BlueSeal

The BlueSeal team mainly focus on research related to mobile security.

The BlueSeal team investigates static analysis and dynamic instrumentation techniques on Android. The first application of the techniques is Flow Permissions, a new permission mechanism based on information flows. This new permission mechanism statically analyzes the bytecode of an Android app, detects all potential information flows within the app (e.g., an information flow from contacts to the network), and reports them to the user for approval at the installation time (e.g., “This app can read your contacts and send it over the network. Do you approve?”). It augments the existing permission mechanism by giving users an opportunity to examine and approve the behavior of an app.

Besides, the BlueSeal team explores new ways to detect mobile malware apps via static analyasis techniques. We have proposed a new technique to detect mobile malware based on information flow analysis. It focuses on the structure of information flows and the patterns of behavior present in information flows. Our analysis not only gathers simple flows that have a single source and a single sink, but also Multi-Flows that either start from a single source and flow to multiple sinks, or start from multiple sources and flow to a single sink.