or for themselves. The technologies used were:
You can watch video demonstrations of all the apps, or come watch the live demos on Tuesday, April 30. We are also looking for clients for next year.
Mobile application ("app") repackaging is a severe threat to the flourishing mobile market and numerous users. 97% of the top paid Android apps and 87% of the iOS ones have been repackaged. Besides, it is one of the most common ways of propagating mobile malware. Existing countermeasures mostly detect repackaging based on app similarity measurement, which tends to be imprecise when obfuscations are applied to repackaged apps. Moreover, they rely on a centralized party, typically the hosting app store, to perform the detection, but many alternative app stores fail to commit proper effort to piracy detection. This research aims at an effective defense against app repackaging, and will result in substantial progress in tackling malware propagated via repackaged apps. It will help mitigate attacks such as ransomware or DDoS launched from repackaged apps. It will also help reduce the massive monetary loss of legitimate app developers. Industrial collaborations ensure rapidly translate scientific discovery and technical knowledge into beneficial commercial products. Educational resources from this project, including course modules on mobile security and malware detection, will be disseminated through a dedicated web site. This research will foster new research and education opportunities at University of South Carolina. Students from underrepresented groups will participate in the project. This research is to explore a decentralized scheme that adds repackaging detection capability into the app to be protected, such that the host devices are made use of to conduct detection when the app is running. The main challenge is how to protect the repackaging detection code from attacks. The team of research proposes a novel malware-inspired approach to handling the important mobile app repackaging problem. The team will explore a creative use of logic bombs, which are regularly used in malware: the trigger conditions are constructed to exploit the differences between the attacker and users (in terms of hardware, sensor values, and inputs), such that a bomb that lies dormant on the attacker side will be activated on the user side. The repackaging detection code, which is packed as the bomb payload, is executed only if the bomb is activated. (2) Unlike many conventional software tampering detection techniques that try to conceal the detection code, by leveraging various methods used in malware this design is non-stealthy, which means that the detection code is not hidden, yet still resilient to attacks. (3) The proposed system also aims to detect code tampering, which occurs when malicious code is inserted and hence implies extraordinary dangers. (4) The decentralized repackaging/tampering detection is proposed to be used for crowdsourced malware information collection to fight against malware propagation. (5) Finally, the team is to address how to prevent the proposed techniques from being abused by malware authors.
Dr. Jason O’Kane has received a grant award from the National Science Foundation for his research project titled "Planning Coordinated Event Observation for Structured Narratives ". This research studies how to direct a team of robots to obtain video footage to produce clips that trace a dramatic story arc. It is an examination of how such systems might achieve goals that people consider to be abstract or high-level. The video below explains some of their work, or read the article Could robots make a documentary about a 5K race?
During the past decade, middleware on mobile platforms (such as the Application Framework in Android and the Core Services layer in iOS) has been flourishing, but the insecurity analysis of such middleware has been lagging behind. For example, while comprehensive studies have been conducted at the application layer of the Android system, there is very limited work analyzing the Android Application Framework (Android Framework, for short), a middleware layer in the Android system. The two billion Android mobile devices and the many Android Things devices all rely on the system services provided by Android Framework. Recently, many vulnerabilities of Android Framework are exposed, showing that Android Framework is vulnerable and exploitable. Given the critical role of Android Framework, a vulnerability in the framework can be exploited to launch large-scale cyber attacks and cause serious harms to user security and privacy. However, the insecurity analysis of Android Framework has been rather ad hoc, imprecise, and requires much manual effort, mainly because there is a severe lack of techniques and tools developed for insecurity analysis of such middleware on mobile platforms (MoMP). This research project seeks to fill the gap by developing new techniques and tools for insecurity analysis of MoMP like Android Framework and consequently lead to more secure and trustworthy computing environments for the huge number of smartphone and Internet-of-Things (IoT) device users. Educational resources developed in this project, including course modules on mobile computing security and vulnerability discovery, will be disseminated through a dedicated web site. Collaborations with the industry will be sought to transfer the technology to interested software companies and government entities that perform insecurity analysis of MoMP.
The project will develop new architectural designs, algorithms and techniques for precise and automated insecurity analysis of MoMP. To make the research concrete, demonstrations will be created for the Android Framework for mobile smartphones, tablets and IoT devices, and the first platform for precise and automated insecurity analysis of Android Framework will be built, combining current software analysis techniques, such as symbolic execution, hybrid dynamic/static analysis, and cross-process and cross-layer software analysis, to make them capable of analyzing complex and large-sized MoMP like Android Framework. The platform will be evaluated and applied to discovering various types of zero-day vulnerabilities and generating proof-of-concept exploits.
We are happy to announce that our CyberSecurity@USC team won second place in last weekend's BSides Charleston Capture-the-Flag competition.
We would like to give well-deserved congratulations to the ACM Student team for winning 1st and 2nd place at the International Collegiate Programming Contest regionals held in the College of Charleston. The ICPC contest is sponsored by ACM National. It is an algorithmic programming contest similar to the code-a-thons our student chapter hosts, but with more difficult questions and much broader turnout.