Matthew Smith How Can We Prevent Network Security Problems in Smartphone Apps?

Matthew Smith is a Professor for Computer Science at the Rheinische-Friedrichs-University Bonn (Germany). His research interests lie at the intersection of technical IT security and privacy and behavioral research. He focuses on “Usability Security” considering the human factor. For his PhD thesis he was awarded the thesis award by the Association for the Facilitation of Research Transfer (GFFT e.V.) Germany. He is a member of the Fraunhofer FKIE in Bonn and the Research Center L3S at the University of Hanover.

Area of Research

Behavioural Security, Usable Security and Privacy, Usable Security for Developers and Administrators

Nik Unger, Sergej Dechand, Joseph Bonneau, Sascha Fahl, Henning Perl, Ian Goldberg and Matthew Smith. "SoK: Secure Messaging." IEEE Security & Privacy (2015): 232-249.  
Sascha Fahl, Sergej Dechand, Henning Perl, Felix Fischer, Jaromir Smrcek and Matthew Smith. "Hey, NSA: Stay Away from my Market! Future Proofing App Markets against Powerful Attackers." Unpublished. 2014.  
Marian Harbach, Markus Hettig, Susanne Weber and Matthew Smith. "Using Personal Examples to Improve Risk Communication for Security & Privacy Decisions." Unpublished. 2014.  
Sascha Fahl, Marian Harbach, Yasemin Acar and Matthew Smith. "On the Ecological Validity of a Password Study." Unpublished. 2013.  

since 2013

Professor for Usable Security and Privacy

University of Bonn (Rheinische Friedrich-Wilhelms-Universität Bonn) (more details)

2012-2013

Professor for Distributed Computing and Security

University of Hannover (Leibniz Universität Hannover)

2009-2012

Professor for Distributed Computing and Security

University of Hannover (Leibniz Universität Hannover)

2008-2009

Freelance Consultancy

Postbank Financial Services GmbH, Frankfurt/Main

2008-2009

Post-Doctoral Researcher in the Distributed Systems Group

Philipp University of Marburg (Philipps-Universität Marburg)

2003-2008

Graduate Research Assistant in the Distributed Systems Group

Philipp University of Marburg (Philipps-Universität Marburg)

Group Led by Prof. Dr. Bernd Freisleben

2002-2003

Part-Time Freelance Work for the Fraunhofer Gesellschaft (IMK)

BMBF-Projects "Awake" and "Netzspannung"

2001-2002

Undergraduate Teaching Assistant

University of Siegen (Universität Siegen)

Institut of "Messtechnik" in the Faculty for Electrical Engineering and Computer Science

1999-2001

Research Assistant in the Parallel Systems Group

University of Siegen (Universität Siegen)

Faculty for Electrical Engineering and Computer Science

2008

PhD in Computer Science

University of Marburg

Thesis "Security for Service-Oriented On-Demand Grid Computing"

2003

Diploma in Electrical Engineering and Computer Science

University of Siegen (Universität Siegen)

Thesis "Peer-to-Peer Based Middleware for Cooperative Mobile Sensor Platforms"

ACM Transactions on Information and System Security (2012, 2013)

Associate Editor: ACM Transactions on the Web (2015)

IEEE Security and Privacy (2015)

IEEE Transactions on Dependable and Secure Computing (2012)

Methods of Information in Medicine (2012)

ERC Starting Grant for "USECFrontiers: Frontiers of Usable Security" (2015)

© University of Bonn

University of Bonn (Rheinische Friedrich-Wilhelms-Universität Bonn)


Bonn is one of the large universities in Germany, with around 36,000 students, 550 professors, 6,500 other staff staff. It offers a wide disciplinary spectrum comprising some 200 different degree programmes, from Agricultural Science to Tibetan Studies. This diversity is what characterizes Bonn as a full-range university with a strong international orientation. In many international university rankings Bonn is placed among the 100 best universities in the world.Its academic and research profile features internationally renowned specializations in the fields of Mathematics, Physics/Astronomy, Economics, Chemistry, Pharma Research, Biosciences, Genetic Medicine, Neurosciences and Philosophy/Ethics. Other disciplines, such as Geography and Law, are of outstanding importance within the German research scene.

The Rheinische Friedrich-Wilhelms-Universität Bonn is rooted in a long tradition going back almost 200 years. It was founded in 1818 by Friedrich-Wilhelm III, the Prussian king whose name it bears. Imbued with the spirit of Wilhelm von Humboldt, the university quickly joined the circle of Germany's most distinguished universities and became a major pole of attraction for leading scholars as well as students.The list of famous professors ranges from the astronomer Friedrich Wilhelm Argelander (1799-1875), through the chemist August Kekulé von Stradonitz (1829–1896) and political economist Josef Schumpeter (1883–1950) to the philologist Ernst Robert Curtius (1886–1956) and the theologists Karl Barth (1886–1968) and Joseph Ratzinger (born 1927), now Pope Benedict XVI. Bonn's best-known students include Heinrich Heine, Karl Marx, Friedrich Nietzsche, and Konrad Adenauer.

The university is proud of a long list of award-winning scientists and scholars, with about twenty Leibniz Prize winners and around thirty ERC grantees. In the last three decades two professors have received the Nobel Prize: Wolfgang Paul (for Physics, 1989) and Reinhard Selten (for Economics, 1994). (Source: University of Bonn)

Map

Many android apps that try to use SSL to secure network communication fail in doing so and are insecure. By detecting such security flaws and interviewing the developers, the study presented in this video shows the necessity of rethinking how developers interact with security code. As shown, developers are not, as often implied, infallible. This means that prevention of security problems should be carried out by increasing the usability of programming software to match the requirements of app developers, follows MATTHEW SMITH.

LT Video Publication DOI: http://dx.doi.org/10.21036/LTPUB10054

Rethinking SSL Development in an Appified World

  • Sascha Fahl, Marian Harbach, Henning Perl, Markus Koetter and Matthew Smith
  • Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
  • Published in 2013

Chicago

Sascha Fahl, Marian Harbach, Henning Perl, Markus Koetter and Matthew Smith. "Rethinking SSL Development in an Appified World." Unpublished. 2013.

Why Eve and Mallory Love Android: An Analysis of Android SSL (in) Security

  • Sascha Fahl, Marian Harbach, Thomas Muders, Lars Baumgärtner, Bernd Freisleben and Matthew Smith
  • Proceedings of the 2012 ACM conference on Computer and communications security
  • Published in 2012

Chicago

Sascha Fahl, Marian Harbach, Thomas Muders, Lars Baumgärtner, Bernd Freisleben and Matthew Smith. "Why Eve and Mallory Love Android: An Analysis of Android SSL (in) Security." Unpublished. 2012.