Original mobile security research

Quokka researchers use their mobile app and device security findings to develop our proprietary static, dynamic, and interactive app scanning engines.

Peer-reviewed academic papers

Tomassi, D. A., Nwodo, K., & Elsabagh, M. Libra: Library Identification in Obfuscated Android Apps. In Information Security: 26th International Conference, ISC 2023.

Yang, A., Elsabagh, M., Zuo, C., Johnson, R., Stavrou, A., & Lin, Z. Detecting and Measuring Misconfigured Manifests in Android Apps. In The ACM Conference on Computer and Communications Security (CCS) 2022.

Ji, Y., Elsabagh, M., Johnson, R., & Stavrou, A. DEFINIT: An Analysis of Exposed Android Init Routines. In 30th USENIX Security Symposium (USENIX Security 21) (pp. 3685-3702).

Elsabagh, M., Johnson, R., Stavrou, A., Zuo, C., Zhao, Q., & Lin, Z. (2020). FIRMSCOPE: Automatic Uncovering of Privilege-Escalation Vulnerabilities in Pre-Installed Apps in Android Firmware. In 29th USENIX Security Symposium (USENIX Security 20) (pp. 2379-2396).

Johnson, R., Elsabagh, M., Stavrou, A., & Offutt, J. (2018, May). Dazed droids: A longitudinal study of android inter-app vulnerabilities. In Proceedings of the 2018 on Asia Conference on Computer and Communications Security (pp. 777-791).

Elsabagh, M., Johnson, R., & Stavrou, A. (2018, December). Resilient and scalable cloned app detection using forced execution and compression trees. In 2018 IEEE Conference on Dependable and Secure Computing (DSC) (pp. 1-8). IEEE.

R. Johnson, N. Kiourtis, A. Stavrou and V. Sritapan, “Analysis of content copyright infringement in mobile application markets,” 2015 APWG Symposium on Electronic Crime Research (eCrime), Barcelona, Spain, 2015, pp. 1-10.

Johnson, R., & Stavrou, A. (2013, June). Forced-path execution for android applications on x86 platforms. In 2013 IEEE Seventh International Conference on Software Security and Reliability Companion (pp. 188-197). IEEE.

Authors

Our researchers’ academic papers have been cited over 350 times.

Mohamed Elsabagh
Google Scholar

Ryan Johnson
Google Scholar

Angelos Stavrou
Google Scholar

Technical reports

Johnson, R., Stavrou, A., & Elsabagh, M. (2023, July). Still Vulnerable Out of the Box: Revisiting the Security of Prepaid Android Carrier Devices. In DEF CON 2023.

Johnson, R., Elsabagh, M., & Stavrou, A. (2022). Start Arbitrary Activity App Components as the System User Vulnerability Affecting Samsung Android Devices. In Black Hat Asia 2022.

Johnson, R., Elsabagh, M., & Stavrou, A. (2021). (Un)protected Broadcasts in Android 9 and 10. In Black Hat Asia 2021.

Johnson, R., Benameur, A., & Stavrou, A., (2017, July). All Your SMS & Contacts Belong to Adups & Others. In Black Hat USA 2017.

Johnson, R., & Stavrou, A. (2015, March). Resurrecting the READ LOGS Permission on Samsung Devices. In Black Hat Asia 2015.

Conference Talks

Ryan Johnson frequently travels the globe to share his research findings at top security conferences.

Defcon logo

DEF CON 32
2024
Android App Usage and Cell Tower Location: Private. Sensitive. Available to Anyone?

Blackhat middle east and africa logo

Black Hat MEA
2023
Still Vulnerable Out of the Box: Revisiting the Security of Prepaid Android Carrier Devices

Defcon logo

DEF CON 31
2023
Still Vulnerable Out of the Box: Revisiting the Security of Prepaid Android Carrier Devices

Blackhat logo

Black Hat Asia
2022
Start Arbitrary Activity App Components as the System User Vulnerability Affecting Samsung Android Devices

@Hack logo

@Hack
2021
How (Not) to Expose the Content of Notifications – A Historical Perspective on Samsung Android Smartphones / I Am Root: Security Analysis of Simo’s vSIM Android Software / (Un)protected Broadcasts in Android 9 and 10

Blackhat logo

Black Hat Asia
2021
(Un)protected Broadcasts in Android 9 and 10

IT defense logo

IT-DEFENSE
2020
Countering Pre-Installed App Supply Chain Threats

Quokka technology powers  CVE discovery

Quokka discovers and delivers unsurpassed mobile security intelligence

Real-world context

Only endpoint protection to scan all apps, data destinations, and system configurations in context of each mobile device in order to enable remediation

10M+

devices protected

115k+

vulnerabilities found

2M+

apps scanned

Original research

Only researchers in the industry to discover hundreds of new zero-day vulnerabilities and threats that power proprietary app scanning engines

500+

zero-day device vulnerabilities

350+

academic citations

230+

mobile CVEs

11

academic papers

Privacy-first approach

First and only mobile endpoint protection that end users trust because no personal information or data is collected or shared with enterprise IT

0

personal info or data

Defense-grade engines

Longest-standing mobile security for the US Federal Government, founded with grants from DARPA and NIST

30+

international governmental agencies