SU professors discuss cyber-security risks
Going viral isn’t always a good thing. With smartphones in almost everyone’s pockets, malware and viruses are becoming bigger issues to handle.
In December, two of Syracuse University’s L.C. Smith College of Engineering and Computer Science professors traveled to the Middle East to discuss cybersecurity, specifically the research they discovered and the vulnerabilities within a certain system.
An SU alumnus who was passionate about the engineering school having a presence in the Middle East funded the trip, said Ariel Duchene, the school’s assistant dean for external relations.
“It was a great event, and it was all about making connections and making sure people are aware SU is a prominent player in this area of research,” she said. “Our goals were potentially finding new students, finding opportunities to work with industry and other academics on research and educational initiatives.”
Stopping in Saudi Arabia and Dubai, Kevin Du, a computer security professor at SU, gave a lecture titled “Security Considerations for Smartphones,” where he discussed the discoveries his team found regarding cyberattacks on mobile devices.
The issue of a phone’s security is relevant to students, as phones can carry a person’s most guarded and personal details, Du said.
“There are some very unique risks that are introduced to this platform,” he said. “From a research perspective, we’re looking at unique things that are introduced by this platform.”
One of the biggest risks his team found, he said, comes with the increasing popularity of PhoneGap, a new app development program. Typically, app creators would need to code different versions for different platforms, if the app was to work for both iOS and Android software. PhoneGap allows developers to write one version and have the app automatically converted, Du said. By 2016, 50 percent of all apps will be developed based on this kind of software.
While convenient for developers, it creates a major security risk for consumers because everything is running on the same coding now. Du said his team discovered this framework was very insecure, as it could be hacked just from using the same Wi-Fi network as the perpetrator.
“If we started using PhoneGap to develop apps for those purposes, I’m not saying every app will be vulnerable, but a very high percentage will be,” he said.
In light of recent concerns with computer hacking and phone tapping, phones now have the potential to become just another burden in a person’s life potential. People are finally paying attention to the damage that can be caused.
Du added that if developers could be made aware of the software’s issues early on, there would be little risk in the future.
Along with cybersecurity for mobile devices, the lecture also focused on cybersecurity for system structures. Shiu-Kai Chin, also a professor in the L.C. Smith College of Engineering and Computer Science, talked about system assurance.
Chin said in an email that cybersecurity is becoming a larger issue because of the increasing use of computers in everyday lives. From cellphones to social media to piloting an aircraft, the technology is becoming more at risk every day.
He added that computer security for many users is very weak, and recommended that students take higher measures for their devices. Careless use of any technology could lead to a major breach in a student’s personal information. Because of the inherent risks, apps — and other devices — may cause more harm than good.
“When downloading apps, be mindful that fraudsters will often embed malware,” he said. “Cellphones are computers and their casual use is easily leads to compromise.”
— Contributing writer Bodeline Dautruche contributed reporting to this story
Published on January 13, 2014 at 11:06 pm