Prof. Eleonora Losiouk (Uni of Padova) - Assistant Professor from the University of Padua, Italy Digital Security
Date: - Location: Eurecom
Bio: Eleonora Losiouk is an Assistant Professor from the University of Padua, Italy. She obtained a PhD in Bioengineering and Bioinformatics in 2018 from the University of Pavia, Italy. At the end of the PhD, she moved to Padua and started working on Android security. She visited EPFL in 2017 and Berkeley in 2021/2022. Besides publishing papers in top venues, Eleonora is the recipient of several awards among which: the 2020 CONCORDIA Award for Early Career Women Researcher in 2020; a Fulbright Fellowship for visiting Berkeley in 2020; a Seal of Excellence for her EU Marie Curie Global Fellowship project proposal in 2021; a Google Research Scholar Program in 2022. Title: « Virtualization-Based Attacks: A New Threat without an Effective Defence » Abstract: The Android virtualization technique allows an app to create independent virtual environments running on top of the Android native one, where multiple apps can be executed simultaneously. In addition to the legitimate usage of this technique, attackers have already identified possible ways of exploiting it. According to the state-of-art, virtualization-based malware is a significant threat: researchers have found 71,303 malicious samples. Defence mechanisms have already been designed to find virtualization-based malware, to detect whether an app is running in a virtual environment, or to prevent a virtualization-based repackaging attack. In this talk, I will delve into the details of the malicious usages of the virtualization technique, describing the attacks leveraging it and the existing defences, together with their limitations.