ISSS Excellence Award 2014 for Lisa Nguyen Quang Do
© 2014 EPFL
Thiên-Duyên Lisa Nguyen Quang Do has received the ISSS Excellence Award 2014 for her Master thesis "Mobile Application Security Through Static and Dynamic Analysis", judged one of the best two Swiss theses in IT security in the past academic year.
Thiên-Duyên Lisa Nguyen Quang Do has won the ISSS Excellence Award 2014 for her Master thesis "Mobile Application Security Through Static and Dynamic Analysis", directed by
IC Adjunct Professor Philippe Janson.
The thesis project was carried out in industry to help a telecommunication company assess and optimize their use of industrial vulnerability analysis tools for securing the client and server sides of their mobile applications.
The project entailed rapidly building expertise with many programming languages, platforms, tools and applications to install, configure, operate and finally benchmark these against one another. This process enabled a clearer understanding of the effectiveness of the different tools and shed light on the vulnerabilities of the different applications. The project encountered somewhat overwhelming problems that were nevertheless quickly addressed with creative ideas mixing visionary theoretical thoughts with down-to-Earth pragmatism. As a result, effective solutions were implemented and results were delivered within a useful timeframe. Beyond its original objectives, the thesis revealed and pointed out that different applications written in different languages on different platforms tended to be subject to different classes of vulnerabilities. Specifically it showed that the most critical vulnerability patterns were not necessarily the “SANS Top 25” or the “OWASP Top 10” but depended a lot on the platform, the language, the application, and even the project team and associated development methodology. The thesis unexpectedly delivered application development guidelines for the company’s developers. It even managed to reach “satellite” project teams that were not directly integrated in the company’s application vulnerability monitoring infrastructure, essentially “roping them in” to join the company’s effort in this direction. This required clear and remarkable interpersonal communication, negotiation, leadership and “marketing” skills on the part of a young Master's thesis student to win the trust of much more senior and seasoned professionals.
ISSS is the Information Security Society of Switzerland, an association of over 1,100 IT security professionals in Switzerland.
Thiên-Duyên Lisa Nguyen Quang Do is now a doctoral student at the Fraunhofer Institute for Secure Information Technology SIT.
Further information: http://www.isss.ch/isss-excellence-award-2014