Paper on iOS Security at ACM CCS 2016
As part of an international research team with North Carolina State University (NCSU) and Technischen Universität Darmstadt (TUD), our colleagues Răzvan Deaconescu and Mihai Chiroiu are co-authors for a paper that has been accepted at ACM CCS 2016, one of the top conferences in security in the world (part of the so called "Big Four" including NDSS, IEEE S&P (Oakland) and USENIX Security Symposium).
The paper "SandScout: Automatic Detection of Flaws in iOS Sandbox Profiles" features an in-depth analysis of iOS security mechanisms and an approach to find security flaws. Findings have been provided to Apple Inc. and have been published as CVEs: CVE-2015-7001, CVE-2016-4620, CVE-2016-4719,
CVE-2016-4664, CVE-2016-4665, CVE-2016-4686.
Research is ongoing with the aim of further enhancing the security of the popular Apple iOS operating system.