Dr. Yuting Zhang
Dr. Yuting Zhang Makes Her Mark via Practical Projects, Mobile Applications & Security
What is your area of expertise?
My past research has mainly focused on resource management in soft real-time systems, virtual machine systems, and internet end-systems, though my interests encompass all areas of computer systems. Currently, I’m focused on mobile computing and security, particularly on the Android platform. Anyone interested can find more detailed information from our Mobile Computing and Security Lab webpage.
Please tell us about your work. Can you share any current research or recent publications?
I’m currently working on two projects. The first is iSolationAlert, an effort which leverages data collected from smartphones to identify social isolation in mental illness. The challenge posed by limited access to mental health services has led to the increased implementation of mobile phone-based technologies, which can help improve the precision and ecological validity of assessment and treatment. But most of these technologies require patients to interact with a device or rely on some level of retrospective recall, and as such are subject to reporting bias. Our project utilizes smartphone sensing technology to support the collection of continuous, unobtrusive recording of social behavior in order to identify and intervene.
We developed iSolationAlert to serve as a social activity application that could help identify the social isolation of users based on information collected from their mobile phones. We also developed a speaker recognition algorithm which serves to automatically identify if the user is involved in a conversation—while respecting the user’s privacy by not storing any data from the conversation itself. This work was done in collaboration with Professor Daniel Fulford, of Sargent College, and Professor Richard West, of the College of Arts & Sciences, with funding by the Digital Health Initiative Research Award made possible by BU’s Rafik B. Hariri Institute for Computing and Computation Science and Engineering. We have finished the app’s development process and have moved to the stage where we collect and analyze preliminary data. The app was originally available via the Google Play store, but due to its research nature has been moved to our website, where it is available for download.
My second project is rooted in Android application security analysis and malware detection. For that, we proposed and developed a security analysis framework that documents a wide range of vulnerability metrics to then provide a unified and quantifiable method to evaluate the security threats in Android applications. We built and integrated a number of tools into this framework to automatically extract and analyze the security threats of Android apps from different sources. We are currently developing a web-based analysis tool to facilitate easier use of the functionality and help share of our analysis results. This tool allows the user to upload a single application and obtain its analyzed results. The user can also search applications from our database based on the keyword, and get those analysis results. The tool is also available on our website, although it is still under active development.
How does the subject you work in apply in practice? What is its application?
All my projects are designed to be very practical. Our objective is not only to solve problems in theory or in lab settings, but to develop tools that can be of use in the real world.
What course(s) do you teach at MET?
This past spring semester I taught Mobile Forensics and Security (MET CS 694) and Secure Software Development (MET CS 763). The Secure Software Development course was newly introduced this semester, designed with Master of Science in Software Development (MSSD) and Master of Science in Computer Science (MSCS) students in mind. Mobile Forensics and Security is a course I introduced in 2015, and both courses are rooted in relatively new and developing areas of the security field.
This summer, I will be teaching an online course: Mobile Application Development with Android (MET CS 683). In the past, I have taught Network Security (MET CS 690), and two of the MSCS core courses: Operating Systems (MET CS 575) and Software Engineering (MET CS 673).
I will also be spending time this summer developing the online version of our Software Engineering course, which we plan to launch next spring. I am very excited that online MSSD students will soon have the opportunity to take this course, and believe that they will benefit a lot from it.
Please highlight a particular project within these courses that most interests your students. If you previously worked in industry, what “real-life” exercises do you bring to class?
While my experience is mainly in academics, I also had some industry experience in different companies such as VMware, Intel, Linx, and Wisdom Ltd. I believe that hands-on experiences and real-life projects are very crucial for computer science students.
All my courses have lab or project components, or both. Both Software Engineering and Mobile Application Development with Android feature semester-long software development projects. Past students have developed a lot of cool and useful applications—mainly web or mobile applications. Some projects have even been put into daily usage in the real world.
In the security courses, we also have real-life exercises, such as extracting and analyzing the mobile phone data in Mobile Forensics and Security, or performing a buffer overflow attack in Software Engineering, among many others.