Mobile Device and App Security

From smartphones and tablets to wearable computers and handheld gaming consoles, mobile devices are pervasive in our personal lives, workplaces and classrooms.  Mobile devices are revolutionizing our lives, but threats to data, privacy, and identity posed by unsecured mobile devices are real, and include, according to the Department of Homeland Security, call interception and monitoring, user location tracking, attackers seeking financial gain through banking fraud, social engineering, ransomware, identity theft, or theft of the device, services, or any sensitive data. This puts at risk not just mobile device users, but the carriers themselves as well as other infrastructure providers.” [i]

Research on mobile device and application security spans the mobile technology ecosystem, including mobile application security, physical device security, network security and beyond.  Our researchers on are actively focusing in this area, creating thought leadership that will shape the future of mobile device and application security.

Below, meet UCI’s mobile device and application security researchers, and a selection of research completed and underway, at UCI today.

[i] DHS: Study on Mobile Device Security

Research Faculty​
Mohammad Al Faruque

Associate Professor of Electrical Engineering & Computer Science

Alfred Chen

Assistant Professor of Computer Science

Joshua Garcia

Assistant Professor of Informatics

Michael Goodrich

Chancellor's Professor of Computer Science

Sam Malek

Associate Professor of Informatics

Gene Tsudik
Gene Tsudik

Chancellor's Professor of Computer Science

Selected Research & Publications

Braden, S. Crane, L. Davi, M. Franz, P. Larsen, Ch. Liebchen, and A.-R. Sadeghi; Leakage-Resilient Layout Randomization for Mobile Devices;” in 2016 Network and Distributed System Security Symposium (NDSS 2016),San Diego, California; February 2016. (60 papers accepted out of 389 submissions = 15.4%)

Mahmoud HammadHamid Bagheri, Sam Malek:
DelDroid: An automated approach for determination and enforcement of least-privilege architecture in android. Journal of Systems and Software 149: 83-100(2019)

Hamid BagheriEunsuk Kang, Sam Malek, Daniel Jackson:
A formal approach for detection of security flaws in the android permission system. Formal Asp. Comput. 30(5): 525-544(2018)

Joshua GarciaMahmoud Hammad, Sam Malek:
Lightweight, Obfuscation-Resilient Detection and Family Identification of Android Malware. ACM Trans. Softw. Eng. Methodol.26(3): 11:1-11:29 (2018)

Mahmoud HammadJoshua Garcia, Sam Malek:
A large-scale empirical study on the effects of code obfuscations on Android apps and anti-malware products. ICSE 2018: 421-431

Joshua GarciaMahmoud Hammad, Sam Malek:
Lightweight, obfuscation-resilient detection and family identification of Android malware. ICSE 2018: 497

Alireza SadeghiReyhaneh JabbarvandNegar GhorbaniHamid Bagheri, Sam Malek:
A temporal permission analysis and enforcement framework for Android. ICSE 2018: 846-857

Hamid BagheriJianghao WangJarod Aerts, Sam Malek:
Efficient, Evolutionary Security Analysis of Interacting Android Apps.ICSME 2018: 357-368

Mahmoud HammadJoshua Garcia, Sam Malek:
Self-protection of Android systems from inter-component communication attacks. ASE 2018: 726-737

Alireza SadeghiHamid BagheriJoshua Garcia, Sam Malek:
A Taxonomy and Qualitative Comparison of Program Analysis Techniques for Security Assessment of Android Software. IEEE Trans. Software Eng. 43(6): 492-530 (2017)

Alireza SadeghiNaeem Esfahani, Sam Malek:
Mining mobile app markets for prioritization of security assessment effort. WAMA@ESEC/SIGSOFT FSE 2017: 1-7

Reyhaneh Jabbarvand, Sam Malek:
µDroid: an energy-aware mutation testing framework for Android.ESEC/SIGSOFT FSE 2017: 208-219

Alireza SadeghiReyhaneh Jabbarvand, Sam Malek:
PATDroid: permission-aware GUI testing of Android. ESEC/SIGSOFT FSE2017: 220-232

Joshua GarciaMahmoud HammadNegar Ghorbani, Sam Malek:
Automatic generation of inter-component communication exploits for Android applications. ESEC/SIGSOFT FSE 2017: 661-671

Bradley R. SchmerlJeff GennariAlireza SadeghiHamid Bagheri, Sam Malek, Javier CámaraDavid Garlan:
Architecture Modeling and Analysis of Security in Android Systems.ECSA 2016: 274-290