A5016709457- Security and Verification in Computing
- Advanced Malware Detection Techniques
- Software System Performance and Reliability
- Digital and Cyber Forensics
- Software Reliability and Analysis Research
- Diamond and Carbon-based Materials Research
- User Authentication and Security Systems
- Software Testing and Debugging Techniques
University of Birmingham
2019-2023
University College of Bahrain
2022
University of Bahrain
2022
This paper analyzes the vulnerability space arising in Trusted Execution Environments (TEEs) when interfacing a trusted enclave application with untrusted, potentially malicious code. Considerable research and industry effort has gone into developing TEE runtime libraries purpose of transparently shielding code from an adversarial environment. However, our analysis reveals that requirements are generally not well-understood real-world implementations. We expose several sanitization...
Ensuring the integrity of a remote app or device is one most challenging concerns for Android ecosystem. Software-based solutions provide limited protection and can usually be circumvented by repacking mobile rooting device. Newer protocols use trusted hardware to stronger attestation guarantees, e.g., Google SafetyNet, Samsung Knox (V2 V3 attestation), Key Attestation. So far, used these systems have received relatively little attention. In this paper, we formally model platforms using...
Uniform Resource Identifier (URI) schemes instruct browsers to conduct specific actions depending on the requested scheme.Previous research has addressed numerous issues with web URI (e.g., http: and https:) both for desktop mobile browsers.Less attention been paid local data: file:), specifically browsers.In this work, we examined implementation of such in Android OS browsers, analysing top-15 browsers.As a result, discovered three vulnerability types that affect several major (including...