Michalis Faloutsos

Professor, University of California, Riverside

Oct 9th, 2015, 11am-12pm, DBH 6011


Are the apps the source of all evil? A security and privacy perspective


The battle for security and privacy has now moved to social media and smartphones. New user behaviors and the integration of these platforms in every day life provide novel opportunities for hackers. I present the two major research thrusts of my group. First, we study social media-based malware and present the techniques and tools we have developed to protect users. Our initial results are scary and interesting: (a) malware is widespread, with half of the monitored users being exposed to at least one malicious post from a friend, and (b) 44% of malware campaigns are enabled by Facebook apps. Second, we briefly highlight our work on tools for enhancing the security and privacy of smartphone users. We focus on smartphone apps and develop tools to profile and understand the threats that these apps introduce. For example, we find that free apps are not as free as we may think, as they consume more battery and bandwidth and interact with suspicious websites. Finally, I discuss our ongoing and future plans along these research areas.

Speaker Bio:

Michalis Faloutsos is a faculty member at the Computer Science Dept. at the University of California, Riverside. He got his bachelor's degree at the National Technical University of Athens and his M.Sc and Ph.D. at the University of Toronto. His interests revolve around network modeling and security, focusing on social media, smartphones and embedded devices. With his two brothers, he co-authored the paper on power-laws of the Internet topology, which received the ACM SIGCOMM Test of Time award. His work has been supported by many NSF and military grants, for a cumulative total of more than $10 million. Several of his studies have been widely cited in popular printed and electronic press such as slashdot, ACM Electronic News, USA Today, and Wired. He co-founded a cyber-security company in 2008, offering services as www.stopthehacker.com, which received two SBIR grants from the NSF, and got acquired in Oct 2013.