/enri-thumbnails/careeropportunities1f0caf1c-a12d-479c-be7c-3c04e085c617.tmb-mega-menu.jpg?Culture=en&sfvrsn=d7261e3b_1)
/cradle-thumbnails/research-capabilities1516d0ba63aa44f0b4ee77a8c05263b2.tmb-mega-menu.jpg?Culture=en&sfvrsn=1bc94f8_1)
7e6fdc03-9018-4d08-9a98-8a21acbc37ba.tmb-mega-menu.jpg?Culture=en&sfvrsn=7deaf618_1)
Cybersecurity Seminar by Prof Zhiqiang Lin from Ohio State University at 4pm @ CSL
Date: 2nd July 2024
Time: 4:00pm-5:00pm
Location: Cyber Security Lab, Floor B2, Block N4 (N4-B2c-06), CCDS, NTU, 50 Nanyang Ave, Singapore 639798
Title: Unpacking the Threats of All-in-One Mobile Super Apps
Abstract: Mobile apps have evolved. Today, apps like WeChat and Uber have transformed from offering just one single service to a unified hub, integrating services ranging from ride-hailing to food delivery and even online shopping. This evolution birthed the term "super apps". To add even more features, these apps let other developers build small miniapps inside them using specific APIs. But as they grow, new security and privacy challenges emerge, particularly given the sheer volume of user data they handle. In this talk, Dr. Lin will walk through these challenges. More specifically, he will highlight the benefits and conveniences of super apps, but more importantly, the potential pitfalls. Some of these problems come from weak spots in how apps connect with each other, not setting clear boundaries for what each mini-app can do, or not vetting these mini-apps properly. Because of these issues, users might face threats like data theft, privacy leaks, or even malicious miniapps. Finally, Dr. Lin will also shed light on how to deal with and prevent these threats when concluding the talk.
Bio: Dr. Zhiqiang Lin is a Distinguished Professor of Engineering, and the Director of Institute for Cybersecurity and Digital Trust at The Ohio State University. His research interests center around systems and software security, with a key focus on developing automated program analysis techniques for vulnerability discovery and malware analysis; hardening the systems and software from binary code rewriting, virtualization, and trusted execution environment; and the applications of these techniques in emerging platforms such as super apps. He has published over 150 papers, many of which appeared in the top venues in cybersecurity. He is an IEEE Fellow, an ACM Distinguished Member, a recipient of Harrison Faculty Award for Excellence in Engineering Education, NSF CAREER award, AFOSR Young Investigator award, and Outstanding Faculty Teaching Award. He received his Ph.D. in Computer Science from Purdue University.