Towards Modular and Flexible Access Control on Smart Mobile Devices

Smart mobile devices, such as smartphones and tablets, have become an integral part of our daily personal and professional lives. These devices are connected to a wide variety of Internet services and host a vast amount of applications, which access, store and process security- and privacy-sensitive data. A rich set of sensors, ranging from microphones and cameras to location and acceleration sensors, allows these applications and their back end services to reason about user behavior. Further, enterprise administrators integrate smart mobile devices into their IT infrastructures to enable comfortable work on the go. Unsurprisingly, this abundance of available high-quality information has made smart mobile devices an interesting target for attackers, and the number of malicious and privacy-intrusive applications has steadily been rising. Detection and mitigation of such malicious behavior are in focus of mobile security research today. In particular, the Android operating system has received special attention by both academia and industry due to its popularity and open-source character. Related work has scrutinized its security architecture, analyzed attack vectors and vulnerabilities and proposed a wide variety of security extensions. While these extensions have diverse goals, many of them constitute modifications of the Android operating system and extend its default permission-based access control model. However, they are not generic and only address specific security and privacy concerns. The goal of this dissertation is to provide generic and extensible system-centric access control architectures, which can serve as a solid foundation for the instantiation of use-case specific security extensions. In doing so, we enable security researchers, enterprise administrators and end users to design, deploy and distribute security extensions without further modification of the underlying operating system. To achieve this goal, we first analyze the mobile device ecosystem and discuss how Android's security architecture aims to address its inherent threats. We proceed to survey related work on Android security, focusing on system-centric security extensions, and derive a set of generic requirements for extensible access control architectures targeting smart mobile devices. We then present two extensible access control architectures, which address these requirements by providing policy-based and programmable interfaces for the instantiation of use-case specific security solutions. By implementing a set of practical use-cases, ranging from context-aware access control, dynamic application behavior analysis to isolation of security domains we demonstrate the advantages of system-centric access control architectures over application-layer approaches. Finally, we conclude this dissertation by discussing an alternative approach, which is based on application-layer deputies and can be deployed whenever practical limitations prohibit the deployment of system-centric solutions

Ouachita hosts “Between the Shadow and the Light: An Exhibit Out of South Africa” international traveling art exhibit through Feb. 23

Ouachita Baptist University’s Sutton School of Social Sciences is hosting the final U.S. stop of the international traveling exhibit, “Between the Shadow and the Light: An Exhibit Out of South Africa,” on Ouachita’s campus. It is the largest exhibit to show on Ouachita’s campus to date, spanning Mabee Fine Arts Center’s Hammons Gallery as well as Moses-Provine Hall’s Rosemary Gossett Adams Galleries. The exhibit will be on display through Feb. 23 and is free and open to the public

ASM: A Programmable Interface for Extending Android Security

Abstract Android, iOS, and Windows 8 are changing the application architecture of consumer operating systems. These new architectures required OS designers to rethink security and access control. While the new security architectures improve on traditional desktop and server OS designs, they lack sufficient protection semantics for different classes of OS customers (e.g., consumer, enterprise, and government). The Android OS in particular has seen over a dozen research proposals for security enhancements. This paper seeks to promote OS security extensibility in the Android OS. We propose the Android Security Modules (ASM) framework, which provides a programmable interface for defining new reference monitors for Android. We drive the ASM design by studying the authorization hook requirements of recent security enhancement proposals and identify that new OSes such as Android require new types of authorization hooks (e.g., replacing data). We describe the design and implementation of ASM and demonstrate its utility by developing reference monitors called ASM apps. Finally, ASM is not only beneficial for security researchers. If adopted by Google, we envision ASM enabling in-thefield security enhancement of Android devices without requiring root access, a significant limitation of existing bring-your-own-device solutions

Deep Learning with Coherent VCSEL Neural Networks

Deep neural networks (DNNs) are reshaping the field of information processing. With their exponential growth challenging existing electronic hardware, optical neural networks (ONNs) are emerging to process DNN tasks in the optical domain with high clock rates, parallelism and low-loss data transmission. However, to explore the potential of ONNs, it is necessary to investigate the full-system performance incorporating the major DNN elements, including matrix algebra and nonlinear activation. Existing challenges to ONNs are high energy consumption due to low electro-optic (EO) conversion efficiency, low compute density due to large device footprint and channel crosstalk, and long latency due to the lack of inline nonlinearity. Here we experimentally demonstrate an ONN system that simultaneously overcomes all these challenges. We exploit neuron encoding with volume-manufactured micron-scale vertical-cavity surface-emitting laser (VCSEL) transmitter arrays that exhibit high EO conversion (<5 attojoule/symbol with $V_\pi$=4 mV), high operation bandwidth (up to 25 GS/s), and compact footprint (<0.01 mm$^2$ per device). Photoelectric multiplication allows low-energy matrix operations at the shot-noise quantum limit. Homodyne detection-based nonlinearity enables nonlinear activation with instantaneous response. The full-system energy efficiency and compute density reach 7 femtojoules per operation (fJ/OP) and 25 TeraOP/(mm$^2\cdot$ s), both representing a >100-fold improvement over state-of-the-art digital computers, with substantially several more orders of magnitude for future improvement. Beyond neural network inference, its feature of rapid weight updating is crucial for training deep learning models. Our technique opens an avenue to large-scale optoelectronic processors to accelerate machine learning tasks from data centers to decentralized edge devices.Comment: 10 pages, 5 figure

Towards understanding Android system vulnerabilities: Techniques and insights

National Research Foundation (NRF) Singapor

Endogenous tumor suppressor microRNA-193b: Therapeutic and prognostic value in acute myeloid leukemia

Purpose Dysregulated microRNAs are implicated in the pathogenesis and aggressiveness of acute myeloid leukemia (AML). We describe the effect of the hematopoietic stem-cell self-renewal regulating miR-193b on progression and prognosis of AML. Methods We profiled miR-193b-5p/3p expression in cytogenetically and clinically characterized de novo pediatric AML (n = 161) via quantitative real-time polymerase chain reaction and validated our findings in an independent cohort of 187 adult patients. We investigated the tumor suppressive function of miR-193b in human AML blasts, patient-derived xenografts, and miR-193b knockout mice in vitro and in vivo. Results miR-193b exerted important, endogenous, tumor-suppressive functions on the hematopoietic system. miR-193b-3p was downregulated in several cytogenetically defined subgroups of pediatric and adult AML, and low expression served as an independent indicator for poor prognosis in pediatric AML (risk ratio 6 standard error, 20.56 6 0.23; P = .016). miR-193b-3p expression improved the prognostic value of the European LeukemiaNet risk-group stratification or a 17-gene leukemic stemness score. In knockout mice, loss of miR-193b cooperated with Hoxa9/Meis1 during leukemogenesis, whereas restoring miR-193b expression impaired leukemic engraftment. Similarly, expression of miR-193b in AML blasts from patients diminished leukemic growth in vitro and in mouse xenografts. Mechanistically, miR-193b induced apoptosis and a G1/S-phase block in various human AML subgroups by targeting multiple factors of the KIT-RAS-RAF-MEK-ERK (MAPK) signaling cascade and the downstream cell cycle regulator CCND1. Conclusion The tumor-suppressive function is independent of patient age or genetics; therefore, restoring miR-193b would assure high antileukemic efficacy by blocking the entire MAPK signaling cascade while preventing the emergence of resistance mechanisms

The management of acute venous thromboembolism in clinical practice. Results from the European PREFER in VTE Registry

Venous thromboembolism (VTE) is a significant cause of morbidity and mortality in Europe. Data from real-world registries are necessary, as clinical trials do not represent the full spectrum of VTE patients seen in clinical practice. We aimed to document the epidemiology, management and outcomes of VTE using data from a large, observational database. PREFER in VTE was an international, non-interventional disease registry conducted between January 2013 and July 2015 in primary and secondary care across seven European countries. Consecutive patients with acute VTE were documented and followed up over 12 months. PREFER in VTE included 3,455 patients with a mean age of 60.8 ± 17.0 years. Overall, 53.0 % were male. The majority of patients were assessed in the hospital setting as inpatients or outpatients (78.5 %). The diagnosis was deep-vein thrombosis (DVT) in 59.5 % and pulmonary embolism (PE) in 40.5 %. The most common comorbidities were the various types of cardiovascular disease (excluding hypertension; 45.5 %), hypertension (42.3 %) and dyslipidaemia (21.1 %). Following the index VTE, a large proportion of patients received initial therapy with heparin (73.2 %), almost half received a vitamin K antagonist (48.7 %) and nearly a quarter received a DOAC (24.5 %). Almost a quarter of all presentations were for recurrent VTE, with &gt;80 % of previous episodes having occurred more than 12 months prior to baseline. In conclusion, PREFER in VTE has provided contemporary insights into VTE patients and their real-world management, including their baseline characteristics, risk factors, disease history, symptoms and signs, initial therapy and outcomes