DarkDroid
Exposing the Dark Side of Android Marketplaces

The goal of DarkDroid is to research static mechanisms for proving the non-existence of malicious code in Android applications. We use scalable and precise static analyses on Dalvik bytecode to discover attacks ranging from privacy violations to unauthorized modifications to critical sensor data. Using the results of our analyses, our tools can then excise the malicious code or harden other apps against attack.

Sponsor

ZigZag
Improving the Security of Web 2.0 Applications

ZigZag proposes to automatically instrument client-side scripting code so that its execution can be monitored. We use this monitoring framework to (i) build models that capture normal program runs, and (ii) subsequently leverage these models to detect and prevent attacks as they unfold.

Sponsor

Disclosure
Automatic Botnet Identification

Disclosure studies large-scale automated botnet detection and mitigation techniques.

Sponsor

Symantec Teaching
Teaching Systems Security Using an Interactive Platform

This project explores techniques for developing a modern security education platform.

Sponsor

Scholarship for Service
Multi-Disciplinary Preparation of Next Generation Information Assurance Practitioners

The NSF Scholarship for Service program is intended to address the growing need for security experts in the public sector by providing students a solid foundation in computer security, coupled with hands-on experience in the leading edge of security research. Northeastern takes a multi-disciplinary approach to this problem, by exposing its SFS students to the wider sociological, political, and legal dimensions of security, while maintaining a strong grounding in technical skills.

Sponsor