Android Security Symposium 2017

Freelance Android developer, Bristol, UK

Scott is a consultant Android developer and Google Developer Expert for Android who is passionate about mobile app security. He is co-author of “The Android Security Cookbook”, speaks at various conferences on the subject and has released several security related open source libraries.

In 2011, Scott founded and continues to co-run SWmobile meetup group based in Bristol/Bath (UK). Mobile professionals can meet and share knowledge at the monthly tech talk/social events.

To relax and bug out from the screen Scott enjoys spending time with his wife and children, running, Mexican food, craft beer and science fiction.

@scottyab | scottyab.com

University of Waterloo, Waterloo, ON, Canada

Erinn is currently in the last year of her PhD in Computer Science at the University of Waterloo, where she is a member of the Cryptography, Security and Privacy (CrySP) lab and the Centre for Applied Cryptographic Research.

Her research interests span a variety of topics, mostly revolving around the obstacles that prevent widespread deployment of end-to-end encryption. Her thesis includes work on usable encrypted webmail and protecting keys across multiple devices. In the past, she has also worked on machine learning for behavioural authentication on smartphones, and genetic programming for classification of high-volume online data streams.

You can find Erinn online @errorinn or https://erinn.io/.

ETH Zurich, Zurich, Switzerland

Srđan Čapkun is a Full Professor in the Department of Computer Science, ETH Zurich and Director of the Zurich Information Security and Privacy Center (ZISC). He was born in Split, Croatia. He received his Dipl.Ing. Degree in Electrical Engineering / Computer Science from the University of Split in 1998, and his Ph.D. degree in Communication Systems from EPFL in 2004. Prior to joining ETH Zurich in 2006 he was a postdoctoral researcher in the Networked & Embedded Systems Laboratory, University of California Los Angeles and an Assistant Professor in the Informatics and Mathematical Modelling Department, Technical University of Denmark. His research interests are in system and network security. One of his main focus areas is wireless security. In 2016 he received an ERC Consolidator Grant for a project on securing positioning in wireless networks.

LINE, Tokyo, Japan

Nikolay Elenkov has been working on enterprise security projects for the past 10 years. He has developed security software on various platforms, ranging from smart cards and HSMs to Windows and Linux servers. He became interested in Android shortly after Android's initial public release and is the author of Android Security Internals.

He currently works at LINE's Security department.

nelenkov.blogspot.com | linecorp.com

RedNaga, Oakland, CA, USA

Caleb Fenton is a security researcher at SentinelOne and has spent the past 6 years reversing Android apps and researching malware. He's created or maintains several open source Android reverse engineering and anti-malware tools such as Simplify and dex-oracle (Android deobfuscators), smalivm (Smali emulator / virtual machine), and APKiD (PEiD for Android).

NIST, Gaithersburg, MD, USA

Joshua M. Franklin is an information security engineer at NIST, focusing on enterprise mobile security, cellular security, and electronic voting. He graduated from George Mason University with an M.S. in Information Security & Assurance, and received a B.S. in Information Systems from Kennesaw State University. Joshua participates in numerous mobile security working groups and standards efforts, such as 3GPP and Communications Security, Reliability and Interoperability Council (CSRIC), part of the Federal Communications Commission (FCC).

Synopsys, London, UK

John is a security engineer and researcher in the area of mobile application security. He has helped several large organizations threat model their apps and design or evaluate sophisticated defensive controls such as binary hardening and certificate pinning. He also develops automated static and dynamic analysis solutions for Android applications. John holds an MSc in Information Security from Royal Holloway, University of London and an Electrical and Computer Engineering diploma from University of Patras.

@ikoz | https://koz.io

Google, Mountain View, CA, USA

Nick Kralevich is head of Android platform security at Google and one of the original members of the Android security team. In his 8 years in Android, he led the development of Android's key security features and has been on the forefront of modern operating system security. Nick's expertise is in defensive security technologies with a focus on native code hardening, application containment, and exploit mitigation.

Skymatic (Cryptomator), Bonn, Germany

Markus Kreusch is managing partner at Skymatic, the startup behind Cryptomator. At Skymatic he is responsible for the Cryptomator app for Android and supports the development of the desktop application and crypto libraries. Prior to his work at Skymatic he worked as a software architect and it consultant. In this role he got insights into prominent German companies. He graduated extra-occupational at FOM University of Applied Sciences and currently studies applied computer sciences at University of Hagen.

AT&T, Redmond, WA, USA

Patrick has been responsible for mobile security at AT&T since 2004. Patrick started his employment by establishing security operations teams dedicated to mobility networks & services. He currently supports the Mobile Endpoint Security Team, where he leads efforts to ensure the security of AT&T's portfolio of mobile devices. He is a board member on AT&T's bug bounty. Patrick leads AT&T's sponsorship of r00tz Asylum—a nonprofit dedicated to teaching kids around the world how to love being white-hat hackers. Patrick has a B.S. in Computer Science with a Mathematics minor from Linfield College.

The MITRE Corporation, McLean, VA, USA

Carlton Northern is a mobile security engineer at The MITRE Corporation. While at MITRE he has helped various U.S. DoD and other federal agencies deploy secure mobile solutions over a range of use cases. Carlton has also been an active member of the Trusted Computing Group where he contributed to the TPM Mobile specification. Currently, Carlton is working with the U.S. Army Training and Doctrine Command where he has helped deploy a training and educational app store for the Army, overcoming issues of application security and BYOD.

The MITRE Corporation, McLean, VA, USA

Michael Peck is a security engineer at The MITRE Corporation, where he primarily focuses on mobile device security, mobile application security, and network security protocols and standards. He holds an M.S. in Security Informatics from Johns Hopkins University and a B.S. in Computer Science from the University of Virginia.

Skymatic (Cryptomator), Bonn, Germany

Christian Schmickler is managing partner at Skymatic and responsible for communications and marketing.

Before joining the Cryptomator project, he worked as a systemic consultant for a German consultancy. He holds a master's degree in International Business from Maastricht University and bachelor's degrees in economic sciences and psychology.

Guardian Project, Vienna, Austria

Hans-Christoph Steiner spends his time making private software usable, designing interactive software with a focus on human perceptual capabilities, building networks with free software, and composing music with computers. With an emphasis on collaboration, he has worked in many forms, including free software for mobile and embedded devices, responsive sound environments, free wireless networks that help build community, musical robots that listen, programming environments allow people to play with math, and a jet-powered fish that you can ride.

RedNaga, Oakland, CA, USA

Tim “diff” Strazzere is the Security Engineer at Cloudflare, specializing in mobile and linux security. Along with writing security automation software, he specializes in reverse engineering and malware analysis. Some interesting past projects include having reversed the Android Market protocol, Dalvik decompilers and memory manipulation on mobile devices. Past speaking and training engagements have included DEFCON, BlackHat, SyScan, HiTCON and EICAR, QSPI.

ETH Zurich, Software Reliability Lab, Zurich, Switzerland

Petar Tsankov is a security researcher at the Software Reliability Lab at ETH Zurich. The goal of his research is to make it easier for developers who are not security experts to build secure and reliable systems. Towards this goal, he combines novel techniques from Programming Synthesis, Machine Learning, and Probabilistic Programming to build new practical systems that solve important problems in Information Security.

eshard, Bordeaux, France

Hugues Thiebeauld is CEO at eshard, a start-up focusing on security of mobile applications and IoT. Prior to founding the company (in 2015), he worked as security lab manager at UL, where he was responsible for growing the security evaluation lab and manage its accreditations. Using his technical expertise in attack techniques and his knowledge of the industry, he successfully built a team of experts (50+) located in 3 different regions (UK, France and Singapore). Prior to UL, Hugues worked at Oberthur and Thales in various cryptography and security evaluation related roles.

Vrije Universiteit Amsterdam, Amsterdam, Netherlands

Victor is a PhD candidate in the System and Network Security Group (VUSec) at Vrije Universiteit Amsterdam where he also obtained his MSc degree in Computer Science in August 2013. He is currently under the supervision of dr. Cristiano Giuffrida and prof. dr. ir. Herbert Bos.

His research focuses on - but is not limited to - malware on smartphones and is part of the Dutch-American Project Arrangement about cooperative research and development on cybersecurity. Besides mobile malware, Victor is also interested in (low-level) system topics that enhance system security, as well as reverse engineering and analyzing malicious code.

vvdveen.com | vusec.net

PGS Software S.A., Wrocław, Poland

Tomasz Zieliński – Android team lead at PGS Software. In the past he maintained financial systems at National Bank of Poland, developed Bing at Microsoft, helped in production of Angry Birds and cared for embedded software for trams and buses. He used to be a public data re-use activist, in 2012 he was invited by European Commision to speak in Brussels about his experience of re-use of public transport data in Poland. Graduated from University of Wrocław. Active paraglider pilot.