报告时间：8月15日（星期一）14:40 - 15:20
Xiapu Luo is an associate professor in the Department of Computing, The Hong Kong Polytechnic University. His research focuses on Mobile/IoT security and privacy, Blockchain/smart contracts, Network/Web Security and Privacy, Software Engineering and Internet Measurement with papers published in top security/software engineering/system/networking conferences and journals. His research led to night best/distinguished paper awards, including ACM SIGSOFT Distinguished Paper Award in ISSTA'22, ACM SIGSOFT Distinguished Paper Award in ICSE'21, Best Paper Award in INFOCOM'18, Best Research Paper Award in ISSRE'16, etc. and several awards from the industry. He regularly serves in the program committee of top security conferences and is an editor of IEEE/ACM Transactions on Networking.
报告题目: Revisiting Private Information Leakage via Intent and Traffic
It is well known private information in Android apps can be directly obtained by abusing the Intent mechanism and be inferred by analyzing their network traffic. In this talk, we will report two new observations. First, we uncover that there is a previously unknown attack surface in Android framework that can be exploited by unauthorized apps to violate the access control. Second, we found that it is possible to identify method-level fine-grained user action of Android apps by combining the analysis of apps and their network traffic.