Research & Innovation

Stevens Professor Receives DARPA Grant to Reveal How Apps Use Your Data

Stevens Institute of Technology computer science professor Georgios Portokalidis received $500,000 in funding from Defense Advanced Research Projects Agency (DARPA). 

The award will cover two years of research for a project called “TRAILS: Efficient Data Flow Tracking Through HW-assisted Parallelization.” TRAILS started in 2016 with the goal of using debugging extensions available in modern processors to efficiently perform data-flow tracking in software systems. 

What does that mean? Basically, “we want to reveal how applications use your data,” Portokalidis explains. “This is costly to do currently. We want to make it cheap.” 

Right now, people run multiple applications on their smartphones and laptops. Those applications are often run at the same time, and they come from different sources like developers, vendors, and markets like the iTunes and Google Play app stores. That’s problematic because as ubiquitous as they are, people often know very little about how they handle the data they access. In other words, they’re opaque to the people whose data they’re using. That’s not ideal. 

Researchers have been studying how data flows within an application—determining how it processes data and what it does with it—for years. Data flow is important for tracking and eliminating bugs that cause application crashes. It can also help detect misconfigurations in network services, and even help in the detection of previously unknown attacks and the analysis of malicious software. “It is very a powerful tool,” says Portokalidis. Unfortunately, current research tracking techniques are still too expensive to use outside a lab.

This is what TRAILS is all about: making data transparency easy and affordable. For everyone.

He envisions users using TRAILS to visualize what their apps do with their data. People could block applications from sharing certain data. They could see when an application uploads sensitive data, like their location, to the internet. They could also use TRAILS to help them detect applications that would expose their data in the app store before downloading it. “I’m excited to make this practical,” Portokalidis says, “and privacy is very important.”

TRAILS is funded under DARPA’s Transparent Computing (TC) program, whose focus is to increase the transparency of how systems operate. TRAILS has the same end goal, so it was a natural fit for the TC program. Ultimately, Portokalidis envisions TRAILS operating as a second processor running along a device’s main processor with negligible overhead.