Security on the Move

The Georgia Tech Information Security Center is one of the leading groups on cyber-security in the country. Sometimes I think of GTISC as an In-Security center because much of their work involves finding security problems in a wide range of computer systems. SCS Assistant Professor Patrick Traynor focuses on mobile systems, particularly smartphones, and shows why we need to think differently about security on these small devices.

Malware is much less of an issue for smartphones than for traditional PCs. Software downloads come from various App Stores and while some of those apps have malicious code, most of those are not particularly popular and don't show up on most searches. It's not easy to install a malicious app by mistake.

On the other hand the mobile browser presents some new security issues. Space is a premium on a small screen and often information about the security of a site, like a picture of a lock, are often not presented. A user may be more likely to click on a malicious link because of lack of appropriate indicators on the page.

Patrick and his student Chaitrali Amrutkar's work on these mobile browser vulnerabilities received the best student paper award at the 2012 Information Security Conference and generated some good press (NPR, NBC News, Network World, InformationWeek, Consumer Affairs, UPI).