aziz mohaisen I am an Associate Professor in the Department of Computer Science and Engineering at the Wright State University, Dayton, Ohio. I earned my Ph.D. degree in Computer Science from the University of Illinois at Urbana Champaign in 1976.

My research interests are Internet Security, Distributed Computing, Software Engineering, and Language Design. I designed a specification and design language called OM. I have directed several MS Theses and three Ph.D dissertations.
Links: DBLP, Google Scholar Teaching: CEG 4440, CEG 7370, CS 7140

Android Security session at ISSISP 2016

Smart phones have become the computing platform to help us lead our modern daily lives. Android devices are physically small devices but otherwise far better equipped with multiple networks, cameras, and sensors than typical desktop computers. That they make phone calls is incidental. That they are on the body of their owners is significant. It is in this context that we should understand the security and privacy issues raised by these devices. Current research focus is mostly on UI, location/context based applications, and conservation of battery power, but the layers deep within the mobile platform that handle security and privacy are not as good as they can be.

We survey the exploits of the last couple of years ranging from arbitrary code execution, Heartbleed to StageFright. In order to understand the technical details behind these, we must also understand not only the internals of the Android mobile OS, Java, Linux, and ARM CPU but also cloud computing and storage, and crowd sourcing. In a lab environment, we let the users experience some of the exploits. We present the details of rooting a device, reverse engineering the source code from its APK, and what it takes to design and build a custom ROM that can include proactive forensics.