[PAST EVENT] Park Award candidate talks by Mario Linares Vasquez and Ed Novak, W&M

December 4, 2015
McGlothlin-Street Hall, Room 020
251 Jamestown Rd
Williamsburg, VA 23185Map this location
Colloquium talks on Friday, December 4th, 3pm

Park Award candidate talks by Mario Linares Vasquez and Ed Novak, W&M

First talk by Mario Linares Vasquez (20 minutes for presentation + 5 mins for questions): Optimizing Energy Consumption of GUIs in Android Apps: A Multi-objective Approach

Abstract for the first talk:

The wide diffusion of mobile devices has motivated research towards optimizing energy consumption of software systems including apps targeting such devices. Besides efforts aimed at dealing with various kinds of energy bugs and energy greedy APIs, the adoption of Organic Light-Emitting Diode (OLED) screens has motivated research towards reducing energy consumption by choosing an appropriate color palette. However, state-of-the art approaches produce solutions successfully reducing energy consumption with color palettes that are not as appealing as the original one, and in general, might deviate from the developers' choices and are not consistent across several GUIS in the same app.

We propose a multi-objective approach, namely GEMMA, for generating color compositions that reduce the energy consumption of GUIs in Android apps and are visually attractive at the same time. GEMMA combines power models, pixel-based engineering, color theory, dynamic analysis, and a multi-objective optimization techniques namely Non-dominated Sorting Genetic Algorithm (NSGA)-II to produce a Pareto-optimal set of design solutions (i.e., GUI color compositions) across three different objectives: (i) reducing energy consumption, (ii) increasing contrast, and (iii) improving the attractiveness of the chosen colors by keeping the palette close to the original one.

An empirical evaluation that we performed on 25 Android apps demonstrates not only significant improvements in terms of the three different objectives, but also confirmed that in most cases users still perceived the choices of colors as attractive. For several apps we interviewed the original developers, who in some cases expressed the intent to adopt the proposed choice of color palette, whereas in other cases pointed out directions for future improvements. Finally, we have implemented GEMMA as a distributed, cloud-based architecture, composed of (i) web clients from which the user can upload an app with screens that need to be optimized, (ii) processing nodes in which the APK is analyzed, the apps are executed over a pool of emulators using systematic exploration, and in which screens are optimized using the GEMMA's approach; and (iii) a NoSQL engine supporting asynchronous communication between clients and processing nodes.

Bio for Mario Linares Vasquez:

Mario Linares Vasquez is a Ph.D. candidate at William & Mary advised by Dr. Denys Poshyvanyk. He received his B.S. in Systems Engineering from Universidad Nacional de Colombia in 2005, and his M.S. in Systems Engineering and Computing from Universidad Nacional de Colombia in 2009. His research interests include mobile development, software evolution and maintenance, software architecture, mining software repositories, and application of data mining and machine learning techniques to support software engineering tasks.

Second talk by Ed Novak (20 minutes for presentation + 5 mins for questions): Physical Media Covert Channels on Smart Mobile Devices

Abstract for the second talk:

In recent years mobile smart devices such as tablets and smartphones have exploded in popularity. We are now in a world of ubiquitous smart devices that people rely on daily and carry everywhere. This is a fundamental shift for computing in two ways. Firstly, users increasingly place unprecedented amounts of sensitive information on these devices, which paints a precarious picture. Secondly, these devices commonly carry many physical world interfaces such as cameras, vibration motors, accelerometers, gyroscopes, etc.

In this paper, we propose a new category of covert channels we dub "physical media covert channels" which use physical media or "real-world" sensors, such as the camera and flash, or the vibration motor and accelerometer, to transmit information. We design and build five example physical media covert channels to show they are plentiful on typical smart mobile devices, and that they possess different strengths such as speed, and stealth. We go on to show how these physical media covert channels can be used to circumvent both current, widely deployed application information sand-boxing mechanisms, as well as state-of-the-art defense mechanisms that are presented in recent literature, such as taint-tracking analysis.

We use our physical media covert channels to construct trojan style malware, which leaks sensitive user information to an attacker controlled host machine, over the Internet. Because our novel covert channels are used in our malware, it is highly stealthy; no current defense scheme is robust enough to adequately protect the user's data. This malware allows the attacker to learn information such as the user's home address, personal banking information, passwords, or sensitive conversations and therefore launch a range of attacks.

It is our hope that by presenting these potentially highly dangerous attacks, we can spur innovation and future research on proper defense schemes. In line with this goal, we propose a simple defense mechanism, which balances security with usability to stop these attacks. We evaluate this defense mechanism, showing it has low overhead, as well as our five example physical media covert channels to show speeds as high as 3.7kbps in the best case.

Bio for Ed Novak:

Ed Novak is a sixth year graduate student pursing a Ph.D. in computer science at William & Mary. Advised by Dr Qun Li, he plans on graduating in August of 2016 and is currently seeking employment for tenure-track positions in academia. His research interests include cybersecurity and privacy on smart mobile devices and he recently won the award "Honorable Mention for Best Paper," for his submission at Ubicomp 2016. He received his M.S. in computer science from William & Mary in 2012 and his B.A. in computer science from Monmouth College in 2010.