Topic: Mobile OS Security & Privacy (BA/MA)
Title: Analysis of the security and privacy of GrapheneOS.
Related work:
Topic: Mobile Privacy (BA/MA)
Title: Application of search-based techniques for user data privacy guarantees in mobile apps.
Related work:
Internet of Things (overview)
If you are interested in IoT-related topics, below is a list of relevant papers you can take a look at.
- Finding Software Bugs in Embedded Devices
- FirmAE: Towards Large-Scale Emulation of IoT Firmware for Dynamic Analysis
- Snipuzz: Black-box Fuzzing of IoT Firmware via Message Snippet Inference
- Diane: Identifying Fuzzing Triggers in Apps to Generate Under-constrained Inputs for IoT Devices
- ARM-AFL: Coverage-Guided Fuzzing Framework for ARM-Based IoT Devices
- IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing
- ChirpOTLE: a framework for practical LoRaWAN security evaluation
- Z-Fuzzer: device-agnostic fuzzing of Zigbee protocol implementation
Malware analysis (overview)
If you are interested in malware-related topics, below is a list of relevant papers you can take a look at.
- The Droid is in the Details: Environment-aware Evasion of Android Sandboxes
- Evasive malware via identifier implanting
- Malware dynamic analysis evasion techniques: A survey
- Longitudinal Study of the Prevalence of Malware Evasive Techniques
- Scarecrow: Deactivating Evasive Malware via Its Own Evasive Logic
Mobile Privacy (overview)
If you are interested in privacy-related topics, below is a list of relevant papers you can take a look at.
- Hidden in plain sight: Obfuscated strings threatening your privacy
- Real-time analysis of privacy-(un) aware IoT applications
- Honeysuckle: Annotation-guided code generation of in-app privacy notices
- Finding Clues for Your Secrets: Semantics-Driven, Learning-Based Privacy Discovery in Mobile Apps
- Understanding worldwide private information collection on android
- Investigating user privacy in android ad libraries
Contact
Dr. Veelasha Moonsamy
Website: www.veelasha.org
Interested students are required to include their list of courses and grades (i.e. Leistungsübersicht), and a short description of their research interests in the email.