I am an Associate Professor
in the Department of Computer Science and Engineering at the Wright State University, Dayton, Ohio.
I earned my Ph.D. degree in Computer Science from the
University of Illinois at Urbana Champaign in 1976.
My research interests are Internet Security, Distributed Computing, Software Engineering, and Language Design. I designed a specification and design language called OM. I have directed several MS Theses and three Ph.D dissertations.
Links: DBLP, Google Scholar Teaching: CEG 4440, CEG 7370, CS 7140
Smart phones have become the computing platform to help us lead our modern
daily lives. Android devices are physically small devices but otherwise
far better equipped with multiple networks, cameras, and sensors than
typical desktop computers. That they make phone calls is incidental.
That they are on the body of their owners is significant. It is in this
context that we should understand the security and privacy issues raised
by these devices. Current research focus is mostly on UI, location/context
based applications, and conservation of battery power, but the layers deep
within the mobile platform that handle security and privacy are not as good
as they can be.
We survey the exploits of the last couple of years ranging from arbitrary code execution, Heartbleed to StageFright. In order to understand the technical details behind these, we must also understand not only the internals of the Android mobile OS, Java, Linux, and ARM CPU but also cloud computing and storage, and crowd sourcing. In a lab environment, we let the users experience some of the exploits. We present the details of rooting a device, reverse engineering the source code from its APK, and what it takes to design and build a custom ROM that can include proactive forensics.