Kristopher K. Micinski

Learn More
Google's Android platform includes a permission model that protects access to sensitive capabilities, such as Internet access, GPS use, and telephony. While permissions provide an important level of security, for many applications they allow broader access than actually required. In this paper, we introduce a novel framework that addresses this issue by(More)
Google’s Android platform includes a permission model that protects access to sensitive capabilities, such as Internet access, GPS use, and telephony. We have found that Android’s current permissions are often overly broad, providing apps with more access than they truly require. This deviation from least privilege increases the threat from vulnerabilities(More)
Apps on Google’s Android mobile device platform are written in Java, but are compiled to a special bytecode language called Dalvik. In this paper, we introduce SymDroid, a symbolic executor that operates directly on Dalvik bytecode. SymDroid begins by first translating Dalvik into μ-Dalvik, a simpler language that has only 16 instructions, in contrast to(More)
Two new logics for verification of hyperproperties are proposed. Hyperproperties characterize security policies, such as noninterference, as a property of sets of computation paths. Standard temporal logics such as LTL, CTL, and CTL∗ can refer only to a single path at a time, hence cannot express many hyperproperties of interest. The logics proposed here,(More)
This paper introduces cooperative caching policies for minimizing electronic content provisioning cost in Social Wireless Networks (SWNET). SWNETs are formed by mobile devices, such as data enabled phones, electronic book readers etc., sharing common interests in electronic content, and physically gathering together in public places. Electronic object(More)
Location-based apps are popular on Android, but they raise a number of privacy concerns. In this paper, we empirically study how one popular location-privacy enhancing technique, location truncation, affects app utility. That is, we try to answer the question: How much can we truncate the location information given to an app while still preserving the app’s(More)
Mobile apps can access a wide variety of secure information, such as contacts and location. However, current mobile platforms include only coarse access control mechanisms to protect such data. In this paper, we introduce interaction-based declassification policies, in which the user’s interactions with the app constrain the release of sensitive(More)
Android and other mobile operating systems ask users for authorization before allowing apps to access sensitive resources such as contacts and location. We hypothesize that such authorization systems could be improved by becoming more integrated with the app's user interface. In this paper, we conduct two studies to test our hypothesis. First, we use(More)
This project helps to improve Performance of Distributed Cooperative Caching by choosing appropriate object replacement algorithms in the Social wireless networks (SWNET). EObject caching in such SWNETs are shown to be able to minimize the Object provisioning and maintenance cost which is based on the pricing and service dependences among different(More)
  • 1