Washington University in St. Louis

It's easy to start your application.

McKelvey School of Engineering

Trending Searches

Zhang paper wins ‘best paper,’ ‘distinguished paper’ awards

Paper analyzes security, privacy in push notifications on mobile devices

Ning Zhang

Ning Zhang, assistant professor of computer science & engineering in the McKelvey School of Engineering at Washington University in St. Louis, recently received the Best Paper Award and the Distinguished Paper Award from the 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), which focuses on cyberphysical systems dependability, resiliency and security. 

The paper, titled “Devils in Your Apps: Vulnerabilities and User Privacy Exposure in Mobile Notification Systems,” analyzes the mobile/Internet of Things push notification systems, used by billions of users daily, from the security and privacy angle.

“The study was partially motivated by my 3-year-old daughter’s complaint to me that the notifications were blocking her ‘Peppa Pig’ show,” Zhang said.

The paper is the first systematic exploration of security and privacy of the mobile notification services, used by billions of users daily.  Zhang and the team dissected the system designs of the Android mobile notification ecosystem into four stages, identified four critical processes that take place, then analyzed the potential security and privacy vulnerabilities and viable attacks to show real-world threats. Their analysis found that more than half of all apps use notification software development kits (SDK), which are software tools and programs used by developers to create manage notification-related functionalities. Only one-third of the SDKs provided privacy-related application programming interfaces (API), and only 3% of the apps use the APIs appropriately.

Zhang’s research focuses on security and privacy problems in emerging cyberphysical systems, which is at the intersection of software/hardware system, artificial intelligence, real-time system, control systems and security. He leads the Computer Security and Privacy Laboratory at Washington University in St. Louis. His research is supported by the National Science Foundation, Army Research Office, Department of Homeland Security, Department of Energy, Mastercard and Intel. He is a member of the Center for Trustworthy AI in CPS, AI and IoT for Medicine (AIM) Institute, and the Social Policy Institute (SPI) at Washington University in St. Louis.

The McKelvey School of Engineering at Washington University in St. Louis promotes independent inquiry and education with an emphasis on scientific excellence, innovation and collaboration without boundaries. McKelvey Engineering has top-ranked research and graduate programs across departments, particularly in biomedical engineering, environmental engineering and computing, and has one of the most selective undergraduate programs in the country. With 165 full-time faculty, 1,420 undergraduate students, 1,614 graduate students and 21,000 living alumni, we are working to solve some of society’s greatest challenges; to prepare students to become leaders and innovate throughout their careers; and to be a catalyst of economic development for the St. Louis region and beyond.

Click on the topics below for more stories in those areas

Back to News

You may also be interested in: