Biography:

Gail-Joon Ahn, Ph.D, CISSP is a Professor of Computer Science and Engineering Program in the School of Computing, Informatics and Decision Systems Engineering (CIDSE), Futon Entrepreneurial Professor, and Director of Center for Cybersecurity and Digital Forensics and Laboratory of Security Engineering for Future Computing at Arizona State University. Also he is currently a guest professor of Wuhan University. Prior to ASU, he was the Founding Director of Center for Digital Identity and Cyber Defense Research (DICyDER) at UNC Charlotte. 

He is a recipient of US Department of Energy Early Career Principal Investigator Award, Educator of the Year Award from Federal Information Systems Security Educators' Association (FISSEA) and Best Researcher Award from CIDSE. Also, he serves as Associate Editor-in-Chief of IEEE Transactions on Dependable and Secure Computing, Associate Editor of IEEE Transactions on Information Forensics and Security, Associate Editor of ACM Transactions on Information and Systems Security and Editorial Board of Computers & Security. He is also the Steering Committee Chair of ACM Symposium on Access Control Models and Technologies. He is currently the information director of ACM Special Interest Group on Security, Audit and Control (SIGSAC) and the Steering Committee Chair of ACM Symposium on Access Control Models and Technologies. He also holds seven US patents on cybersecurity and privacy.


Title: 

Understanding and Mitigation Risks in Mobile Applications

Abstract:More than half of adult Americans own a smartphone and sales are expected to exceed PC sales in the near future. Mobile operating systems allow third-party developers to create applications (apps). The onus is placed on the owner to evaluate, before an app is installed, the security and privacy implications of installing an app, using only the description and the permissions requested. For the average smartphone owner this information is not enough to make an informed decision. Power must be returned to smartphone owners. We have investigated various approaches to automatically generate app intelligence to empower owners to evaluate the security and privacy implications of installing and running an app. This talk overviews our approaches and results that show how we could create such intelligence.