EAGER: Securing Smartphone Applications Against Rapidly Expanding Accessibility-Based Attacks
University Of Illinois At Chicago, Chicago IL
Investigators
Abstract
The project will study graphical user interface (GUI) applications that are difficult for users with disabilities such as vision, movement, remembering, hearing, communicating, etc.. Currently, mobile assistive applications provide enhancement services using specialized accessibility technologies that are fundamentally insecure, thus exposing users to a variety of attacks. These attacks are showing up in the press and are of great concern. Accessibility applications are prime examples of "usable security" issues, often being used in college courses to illustrate the tradeoffs between enabling needed functionality versus keeping devices secure from attack. Typically, the method of keeping users safe is to warned them to not use certain functionality that they need, thus users are safe but not able to fully function. The exploratory project will study a body of software to better understand how security issues affect users with disabilities. It will use this new knowledge to explore new abstractions and algorithms that guide analyses of the software. A prototype security testing tool will be developed that demonstrates how to avoid violation of security constraints while enabling accessibility. A deeper understanding of mobile assistive applications may open up new research directions for usable security in ubiquitous devices.
View original record on NSF Award Search →