As of 2010, there are more smartphones shipped than desktop PCs and the trend is continuing. For many users, the smartphone will be the main device they use to interact with the Internet. As a result, it’s more important than ever that smartphones be made secure and trustworthy. To help us reach this goal, we’ve built tools such as PScout, a system that maps the permissions used by the Android OS. PScout’s datasets have been downloaded more than 60K times by malware researchers. The source code and datasets can be found here. We have also been working on advanced smartphone malware detection techniques, such as IntelliDroid, which can increase the efficiency of dynamic malware analysis by over 20x using efficient targetting, and TIRO, which can combat a new kind of code obfuscation we have observed on Android, which we call run-time based obfuscation. Run-time based obfuscation subverts the Java runtime environment of Android itself, bending the rules that normally govern code execution to allow malware to hide itself.
In the past, we have also worked on Unicorn and Mercury, which leverage the capabilities of smart phones to help protect users against malware and phishing. Our Caelus system was also one of the first to explore using smartphones to secure data stored in the cloud. LazyTainter devised a more efficient way of tracking how information is used in Android applications.