Forum for Science, Industry and Business

Sponsored by:     3M 
Search our Site:

 

Cebit 2015: Find out what your apps are really doing

10.03.2015

These tiny programs on Internet-connected mobile phones are increasingly becoming entryways for surveillance and fraud. Computer scientists from the center for IT-Security, Privacy and Privacy, CISPA, have developed a program that can show users whether the apps on their smartphone are accessing private information, and what they do with that data. This year, the researchers will present an improved version of their system again at the CeBIT computer fair in Hanover (Hall 9, Booth E13).

RiskIQ, an IT security-software company, recently examined 350,000 apps that offer monetary transactions, and found more than 40,000 of these specialized programs to be little more than scams. Employees had downloaded the apps from around 90 recognized app store websites worldwide, and analyzed them.


The software from Saarland University uncovers data theft on mobile devices.

Credit: Oliver Dietze

They discovered that a total of eleven percent of these apps contained malicious executable functions – they could read along personal messages, or remove password protections. And all this would typically take place unnoticed by the user.

Computer scientists from Saarbrücken have now developed a software system that allows users to detect malicious apps at an early stage. This is achieved by scanning the program code, with an emphasis on those parts where the respective app is accessing or transmitting personal information. The monitoring software will detect whether a data request is related to the subsequent transmission of data, and will flag the code sequence in question as suspicious accordingly.

“Imagine your address book is read out, and hundreds of lines of code later, without you noticing, your phone will send your contacts to an unknown website,” Erik Derr says. Derr is a PhD student at the Graduate School for Computer Science at Saarland University, and a researcher at the Saarbrücken Research Center for IT Security, CISPA. An important feature of the software he developed is its ability to monitor precisely which websites an app is accessing, or which phone number a text message was sent to.

To conclusively detect these functional relationships between the data source and the recipient, the researchers use contemporary methods of information flow analysis. They set their program up in advance with a list of suspicious code combinations that access programming interfaces, so that it would learn to differentiate between “good” and “evil” apps, and additionally fed it with details of currently known attacks. “So it can be helpful, for instance, to know the telephone numbers of these expensive premium services. Say one of these numbers is dialed without the consent of the user, then the fraud is obvious,” Derr explains.

Since his method is computationally demanding and also requires a lot of memory space, the software is run on a dedicated server. “It takes our software an average of 25 minutes per app,” Derr says. So far, his research team has tested around 23,000 apps in this manner. And of course, consumers will benefit most from this approach. “The app could be analyzed on our server, and the results would be displayed on your smartphone. Or ideally, the evaluation process could be integrated directly into the app store websites,” explains Derr. This is one of the reasons the Saarbrücken researchers are already discussing the issue with US online retail company Amazon. “But Google would certainly be an option as well,”, says Derr.

Background Information on Computer Science in Saarbrücken
The Department of Computer Science represents the center of computer science research in Saarbrücken. Seven other internationally renowned research institutes are nearby: The Max Planck Institutes for Informatics and for Software Systems, the German Research Center for Artificial Intelligence (DFKI), the Center for Bioinformatics, the Intel Visual Computing Institute, the Center for IT Security, Privacy and Accountability (CISPA), and the Cluster of Excellence “Multimodal Computing and Interaction”.

Media Inquiries:
Erik Derr
Center For IT Security, Privacy and Accountability CISPA
Phone: +49 681 302 57368
Email: derr(at)cs.uni-saarland.de

Editor:
Gordon Bolduan
Science Communication
Competence Center Computer Science Saarland
Phone: +49 681 302-70741
Email: bolduan(at)mmci.uni-saarland.de

Information for Radio Journalists: Phone interviews with Saarland University scientists can be conducted in studio quality using the Radio Codec (via direct-dial IP connection, or the ARD Sternpunkt 106813020001). Interview requests can be made via our press department (+49 681 302-2601).

Melanie Löw | Universität des Saarlandes
Further information:
http://www.uni-saarland.de

More articles from Trade Fair News:

nachricht Medica 2017: New software enables early diagnosis of arteriosclerosis
06.11.2017 | Technische Universität Kaiserslautern

nachricht Support Free with “TwoCure” – Innovation in Resin-Based 3D Printing
02.11.2017 | Fraunhofer-Institut für Lasertechnik ILT

All articles from Trade Fair News >>>

The most recent press releases about innovation >>>

Die letzten 5 Focus-News des innovations-reports im Überblick:

Im Focus: A “cosmic snake” reveals the structure of remote galaxies

The formation of stars in distant galaxies is still largely unexplored. For the first time, astron-omers at the University of Geneva have now been able to closely observe a star system six billion light-years away. In doing so, they are confirming earlier simulations made by the University of Zurich. One special effect is made possible by the multiple reflections of images that run through the cosmos like a snake.

Today, astronomers have a pretty accurate idea of how stars were formed in the recent cosmic past. But do these laws also apply to older galaxies? For around a...

Im Focus: Visual intelligence is not the same as IQ

Just because someone is smart and well-motivated doesn't mean he or she can learn the visual skills needed to excel at tasks like matching fingerprints, interpreting medical X-rays, keeping track of aircraft on radar displays or forensic face matching.

That is the implication of a new study which shows for the first time that there is a broad range of differences in people's visual ability and that these...

Im Focus: Novel Nano-CT device creates high-resolution 3D-X-rays of tiny velvet worm legs

Computer Tomography (CT) is a standard procedure in hospitals, but so far, the technology has not been suitable for imaging extremely small objects. In PNAS, a team from the Technical University of Munich (TUM) describes a Nano-CT device that creates three-dimensional x-ray images at resolutions up to 100 nanometers. The first test application: Together with colleagues from the University of Kassel and Helmholtz-Zentrum Geesthacht the researchers analyzed the locomotory system of a velvet worm.

During a CT analysis, the object under investigation is x-rayed and a detector measures the respective amount of radiation absorbed from various angles....

Im Focus: Researchers Develop Data Bus for Quantum Computer

The quantum world is fragile; error correction codes are needed to protect the information stored in a quantum object from the deteriorating effects of noise. Quantum physicists in Innsbruck have developed a protocol to pass quantum information between differently encoded building blocks of a future quantum computer, such as processors and memories. Scientists may use this protocol in the future to build a data bus for quantum computers. The researchers have published their work in the journal Nature Communications.

Future quantum computers will be able to solve problems where conventional computers fail today. We are still far away from any large-scale implementation,...

Im Focus: Wrinkles give heat a jolt in pillared graphene

Rice University researchers test 3-D carbon nanostructures' thermal transport abilities

Pillared graphene would transfer heat better if the theoretical material had a few asymmetric junctions that caused wrinkles, according to Rice University...

All Focus news of the innovation-report >>>

Anzeige

Anzeige

Event News

Ecology Across Borders: International conference brings together 1,500 ecologists

15.11.2017 | Event News

Road into laboratory: Users discuss biaxial fatigue-testing for car and truck wheel

15.11.2017 | Event News

#Berlin5GWeek: The right network for Industry 4.0

30.10.2017 | Event News

 
Latest News

NASA detects solar flare pulses at Sun and Earth

17.11.2017 | Physics and Astronomy

NIST scientists discover how to switch liver cancer cell growth from 2-D to 3-D structures

17.11.2017 | Health and Medicine

The importance of biodiversity in forests could increase due to climate change

17.11.2017 | Studies and Analyses

VideoLinks
B2B-VideoLinks
More VideoLinks >>>