To see the other types of publications on this topic, follow the link: Android App Security Analysis.
Dissertations / Theses on the topic 'Android App Security Analysis'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 48 dissertations / theses for your research on the topic 'Android App Security Analysis.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Wei, Fengguo. "Precise, General, and Efficient Data-flow Analysis for Security Vetting of Android Apps." Scholar Commons, 2018. https://scholarcommons.usf.edu/etd/7377.
Full textAbstract:
This dissertation presents a new approach to static analysis for security vetting of Android apps, and a general framework called Argus-SAF. Argus-SAF determines points-to information for all objects in an Android app component in a flow and context-sensitive (user-configurable) way and performs data-flow and data dependence analysis for the component. Argus-SAF also tracks inter-component communication activities. It can stitch the component-level information into the app- level information to perform intra-app or inter-app analysis. Moreover, Argus-SAF is NDK/JNI- aware and can efficiently track precise data-flow across language boundary. This dissertation shows that, (a) the aforementioned type of comprehensive app analysis is utterly feasible in terms of computing resources with modern hardware, (b) one can easily leverage the results from this general analysis to build various types of specialized security analyses – in many cases the amount of additional coding needed is around 100 lines of code, and (c) the result of those specialized analyses leveraging Argus-SAF is at least on par and often exceeds prior works designed for the specific problems, which this dissertation demonstrate by comparing Argus-SAF’s results with those of prior works whenever the tool can be obtained. Since Argus-SAF’s analysis directly handles intercomponent and inter-language control and data flows, it can be used to address security problems that result from interactions among multiple components from either the same or different apps and among java code and native code. Argus-SAF’s analysis is sound in that it can assure the absence of the specified security problems in an app with well-specified and reasonable assumptions on Android runtime system and its library.
2
Kulkarni, Keyur. "Android Malware Detection through Permission and App Component Analysis using Machine Learning Algorithms." University of Toledo / OhioLINK, 2018. http://rave.ohiolink.edu/etdc/view?acc_num=toledo1525454213460236.
Full text
3
Amini, Shahriyar. "Analyzing Mobile App Privacy Using Computation and Crowdsourcing." Research Showcase @ CMU, 2014. http://repository.cmu.edu/dissertations/327.
Full textAbstract:
Mobile apps can make use of the rich data and sensors available on smartphones to offer compelling services. However, the use of sensitive resources by apps is not always justified, which has led to new kinds of privacy risks and challenges. While it is possible for app market owners and third-parties to analyze the privacy-related behaviors of apps, present approaches are difficult and tedious.
I present two iterations of the design, implementation, and evaluation of a system, Gort, which enables more efficient app analysis, by reducing the burden of instrumenting apps, making it easier to find potential privacy problems, and presenting sensitive behavior in context. Gort interacts with apps while instrumenting them to detect sensitive information transmissions. It then presents this information along with the associated app context to a crowd of users to obtain their expectations and comfort regarding the privacy implications of using the app. Gort also runs a set of heuristics on the app to flag potential privacy problems. Finally, Gort synthesizes the information obtained through its analysis and presents it in an interactive GUI, built specifically for privacy analysts.
This work offers three distinct new advances over the state of the art. First, Gort uses a set of heuristics, elicited through interviews with 12 experts, to identify potential app privacy problems. Gort heuristics present high-level privacy problems instead of the overwhelming amount of information offered through existing tools. Second, Gort automatically interacts with apps by discovering and interacting with UI elements while instrumenting app behavior. This eliminates the need for analysts to manually interact with apps or to script interactions. Third, Gort uses crowdsourcing in a novel way to determine whether app privacy leaks are legitimate and desirable and raises red flags about potentially suspicious app behavior. While existing tools can detect privacy leaks, they cannot determine whether the privacy leaks are beneficial or desirable to the user. Gort was evaluated through two separate user studies. The experiences from building Gort and the insights from the user studies guide the creation of future systems, especially systems intended for the inspection and analysis of software.
4
Poudel, Prabesh. "Security Vetting Of Android Applications Using Graph Based Deep Learning Approaches." Bowling Green State University / OhioLINK, 2021. http://rave.ohiolink.edu/etdc/view?acc_num=bgsu1617199500076786.
Full text
5
Nguyen, Duc Cuong [Verfasser]. "Improving Android app security and privacy with developers / Duc Cuong Nguyen." Saarbrücken : Saarländische Universitäts- und Landesbibliothek, 2020. http://d-nb.info/1241117314/34.
Full text
6
MOHAMMAD, TAFIQUR RAHMAN. "Android App Store (Google Play) Mining and Analysis." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-127670.
Full textAbstract:
The aim of mining and analysis of Apps in Google Play, the largest Android app store, is to provide in-depth insight on the hidden properties of the repository to app developers or app market contributors. This approach can help them to view the current circumstances of the market and make valuable decisions before releasing products. To perform this analysis, all available features (descriptions of the app, app developer information, app version, updating date, category, number of download, app size, user rating, number of participants in rating, price, user reviews and security policies) are collected for the repositoryand stored in structured prole for each app. This scientic study is mainly divided into two approaches: measuring pair-wise correlations between extracted features and clustering the dataset into number of groups with functionally similar apps. Two distinct datasets are exploited to perform the study, one of which is collected from Google Play (in 2012) and another one from Android Market, the former version of Google Play (in 2011). As soon as experiments and analysis is successfully conducted, signicant levels of pair-wise correlations are identied between some features for both datasets, which are further compared to achieve a generalized conclusion. Finally, cluster analysis is done to provide a similarity based recommendation system through probabilistic topic modeling method that can resolve Google Play's deciency upon app similarity.
7
Lu, Can. "Revisiting the Evolution of Android Permissions." University of Cincinnati / OhioLINK, 2018. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1535377084768501.
Full text
8
Barton, Daniel John Trevino. "Usable Post-Classification Visualizations for Android Collusion Detection and Inspection." Thesis, Virginia Tech, 2016. http://hdl.handle.net/10919/72286.
Full textAbstract:
Android malware collusion is a new threat model that occurs when multiple Android apps communicate in order to execute an attack. This threat model threatens all Android users' private information and system resource security. Although recent research has made advances in collusion detection and classification, security analysts still do not have robust tools which allow them to definitively identify colluding Android applications. Specifically, in order to determine whether an alert produced by a tool scanning for Android collusion is a true-positive or a false-positive, the analyst must perform manual analysis of the suspected apps, which is both time consuming and prone to human errors. In this thesis, we present a new approach to definitive Android collusion detection and confirmation by rendering inter-component communications between a set of potentially collusive Android applications. Inter-component communications (abbreviated to ICCs), are a feature of the Android framework that allows components from different applications to communicate with one another. Our approach allows Android security analysts to inspect all ICCs within a set of suspicious Android applications and subsequently identify collusive attacks which utilize ICCs. Furthermore, our approach also visualizes all potentially collusive data-flows within each component within a set of apps. This allows analysts to inspect, step-by-step, the the data-flows that are currently used by collusive attacks, or the data-flows that could be used for future collusive attacks. Our tool effectively visualizes the malicious and benign ICCs in sets of proof-of-concept and real-world colluding applications. We conducted a user study which revealed that our approach allows for accurate and efficient identification of true- and false-positive collusive ICCs while still maintaining usability.<br>Master of Science
9
Rimando, Ryan A. "Development and analysis of security policies in security enhanced Android." Thesis, Monterey, California. Naval Postgraduate School, 2012. http://hdl.handle.net/10945/27896.
Full textAbstract:
This thesis examines Security Enhanced Android. Both its policy and its additional security features are explored. The policy is examined in depth, providing a better understanding of the security provided by SE Android. We analyze the default SE Android policy. We identify a potential weakness and change the policy to facilitate control over communication channels. A proof-of-concept set of applications is developed to demonstrate how SE Android can be used to improve application security. The proof-of-concept policy is then analyzed to determine if security goals are met.
10
Feleke, Nebiyu A. "Security analysis of finance and healthcare android applications." Thesis, Boston University, 2013. https://hdl.handle.net/2144/12099.
Full textAbstract:
Thesis (M.S.)--Boston University<br>Android is a major mobile operating system pre-installed and shipped with more than 60% of smart-phones in the market. The open source nature of android en- courages developers to innovate wide-range of applications. Meantime, the sweeping android acceptance with individuals and industries caught the attention of malicious software writers, which led to a sharp increase of security threats. Such threats raise a deeper concern in financial and healthcare applications that are inherently bound to handle private and sensitive information.
The research provides a deeper analysis on security vulnerabilities of android applications in finance and healthcare category, from official Google app store. It is proposed and implemented a security analysis framework that takes account of a wide range of vulnerability metrics to provide unified and quantified method of measuring android applications vulnerability. The framework implementation automated the process of crawling google's app store, downloading applications package to a repository and conducting vulnerability analysis. It automatically extracts security parameters, measures vulnerability metrics and generates vulnerability report. The security parameters were extracted from manifest, de-compiled source code and app store meta-data.
The analysis, on the top 632 free apps from finance and medical category revealed that on average financial apps found to be more vulnerable than medical apps. Medical apps have the maximum value for all types of vulnerabilities. Furthermore, a descriptive statistical analysis on the vulnerability metrics revealed that there is a linear relationship between implicitly open components and the number of times they access sensitive android resources.
11
Chaulagain, Dewan. "Hybrid Analysis of Android Applications for Security Vetting." Bowling Green State University / OhioLINK, 2019. http://rave.ohiolink.edu/etdc/view?acc_num=bgsu1555608766287613.
Full text
12
Elish, Karim Omar Mahmoud. "User-Intention Based Program Analysis for Android Security." Diss., Virginia Tech, 2015. http://hdl.handle.net/10919/54943.
Full textAbstract:
The number of mobile applications (i.e., apps) is rapidly growing, as the mobile computing becomes an integral part of the modern user experience. Malicious apps have infiltrated open marketplaces for mobile platforms. These malicious apps can exfiltrate user's private data, abuse of system resources, or disrupting regular services. Despite the recent advances on mobile security, the problem of detecting vulnerable and malicious mobile apps with high detection accuracy remains an open problem.
In this thesis, we address the problem of Android security by presenting a new quantitative program analysis framework for security vetting of Android apps. We first introduce a highly accurate proactive detection solution for detecting individual malicious apps. Our approach enforces benign property as opposed of chasing malware signatures, and uses one complex feature rather than multi-feature as in the existing malware detection methods. In particular, we statically extract a data-flow feature on how user inputs trigger sensitive critical operations, a property referred to as the user-trigger dependence. This feature is extracted through nontrivial Android-specific static program analysis, which can be used in various quantitative analytical methods. Our evaluation on thousands of malicious apps and free popular apps gives a detection accuracy (2% false negative rate and false positive rate) that is better than, or at least competitive against, the state-of-the-art. Furthermore, our method discovers new malicious apps available in the Google Play store that have not been previously detected by anti-virus scanning tools.
Second, we present a new app collusion detection approach and algorithms to analyze pairs or groups of communicating apps. App collusion is a new technique utilized by the attackers to evade standard detection. It is a new threat where two or more apps, appearing benign, communicate to perform malicious task. Most of the existing solutions assume the attack model of a stand-alone malicious app, and hence cannot detect app collusion. We first demonstrate experimental evidence on the technical challenges associated with detecting app collusion. Then, we address these challenges by introducing a scalable and an in-depth cross-app static flow analysis approach to identify the risk level associated with communicating apps. Our approach statically analyzes the sensitivity and the context of each inter-app communication with low analysis complexity, and defines fine-grained security policies for the inter-app communication risk detection. Our evaluation results on thousands of free popular apps indicate that our technique is effective. It generates four times fewer false positives compared to the state-of-the-art collusion-detection solution, enhancing the detection capability. The advantages of our inter-app communication analysis approach are the analysis scalability with low complexity, and the substantially improved detection accuracy compared to the state-of-the-art solution. These types of proactive defenses solutions allow defenders to stay proactive when defending against constantly evolving malware threats.<br>Ph. D.
13
Dell'Aguzzo, Paolo. "The secret life of software applications." Bachelor's thesis, Alma Mater Studiorum - Università di Bologna, 2014. http://amslaurea.unibo.it/7405/.
Full textAbstract:
One of the most undervalued problems by smartphone users is the security of data on their mobile devices. Today smartphones and tablets are used to send messages and photos and especially to stay connected with social networks, forums and other platforms. These devices contain a lot of private information like passwords, phone numbers, private photos, emails, etc. and an attacker may choose to steal or destroy this information.
The main topic of this thesis is the security of the applications present on the most popular stores (App Store for iOS and Play Store for Android) and of their mechanisms for the management of security.
The analysis is focused on how the architecture of the two systems protects users from threats and highlights the real presence of malware and spyware in their respective application stores. The work described in subsequent chapters explains the study of the behavior of 50 Android applications and 50 iOS applications performed using network analysis software. Furthermore, this thesis presents some statistics about malware and spyware present on the respective stores and the permissions they require. At the end the reader will be able to understand how to recognize malicious applications and which of the two systems is more suitable for him. This is how this thesis is structured. The first chapter introduces the security mechanisms of the Android and iOS platform architectures and the security mechanisms of their respective application stores. The Second chapter explains the work done, what, why and how we have chosen the tools needed to complete our analysis. The third chapter discusses about the execution of tests, the protocol followed and the approach to assess the “level of danger” of each application that has been checked. The fourth chapter explains the results of the tests and introduces some statistics on the presence of malicious applications on Play Store and App Store. The fifth chapter is devoted to the study of the users, what they think about and how they might avoid malicious applications. The sixth chapter seeks to establish, following our methodology, what application store is safer. In the end, the seventh chapter concludes the thesis.
14
Thakur, Neha S. "Forensic Analysis of WhatsApp on Android Smartphones." ScholarWorks@UNO, 2013. http://scholarworks.uno.edu/td/1706.
Full textAbstract:
Android forensics has evolved over time offering significant opportunities and exciting challenges. On one hand, being an open source platform Android is giving developers the freedom to contribute to the rapid growth of the Android market whereas on the other hand Android users may not be aware of the security and privacy implications of installing these applications on their phones. Users may assume that a password-locked device protects their personal information, but applications may retain private information on devices, in ways that users might not anticipate. In this thesis we will be concentrating on one such application called 'WhatsApp', a popular social networking application. We will be forming an outline on how forensic investigators can extract useful information from WhatsApp and from similar applications installed on an Android platform. Our area of focus is extraction and analysis of application user data from non-volatile external storage and the volatile memory (RAM) of an Android device.
15
Hanyáš, Martin. "Analýza bezpečnostních vlastností v OS Android." Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2014. http://www.nusl.cz/ntk/nusl-236128.
Full textAbstract:
This thesis describes operating system Android and its security aspects. Furthermore, the thesis will focus on the forensics analysis of this operating system. The aim is to create forensics application which allows to get sensitive data as well as to make forensic analysis using established tools, and to create background materials for teaching.
16
Ali-Gombe, Aisha Ibrahim. "Malware Analysis and Privacy Policy Enforcement Techniques for Android Applications." ScholarWorks@UNO, 2017. http://scholarworks.uno.edu/td/2290.
Full textAbstract:
The rapid increase in mobile malware and deployment of over-privileged applications over the years has been of great concern to the security community. Encroaching on user’s privacy, mobile applications (apps) increasingly exploit various sensitive data on mobile devices. The information gathered by these applications is sufficient to uniquely and accurately profile users and can cause tremendous personal and financial damage.
On Android specifically, the security and privacy holes in the operating system and framework code has created a whole new dynamic for malware and privacy exploitation. This research work seeks to develop novel analysis techniques that monitor Android applications for possible unwanted behaviors and then suggest various ways to deal with the privacy leaks associated with them.
Current state-of-the-art static malware analysis techniques on Android-focused mainly on detecting known variants without factoring any kind of software obfuscation. The dynamic analysis systems, on the other hand, are heavily dependent on extending the Android OS and/or runtime virtual machine. These methodologies often tied the system to a single Android version and/or kernel making it very difficult to port to a new device. In privacy, accesses to the database system’s objects are not controlled by any security check beyond overly-broad read/write permissions. This flawed model exposes the database contents to abuse by privacy-agnostic apps and malware. This research addresses the problems above in three ways.
First, we developed a novel static analysis technique that fingerprints known malware based on three-level similarity matching. It scores similarity as a function of normalized opcode sequences found in sensitive functional modules and application permission requests. Our system has an improved detection ratio over current research tools and top COTS anti-virus products while maintaining a high level of resiliency to both simple and complex obfuscation.
Next, we augment the signature-related weaknesses of our static classifier with a hybrid analysis system which incorporates bytecode instrumentation and dynamic runtime monitoring to examine unknown malware samples. Using the concept of Aspect-oriented programming, this technique involves recompiling security checking code into an unknown binary for data flow analysis, resource abuse tracing, and analytics of other suspicious behaviors. Our system logs all the intercepted activities dynamically at runtime without the need for building custom kernels.
Finally, we designed a user-level privacy policy enforcement system that gives users more control over their personal data saved in the SQLite database. Using bytecode weaving for query re-writing and enforcing access control, our system forces new policies at the schema, column, and entity levels of databases without rooting or voiding device warranty.
17
Bjurling, Patrik. "Design and Implementation of a Secure In-app Credit Card Payment System." Thesis, Linköpings universitet, Institutionen för datavetenskap, 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-112745.
Full textAbstract:
Smartphones are often used in order to make purchases today and mobile payments are estimated to continue growing in numbers the following years. This makes mobile payment systems attractive to companies as a new business platform. It also increases the number of malicious users trying to exploit the systems for financial gain. This thesis is conducted for the company TaxiCaller which desires to integrate mobile payments into their existing service. It discusses the current security standards for mobile payments and evaluates existing mobile payment solutions. The focus of the evaluation is on the security of the solutions and vulnerabilities, as well as mitigations of identified vulnerabilities, are discussed. Based on the evaluation, a mobile payment solution is designed and implemented. This system fully integrates with TaxiCaller’s existing system. A threat analysis of the implemented mobile payment solution is performed to provide confidence in the security. This thesis also provides an insight into the ecosystem of mobile payments including the stakeholders, the regulations, the security standards and difficulties during implementations.
18
Hedlund, Filip, and Emma Loots. "Information Security Risk Assessment : An Analysis of a Medical Aid Service." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-284151.
Full textAbstract:
Security in the healthcare sector has historically been insufficient, seeing several high-profile cyber-attacks crippling availability of equipment and vital services with demands of ransom sums, and intrusions collecting sensitive patient data en masse. For this reason, digital services intended for medical use need to be convincingly secure in order to be adopted. This report investigates how to implement sufficient information security for a system involving a digital pill organiser with mobile application connectivity intended for professional medical use. Each component of the currently-indevelopment Dosis Pro system is systematically evaluated in order to assess which security measures need to be taken for the service to be considered adequately secure. The analysis is structured around the ISO IEC 27001:2013 guidelines, and potential solutions are suggested on a per-component basis based on a broad literature study in related research. The result is practical solutions for 19 highlighted problem areas, which should achieve a reasonable level of security overall in combination with the careful data flow of the service. Further, to achieve an exceptionally secure system it is advisable to test the solutions on a complete system, and continuously carry out similar evaluations and improve its design throughout several years of operation.<br>Hälsovårdssektorn har genom tiderna utstått många angrepp mot sina digitala verktyg och tjänster. Det har rådit allt från storskaliga dataintrång till förhindrande av kritiska offentliga tjänster med krav på lösensummor. På grund av det här måste digitala produkter avsedda för medicinskt bruk visas vara säkra för att bli accepterade. I detta examensarbete undersöks det hur man kan implementera fullgod datasäkerhet för ett system kring en digital pillerdosa med appanslutning avsedd för bruk inom vården. I rapporten undersöks systematiskt varje komponent av Dosis Pro-tjänsten för att avgöra vilka säkerhetsrisker som existerar och vilka åtgärder som behöver vidtas för att tjänsten ska kunna konstateras vara säker. Analysen struktureras enligt riktlinjerna från ISO IEC 27001:2013, lösningar föreslås komponentvis utifrån en bred litteraturstudie inom relaterad forskning. Resultatet är praktiska lösningar för 19 identifierade problemområden, vilka tillsammans bör uppnå en godkänd säkerhetsnivå medräknat tjänstens försiktiga data-flöde. Vidare, för att uppnå ett exceptionellt säkert system, rekommenderas det att testa lösningarna i ett färdigt system, och kontinuerligt utföra liknande utvärderingar för att göra förbättringar under flera år av drift.
19
Derr, Erik [Verfasser], and Michael [Akademischer Betreuer] Backes. "Understanding and assessing security on Android via static code analysis / Erik Derr ; Betreuer: Michael Backes." Saarbrücken : Saarländische Universitäts- und Landesbibliothek, 2018. http://d-nb.info/116777079X/34.
Full text
20
Derr, Erik Verfasser], and Michael [Akademischer Betreuer] [Backes. "Understanding and assessing security on Android via static code analysis / Erik Derr ; Betreuer: Michael Backes." Saarbrücken : Saarländische Universitäts- und Landesbibliothek, 2018. http://nbn-resolving.de/urn:nbn:de:bsz:291-scidok-ds-273450.
Full text
21
Sengelmann, Michael. "An Overview of Reverse Engineering and A Security Analysis of TikTok." University of Cincinnati / OhioLINK, 2020. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1613748245334672.
Full text
22
Borek, Martin. "Intrusion Detection System for Android : Linux Kernel System Salls Analysis." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-222382.
Full textAbstract:
Smartphones provide access to a plethora of private information potentially leading to financial and personal hardship, hence they need to be well protected. With new Android malware obfuscation and evading techniques, including encrypted and downloaded malicious code, current protection approaches using static analysis are becoming less effective. A dynamic solution is needed that protects Android phones in real time. System calls have previously been researched as an effective method for Android dynamic analysis. However, these previous studies concentrated on analysing system calls captured in emulated sandboxed environments, which does not prove the suitability of this approach for real time analysis on the actual device. This thesis focuses on analysis of Linux kernel system calls on the ARMv8 architecture. Given the limitations of android phones it is necessary to minimise the resources required for the analyses, therefore we focused on the sequencing of system calls. With this approach, we sought a method that could be employed for a real time malware detection directly on Android phones. We also experimented with different data representation feature vectors; histogram, n-gram and co-occurrence matrix. All data collection was carried out on a real Android device as existing Android emulators proved to be unsuitable for emulating a system with the ARMv8 architecture. Moreover, data were collected on a human controlled device since reviewed Android event generators and crawlers did not accurately simulate real human interactions. The results show that Linux kernel sequencing carry enough information to detect malicious behaviour of malicious applications on the ARMv8 architecture. All feature vectors performed well. In particular, n-gram and co-occurrence matrix achieved excellent results. To reduce the computational complexity of the analysis, we experimented with including only the most commonly occurring system calls. While the accuracy degraded slightly, it was a worthwhile trade off as the computational complexity was substantially reduced.<br>Smartphones ger tillgång till en uppsjö av privat information som potentiellt kan leda till finansiella och personliga svårigheter. Därför måste de vara väl skyddade. En dynamisk lösning behövs som skyddar Android-telefoner i realtid. Systemanrop har tidigare undersökts som en effektiv metod för dynamisk analys av Android. Emellertid fokuserade dessa tidigare studier på systemanrop i en emulerad sandbox miljö, vilket inte visar lämpligheten av detta tillvägagångssätt för realtidsanalys av själva enheten. Detta arbete fokuserar på analys av Linux kärnan systemanrop på ARMv8 arkitekturen. Givet begränsningarna som existerar i Android-telefoner är det väsentligt att minimera resurserna som krävs för analyserna. Därför fokuserade vi på sekvenseringen av systemanropen. Med detta tillvägagångssätt sökte vi en metod som skulle kunna användas för realtidsdetektering av skadliga program direkt på Android-telefoner. Vi experimenterade dessutom med olika funktionsvektorer för att representera data; histogram, n-gram och co-occurrence matriser. All data hämtades från en riktig Android enhet då de existerande Android emulatorerna visade sig vara olämpliga för att emulera ett system med ARMv8 arkitekturen. Resultaten visar att Linus kärnans sekvensering har tillräckligt med information för att upptäcka skadligt beteende av skadliga applikationer på ARMv8 arkitekturen. Alla funktionsvektorer presterade bra. N-gram och cooccurrence matriserna uppnådde till och med lysande resultat. För att reducera beräkningskomplexiteten av analysen, experimenterade vi med att enbart använda de vanligaste systemanropen. Fast noggrannheten minskade lite, var det värt uppoffringen eftersom beräkningskomplexiteten reducerades märkbart.
23
Dahlberg, Daniel, Tim Irmel, and Jacob Forsström. "Android-användaren och appbehörigheter : Attityder och beteenden kopplat till säkerhet på mobilen." Thesis, Umeå universitet, Institutionen för informatik, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:umu:diva-148004.
Full textAbstract:
The Android OS is ever growing on the global market, reaching more and more people. This have led to the distribution of millions of applications, that the Android user can interact with. However, the usage of Android apps is not risk free and there are various methods deployed by Google Play to protect the privacy of the Android owner. One of these protective measures are permissions. However, as permissions are controlled by the user, there is a need of comprehending the user behaviour and attitude to the permissions. Lack of understanding the importance, and of the permission itself, could present a real danger of privacy trespassing to the user. In this paper we evaluate the rate of attitude and behaviour by questionnaire and empirical quality-driven interviews. We compare and scrutinize our data with older studies. We identify factors contributing the failure to comply with permission warnings. Also, we find that there are connections between factors such as gender and age, for how the user behaviour and attitude conclude with permissions. In the end we present an exhaustive analysis and discussion to our results, ending with a conclusion that there are differences to be found from older studies and that there are connections in gender and age with how the user acts by permissions.
24
SILVA, FILHO Paulo de Barros e. "Static analysis of implicit control flow: resolving Java reflection and Android intents." Universidade Federal de Pernambuco, 2016. https://repositorio.ufpe.br/handle/123456789/17637.
Full textAbstract:
Submitted by Fabio Sobreira Campos da Costa (fabio.sobreira@ufpe.br) on 2016-08-08T12:21:17Z
No. of bitstreams: 2
license_rdf: 1232 bytes, checksum: 66e71c371cc565284e70f40736c94386 (MD5)
2016-pbsf-msc.pdf: 596422 bytes, checksum: be9375166fe6e850180863e08b7997d8 (MD5)<br>Made available in DSpace on 2016-08-08T12:21:17Z (GMT). No. of bitstreams: 2
license_rdf: 1232 bytes, checksum: 66e71c371cc565284e70f40736c94386 (MD5)
2016-pbsf-msc.pdf: 596422 bytes, checksum: be9375166fe6e850180863e08b7997d8 (MD5)
Previous issue date: 2016-03-04<br>FACEPE<br>Implicit or indirect control flow allows a transfer of control to a procedure without having
to call the procedure explicitly in the program. Implicit control flow is a staple design pattern
that adds flexibility to system design. However, it is challenging for a static analysis to compute
or verify properties about a system that uses implicit control flow.
When a static analysis encounters a procedure call, the analysis usually approximates
the call’s behavior by a summary, which conservatively generalizes the effects of any target of
the call. In previous work, a static analysis that verifies security properties was developed for
Android apps, but failed to achieve high precision in the presence of implicit control flow.
This work presents static analyses for two types of implicit control flow that frequently
appear in Android apps: Java reflection and Android intents. In our analyses, the summary
of a method is the method’s signature. Our analyses help to resolve where control flows and
what data is passed. This information improves the precision of downstream analyses, which no
longer need to make conservative assumptions about implicit control flow, while maintaining the
soundness.
We have implemented our techniques for Java. We enhanced an existing security analysis
with a more precise treatment of reflection and intents. In a case study involving ten real-world
Android apps that use both intents and reflection, the precision of the security analysis was
increased on average by two orders of magnitude. The precision of two other downstream
analyses was also improved.<br>Fluxo de controle implícito, ou indireto, permite que haja uma transferência de controle para um procedimento sem que esse procedimento seja invocado de forma explícita pelo programa. Fluxo de controle implícito é um padrão de projeto comum e bastante utilizado na prática, que adiciona flexibilidade no design de um sistema. Porém, é um desafio para uma análise estática ter que computar e verificar propriedades sobre um sistema que usa fluxos de controle implícito. Quando uma análise estática encontra uma chamada a uma procedimento, geralmente a análise aproxima o comportamento da chamada de acordo com o sumário do método, generalizando de uma forma conservadora os efeitos da chamada ao procedimento. Em trabalho anterior, uma análise estática de segurança foi desenvolvida para aplicações Android, mas falhou em obter uma alta precisão na presença de fluxos de controle implícito. Este trabalho apresenta uma análise estática para dois tipos de fluxos de controle implícito que aparecem frequentemente em aplicações Android: Java reflection e Android intents. Nas nossas análises, o sumário de um método é a assinatura do método. Nossas análises ajudam a descobrir para onde o controle flui e que dados estão sendo passados. Essa informação melhora a precisão de outras análises estáticas, que não precisam mais tomar medidas conservadoras na presença de fluxo de controle implícito. Nós implementamos a nossa técnica em Java. Nós melhoramos uma análise de segurança existente através de um tratamento mais preciso em casos de reflection e intents. Em um estudo de caso envolvendo dez aplicações Android reais que usam reflection e intents, a precisão da análise de segurança aumentou em duas ordens de magnitude. A precisão de outras duas análises estáticas também foi melhorada.
25
Titze, Dennis Oliver [Verfasser], Claudia [Akademischer Betreuer] Eckert, Claudia [Gutachter] Eckert, and Uwe [Gutachter] Baumgarten. "Analysis and Mitigation of Security Issues on Android / Dennis Oliver Titze ; Gutachter: Claudia Eckert, Uwe Baumgarten ; Betreuer: Claudia Eckert." München : Universitätsbibliothek der TU München, 2019. http://d-nb.info/1184476950/34.
Full text
26
Yu, Xiaodong. "Algorithms and Frameworks for Accelerating Security Applications on HPC Platforms." Diss., Virginia Tech, 2019. http://hdl.handle.net/10919/93510.
Full textAbstract:
Typical cybersecurity solutions emphasize on achieving defense functionalities. However, execution efficiency and scalability are equally important, especially for real-world deployment. Straightforward mappings of cybersecurity applications onto HPC platforms may significantly underutilize the HPC devices' capacities. On the other hand, the sophisticated implementations are quite difficult: they require both in-depth understandings of cybersecurity domain-specific characteristics and HPC architecture and system model.
In our work, we investigate three sub-areas in cybersecurity, including mobile software security, network security, and system security. They have the following performance issues, respectively: 1) The flow- and context-sensitive static analysis for the large and complex Android APKs are incredibly time-consuming. Existing CPU-only frameworks/tools have to set a timeout threshold to cease the program analysis to trade the precision for performance. 2) Network intrusion detection systems (NIDS) use automata processing as its searching core and requires line-speed processing. However, achieving high-speed automata processing is exceptionally difficult in both algorithm and implementation aspects. 3) It is unclear how the cache configurations impact time-driven cache side-channel attacks' performance. This question remains open because it is difficult to conduct comparative measurement to study the impacts.
In this dissertation, we demonstrate how application-specific characteristics can be leveraged to optimize implementations on various types of HPC for faster and more scalable cybersecurity executions. For example, we present a new GPU-assisted framework and a collection of optimization strategies for fast Android static data-flow analysis that achieve up to 128X speedups against the plain GPU implementation. For network intrusion detection systems (IDS), we design and implement an algorithm capable of eliminating the state explosion in out-of-order packet situations, which reduces up to 400X of the memory overhead. We also present tools for improving the usability of Micron's Automata Processor. To study the cache configurations' impact on time-driven cache side-channel attacks' performance, we design an approach to conducting comparative measurement. We propose a quantifiable success rate metric to measure the performance of time-driven cache attacks and utilize the GEM5 platform to emulate the configurable cache.<br>Doctor of Philosophy<br>Typical cybersecurity solutions emphasize on achieving defense functionalities. However, execution efficiency and scalability are equally important, especially for the real-world deployment. Straightforward mappings of applications onto High-Performance Computing (HPC) platforms may significantly underutilize the HPC devices’ capacities. In this dissertation, we demonstrate how application-specific characteristics can be leveraged to optimize various types of HPC executions for cybersecurity. We investigate several sub-areas, including mobile software security, network security, and system security. For example, we present a new GPU-assisted framework and a collection of optimization strategies for fast Android static data-flow analysis that achieve up to 128X speedups against the unoptimized GPU implementation. For network intrusion detection systems (IDS), we design and implement an algorithm capable of eliminating the state explosion in out-of-order packet situations, which reduces up to 400X of the memory overhead. We also present tools for improving the usability of HPC programming. To study the cache configurations’ impact on time-driven cache side-channel attacks’ performance, we design an approach to conducting comparative measurement. We propose a quantifiable success rate metric to measure the performance of time-driven cache attacks and utilize the GEM5 platform to emulate the configurable cache.
27
Andriatsimandefitra, Ratsisahanana Radoniaina. "Caractérisation et détection de malware Android basées sur les flux d'information." Thesis, Supélec, 2014. http://www.theses.fr/2014SUPL0025/document.
Full textAbstract:
Les flux d’information sont des transferts d’information entre les objets d’un environnement donné. À l’échelle du système, pour toute information appartenant à une application donnée, les flux impliquant cette information décrivent comment l’application propage ses données dans le système et l’ensemble de ces flux peut ainsi être considéré comme un profil comportemental de l’application. À cause du nombre croissant d’applications malveillantes, il est devenu nécessaire d’explorer des nouvelles techniques permettant de faciliter voir automatiser l’analyse et la détection de malware. Dans cette thèse, nous proposons ainsi une méthode pour caractériser et détecter les malware Android en nous basant sur les flux d’information qu’ils causent dans le système. Cette méthode repose sur deux autres contributions de la thèse : AndroBlare, la version Android d’un moniteur de flux d’information du nom de Blare, et les graphes de flux système, une structure de donnée représentant de manière compacte et humainement compréhensible les flux d’information observés. Nous avons évalué avec succès notre approche en construisant le profil de 4 malware différents et avons montré que ces profils permettaient de détecter l’exécution d’applications infectées par les malware dont on a un profil<br>: Information flows are information exchanges between objects in a given environment. At system level, information flows involving data belonging to a given application describe how this application disseminates its data in the system and can be considered as behaviour based profile of the application. Because of the increasing number of Android malware, there is an urgent need to explore new approaches to analyse and detect Android malware. In this thesis, we thus propose an approach to characterize and detect Android malware based on information flows they cause in the system. This approach leverages two other contributions of the thesis which are AndroBlare, the Android version of an information flow monitor named Blare, and the system flow graph, a data structure to represent in a compact and human readable way the information flows observed by AndroBlare. We successfully evaluated our approach by building the profile of 4 different malware and showed that these profiles permitted to detect the execution of applications infected by malware for which we have computed a profile
28
Frini, Marouane. "Diagnostic des engrenages à base des indicateurs géométriques des signaux électriques triphasés." Thesis, Lyon, 2018. http://www.theses.fr/2018LYSES052.
Full textAbstract:
Bien qu’ils soient largement utilisés dans le domaine, les mesures vibratoires classiques présentent plusieurs limites. A la base, l’analyse vibratoire ne peut identifier qu’environ 60% des défauts qui peuvent survenir dans les machines. Cependant, les principaux inconvénients des mesures de la vibration sont l’accès difficile au système de transmission afin d’y placer le capteur ainsi que le coût conséquent de la mise en œuvre. Ceci résulte en des problèmes de sensibilité relatifs à la position de l’installation et ceux de difficulté pour distinguer la source de vibration à cause de la diversité des excitations mécaniques qui existent dans l’environnement industriel.Par conséquent, l’analyse des signatures du courant électrique des moteurs s’impose comme une alternative prometteuse à l’analyse vibratoire et a donc fait l’objet d’une attention grandissante au cours des dernières années. En effet, l’analyse des signatures électriques a l’avantage d’être une méthode techniquement accessible, non-intrusive au système et peu coûteuse. Les techniques basées sur le courant et la tension ne requièrent que les mesures électriques du moteur qui sont souvent déjà surveillées pour le contrôle et la protection des machines électriques. Ce processus a été principalement utilisé pour la détection des défauts de moteur tels que la rupture de barres du rotor et les défauts d’excentricité ainsi que les défauts de roulements. En revanche, très peu de recherches concernent la détection des défauts en utilisant l’analyse du courant. En outre, les signaux électriques triphasés sont caractérisés par des représentations géométriques particulières liées à leur forme d’onde qui peuvent servir en tant qu’indicateurs différents offrant des informations supplémentaires. Parmi ces indicateurs géométriques, les transformées de Park et de Concordia modélisent les composantes électriques dans un repère bidimensionnel et toute déviation par rapport à la représentation d’origine indique l’apparition d’un dysfonctionnement. Aussi, les équations différentielles de Frenet-Serret représentent la trajectoire du signal dans un espace euclidien tridimensionnel et indiquent ainsi tout changement dans l’état du système. Bien qu’ils aient été utilisés pour les défauts de roulements, ces indicateurs n’ont pas été appliqués dans la détection des défauts d’engrenages en utilisant l’analyse des signatures des courants électriques. D’où l’idée novatrice de combiner ces indicateurs avec des techniques de traitement de signal, ainsi que des techniques de classification pour le diagnostic des engrenages en utilisant l’analyse des signatures de courant et de tension du moteur électrique.Ainsi, dans ce travail, on propose une nouvelle approche pour le diagnostic des défauts d’engrenages en utilisant l’analyse des courants et des tensions électriques du stator de la machine et ceci en se basant sur un ensemble d’indicateurs géométriques (Transformées de Park et de Concordia ainsi que les propriétés du repère Frenet-Serret). Ces indicateurs font partie d’une bibliothèque de signatures de défauts qui a été construite et qui comprend également les indicateurs classiques utilisés pour un large éventail de défauts. Ainsi, un algorithme combine les acquisitions expérimentales des signaux électriques à des méthodes de traitement de signal avancées (décomposition modale empirique,…). Ensuite, celui-ci sélectionne les indicateurs les plus pertinents au sein de la bibliothèque en se basant sur les algorithmes de sélection de paramètres (sélection séquentielle rétrograde et analyse des composantes principales). Enfin, cette sélection est utilisée pour la classification non-supervisée (K-moyennes) pour la distinction entre l’état sain et l’état défaillant<br>Although they are widely used, classical vibration measurements have several limitations. Vibration analysis can only identify about 60% of the defects that may occur in mechanical systems. However, the main drawbacks of vibration measurements are the difficult access to the transmission system in order to place the sensor as well as the consequent cost of implementation. This results in sensitivity problems relative to the position of the installation and the difficulty to distinguish the source of vibration because of the diversity of mechanical excitations that exist in the industrial environment.Hence, the Motor Current Signatures Analysis (M.C.S.A.) represents a promising alternative to the vibration analysis and has therefore been the subject of increasing attention in recent years. Indeed, the analysis of electrical signatures has the advantage of being a technically accessible method as well as inexpensive and non-intrusive to the system. Techniques based on currents and voltages only require the motor’s electrical measurements which are often already supervised for the purposes of the control and the protection of the electrical machines. This process was mainly used for the detection of motors faults such as rotor bars breakage and eccentricity faults as well as bearings defects. On the other hand, very little research has been focused on gear faults detection using the current analysis. In addition, three-phase electrical signals are characterized by specific geometric representations related to their waveforms and they can serve as different indicators providing additional information. Among these geometric indicators, the Park and Concordia transforms model the electrical components in a two-dimensional coordinate system and any deviation from the original representation indicates the apparition of a malfunction. Moreover, the differential equations of Frenet-Serret represent the trajectory of the signal in a three-dimensional euclidean space and thus indicate any changes in the state of the system. Although they have been previously used for bearing defects, these indicators have not been applied in the detection of gear defects using the analysis of electrical current signatures. Hence, the innovative idea of combining these indicators with signal processing techniques, as well as classification techniques for gears diagnosis using the three-phase motor’s electrical current signatures analysis is established.Hence, in this work, a new approach is proposed for gear faults diagnosis using the motor currents analysis, based on a set of geometric indicators (Park and Concordia transforms as well as the properties of the Frenet-Serret frame). These indicators are part of a specifically built fault signatures library and which also includes the classical indicators used for a wide range of faults. Thus, a proposed estimation algorithm combines experimental measurements of electrical signals with advanced signal processing methods (Empirical Mode Decomposition, ...). Next, it selects the most relevant indicators within the library based on feature selection algorithms (Sequential Backward Selection and Principal Component Analysis). Finally, this selection is combined with non-supervised classification (K-means) for the distinction between the healthy state and faulty states. It was finally validated with a an additional experimental configuration in different cases with gear faults, bearing faults and combined faults with various load levels
29
WANG, ZHENG-ZHE, and 王正喆. "A Study on Security Analysis of Android Application-a Case of Instant Message App." Thesis, 2017. http://ndltd.ncl.edu.tw/handle/2awru8.
Full textAbstract:
碩士<br>國防大學<br>資訊管理學系<br>105<br>Information security has always been a concern issue; mobile networks constructed by smart phones expand this issue. Android is the most popular platform of smart phones now and LINE is the app most people used in Taiwan. Therefore, this study focuses on security analysis of an instant message app, LINE. With packet capturing and stored messages analyzing, we discuss information security issues of line app.
In this study, we root an Android smart phone first and we use several software tools, such as Wireshark and TCP dump, to capture and analyze LINE transmitted packets over the Internet. In addition, we also use File Sync, Ultra Edit, and SQLite Manager to have file comparisons and examine stored data and messages in a LINE app directory. Analyzing LINE transmitted packets, we found that all transmitted packets of LINE app were unreadable; they were encrypted. Moreover, examining changed file and stored messages in a LINE app directory, we found that user account and unreadable password stored in a specific file and all stored messages were plaintexts. With the analysis results, we can conclude that it is secured to transmit messages with LINE; however, it is unsecured that LINE messages stored in plaintext.
Keywords: Android, LINE app, Packet Capturing, File analysis
30
Hsu, Yu-ling, and 徐語苓. "Malicious Android App Detection Based on Dynamic Analysis of App Characteristics." Thesis, 2013. http://ndltd.ncl.edu.tw/handle/21896259893330201698.
Full textAbstract:
碩士<br>國立雲林科技大學<br>資訊管理系碩士班<br>101<br>Nowadays most people use smart phones. Smart phones are with almost the same functions as computers and same as computers easy to get malwares. However, most people do not have crisis consciousness that smart phones will get malwares via downloading and installing unknown free software from App. Antivirus installing is either popular to apply on smart phones. Once the smart phones get Malwares, many of personal and private information soon leak out. Moreover, unknown reasons will cause phone charges raise high. In current smart phone market, Android system is the majority and it is also the system with a large number of malwares. The numbers of malware are still rapidly increasing. In this study, I use dynamic analysis methods. First step is to capture each apk log file in half-hour. Then the database is constructed from the time period and the actions happen in that interval. My approach is to use the C4.5 algorithm to classify the characteristics between malicious and benign. Final, with the major classified characteristics to be the decision point, and I will do benefit analysis and detection rate comparing results is the best with the provided by antivirus companies.
31
GANG, LIN JR, and 林志剛. "Android Application Security and Permissions Analysis." Thesis, 2013. http://ndltd.ncl.edu.tw/handle/49431475796701707163.
Full textAbstract:
碩士<br>國立宜蘭大學<br>多媒體網路通訊數位學習碩士在職專班<br>101<br>With the popularity of smart phones and mobile devices, people pay more attention to the Android system. Inevitably, a large number of attacks and malware accompanied。As the activities on the mobile devices involve a great deal of information, such as e-mail, games and social networks, the malware that steal data threaten the privacy. In the same way, the user’s information may be exposed even the legal application. So users began to consider the system security of mobile devices increasingly.。Due to the characteristics of open source on Android, so the application developer is more and more. There are bad as well as good applications in the Google play because of the lack of the strict review mechanism while uploading the application to Google play. Users only download the applications by high score or developers with good wind assessment passively. However, in addition to the Google Play, many people will download the application from third-party market or unknown web sites. In this case, it is easy to download to the application that is poor quality even damage the system. This paper proposes a filter mechanism that analyzes the permissions and security before installing the application. Then see if there is abnormal behavior through prior run on the Android emulator, and then installed on a physical device, to reduce additional risks and avoid unnecessary waste of money and time. In this paper, verify the security of Google Drive, and found the plain username and password by FTP protocol. Download applications such as App2Card, Onekeyvpn from internet or the third parties market, under the environment that is more secure and closer to the actual environment to analysis Android.ratc, KungFu, so that users can learn how attackers use application for something illegal to avoid to fall into the trap.
32
YANG, CHIA-PEI, and 楊家沛. "Security Risks of Communication APP Services and Near Field Communication in Mobile Android Systems." Thesis, 2018. http://ndltd.ncl.edu.tw/handle/8b4zhw.
Full textAbstract:
碩士<br>中央警察大學<br>資訊管理研究所<br>107<br>The rapid advancement of science and technology has made people's lives more convenient. Many of the original complicated procedures have become more simple after the growth of technology and technology. As in the past, the texts and books electronically made the writing, management and carrying of texts easier. In daily life, the "payment" action during shopping can also be done by using electronic wallet or mobile payment, and gradually replace the original banknote transaction.
With the maturity of wireless Internet access and the popularity of mobile devices, the development of mobile commerce has made people's economic activities more active. The emergence of smart phones with NFC (Near Field Communication) function is a great tool, and brings convenience for mobile payment. NFC security is also receiving more and more attention. Due to the characteristics of NFC, it can be easily integrated into a large number of devices at a very low cost. However, the advancement brings convenience and risks. The most difficult problem in the highly information age is how to ensure information security. With the rise of communication software, instant messaging has gradually replaced the traditional mode of telephone communication. Although these technological advances have enriched people's lives, they have made these readily available means of communication a hotbed of potential crime.
This article will combine the actual situation of the case, using the existing NFC transmission vulnerability, to confirm the feasibility of using NFC transmission function to carry out man-in-the-middle attacks on another mobile vehicle. Combined with the world-famous FB Messenger, the phone after Root is backed up by the Android Debug Bridge (ADB) tool, and after extracting its data, use Cygwin to restore the operational data of the Windows environment, and use SQLite Database Browser. Analysis of information such as chat records within it. Follow-up through the case study, the current NFC security architecture risks, and the preventable methods that can be observed and analyzed.
33
Lin, Yu-Cheng, and 林禹成. "A Security Vulnerability Analysis System for Android Application." Thesis, 2014. http://ndltd.ncl.edu.tw/handle/42unf5.
Full text
34
LIN, CHING-CHANG, and 林慶展. "The Wireless Remote Monitoring Home Security and Appliance System in Combination of Android App and Arduino." Thesis, 2017. http://ndltd.ncl.edu.tw/handle/94j534.
Full textAbstract:
碩士<br>逢甲大學<br>自動控制工程學系<br>105<br>Smart mobile devices flourish in the recent years. We need a computer to deal with the program before, but now we can finish the most of all in smart phone or tab-let. It looks like the PC, to install third-party software on the smart mobile devices, it can achieve our goal. For an example, app (application) is a typical mobile software, it makes our mobile being more convenience by the technology advancement and web development. From game playing, vedio calling, file editing, evan nowdays remote monitoring, app has became the trend of the times. Since the development of the IOT (Internet of Things), by using the network propagate technology, information had be applied to all levels. Diverse sensors can not limit to wired device,for examples, bluetooths, WIFI, 3G network…etc. They are all the most efficient way to deliver the message of wireless device. This subject is explaining how to use app system of mo-bile, combined with arduino for monitoring security of remote home. Through the arduino in the central control system integrated with App, and finally controlled the home appliances through the cloud of real-time detection curve. Let make it safe and convenient.
35
Peng, Jou-Hsuan, and 彭柔瑄. "A Study of Analysis for Android Applications Security Detection." Thesis, 2017. http://ndltd.ncl.edu.tw/handle/8r6j3j.
Full textAbstract:
碩士<br>國立臺北科技大學<br>資訊工程系研究所<br>105<br>Android Security becomes a popular keyword during these years. It is very earlier easy/ easily to download Android application on Application store. However, people cannot understand whether the application is safe or not. In order to let developer fix this problem and find the potential threat, the study reference the information security testing standard which is set by Economic Affairs. In this paper, there are two kinds of analysis – Static Analysis and Dynamic Analysis. In Static Analysis, the study will decompile the APK file and get its source code. Using source code to analyze its potential threat like sensitive data saving, permission definition, code security. In Dynamic Analysis, the study will build the Sandbox environment to test the application and record its network connect, file I/O, SQL and so on, and analyze the log of the test, finding the potential threat of the application.
36
Costa, Sara Silva. "Security threats management in android systems." Master's thesis, 2017. http://hdl.handle.net/1822/55037.
Full textAbstract:
Dissertação de mestrado integrado em Engenharia Eletrónica Industrial e Computadores<br>With the exponential use of mobile phones to handle sensitive information, the intrusion systems development has also increased. Malicious software is constantly being developed and the intrusion techniques are increasingly more sophisticated. Security protection systems trying to counteract these intrusions are constantly being improved and updated. Being Android one of the most popular operating systems, it became an intrusion’s methods development target.
Developed security solutions constantly monitor their host system and by accessing a set of defined parameters they try to find potentially harmful changes. An important topic when addressing malicious applications detection is the malware identification and characterization.
Usually, to separate the normal system behavior from the malicious behavior, security systems employ machine learning or data mining techniques. However, with the constant evolution of malicious applications, such techniques are still far from being capable of completely responding to the market needs.
This dissertation aim was to verify if malicious behavior patterns definition is a viable way of addressing this challenge. As part of the proposed research two data mining classification models were built and tested with the collected data, and their performances were compared. the RapidMiner software was used for the proposed model development and testing, and data was collected from the FlowDroid application.
To facilitate the understanding of the security potential of the Android framework, research was done on the its architecture, overall structure, and security methods, including its protection mechanisms and breaches. It was also done a study on models threats/attacks’ description, as well as, on the current existing applications for anti-mobile threats, analyzing their strengths and weaknesses.<br>Com o uso exponencial de telefones para lidar com informações sensíveis, o desenvolvimento de sistemas de intrusão também aumentou. Softwares maliciosos estão constantemente a ser desenvolvidos e as técnicas de intrusão são cada vez mais sofisticadas. Para neutralizar essas intrusões, os sistemas de proteção de segurança precisam constantemente de ser melhorados e atualizados. Sendo o Android um dos sistemas operativos (SO) mais populares, tornou-se também num alvo de desenvolvimento de métodos de intrusão.
As soluções de segurança desenvolvidas monitoram constantemente o sistema em que se encontram e acedendo a um o conjunto definido de parâmetros procuram alterações potencialmente prejudiciais. Um tópico importante ao abordar aplicações mal-intencionadas é a identificação e caracterização do malware.
Normalmente, para separar o comportamento normal do sistema do comportamento mal-intencionado, os sistemas de segurança empregam técnicas de machine learning ou de data mining. No entanto, com a constante evolução das aplicações maliciosas, tais técnicas ainda estão longe de serem capazes de responder completamente às necessidades do mercado.
Esta dissertação teve como objetivo verificar se os padrões de comportamento malicioso são uma forma viável de enfrentar esse desafio. Para responder à pesquisa proposta foram construídos e testados dois modelos de classificação de dados, usando técnicas de data mining, e com os dados recolhidos compararam-se os seus desempenhos. Para o desenvolvimento e teste do modelo proposto foi utilizado o software RapidMiner, e os dados foram recolhidos através do uso da aplicação FlowDroid.
Para facilitar a compreensão sobre as potencialidades de segurança da framework do Android, realizou-se uma pesquisa sobre a sua arquitetura, estrutura geral e métodos de segurança, incluindo seus mecanismos de defesa e algumas das suas limitações. Além disso, realizou-se um estudo sobre algumas das atuais aplicações existentes para a defesa contra aplicações maliciosas, analisando os seus pontos fortes e fracos.
37
Ugalde, Diego Salas. "Android app for Automatic Web Page Classification : Analysis of Text and Visual Features." Master's thesis, 2015. http://hdl.handle.net/10316/41703.
Full textAbstract:
Internet keeps growing everyday and with that, the creation of new web
pages. Due to this fact, web pages of many different categories can be found
such as News, Sports or Business. This issue has made investigators think
about one innovative concept: Webpage Classification. This new approach
implies the categorization of web pages to one or more category labels. Some
research has been done during the last years using text and visual content
extracted from the web pages to be able to classify. However, the need of being
able to do such a thing in an Android app has not been investigated yet, to the
best of our knowledge.
Consequently, this thesis is focused in the development of an Android
app which is able to classify web pages. First of all, text and visual features
have to be extracted from each webpage.
Four types of visual features were extracted from each web page to
construct a visual features vector of 160 attributes. Concerning to the text
features, a text features vector was also built for each of the webpage with 160
attributes. To do so, a “Bag-Of-Words” of one hundred and sixty words was set
up from the HTML code already extracted and filtered. Thus, we end up having
a full vector of 320 attributes for each webpage. A binary classification was
performed trying to distinguish web pages for Adults and for Kids.
Good results were obtained especially when using AdaBoost classifier
with text and visual features where a 94.44% of accuracy of correct
classifications was achieved.
38
Chen, Yu-Ling, and 陳祐翎. "A Platform of Integrating Security Analysis Tools for Android Applications." Thesis, 2017. http://ndltd.ncl.edu.tw/handle/nk9bq9.
Full textAbstract:
碩士<br>國立臺北科技大學<br>資訊工程系所<br>105<br>With the popularity of smartphone, Android apps are widely used in our daily life. However, most users do not have sufficient knowledge about apps security and are frequently attacked by malware. Alhough there are some opensource malware detection tools, these tools are not widely used by app users due to the complicated settings and operations to access the tools. In this paper, we develop a platform that integrates several Android security analysis tools. Specifically, the proposed platform has a user-friendly GUI interface and integrates four static/dynamic opensouce app analysis tools, including Androguard, Mallodroid, AndroidUnusedPermissions, and DroidBox. It can analyze and generate the corresponding reports of the integrated tools automatically after loading an apk file. With these reports, users can know whether there are potential security risks in the app, such as sending sensitive personal information, possessing suspicious data, having SSL-related vulnerabilities, and declaring unnecessary permissions. With the platform, users have no needs to learn the complicated operations to access the opensource analysis tools and can easily evaluate whether their apps have any security risks and vulnerabilities.
39
Syu, Sih-Cing, and 許絲晴. "On the Design and Implementation of Android Smartphone Security Analysis." Thesis, 2016. http://ndltd.ncl.edu.tw/handle/48864262961737980291.
Full textAbstract:
碩士<br>國立臺灣科技大學<br>資訊管理系<br>104<br>With the advances in smart device technologies, smart devices are usually equipped with various kinds of sensors. To prevent these sensors from collecting user data without obtaining user consents, several countries around the world have started to establish regulations on smart devices. Therefore, if an organization wishes to bring its new smart device to the market in a country, the organization may need to delegate a qualified testing organization in the country to verify that the device complies with the regulation of that country. In this case, if the organization can perform the compliance test in its test bed, it would shorten the time for the product to reach the market.
In light of this, this study proposes a framework and an associated platform for organizations to establish test cases on Android-based smart devices efficiently: First, the organization can define the testing steps of a test case. For each testing step, the organization can define automated, semi-automated or manual testing procedures. Note that this study provides automatic analysis tools specifically for Android smartphones. The organization can then define how to collect testing results. Finally, the organization can use the platform to perform tests based on established test cases. The platform will collect the test results and generates test reports automatically. Therefore, this study may contribute to improve the efficiency and effectiveness of smart device testing.
40
Fernandes, Ana Patrícia Nunes. "App Threat Analysis: Combining static analysis with users’ feedback to accelerate app store response to mobile threats." Master's thesis, 2018. http://hdl.handle.net/10362/98808.
Full textAbstract:
Today’s smart-phones are ubiquitous in people’s lives, collecting and storing private
and confidential data. At the same time, users are exposed to mobile apps with bad
engineering practices and to malicious apps, both endangering the security of their data.
This happens because app stores face considerable challenges, like the efficient analysis
of the huge volume of apps received, the moving target nature of the threats and the lack
of accuracy of users’ feedback.
In this dissertation we present a study on the use of automated verification tools of
applications at the app market level for improving the security of the end users. This
study led to a platform that combines static analysis tools for Android apps with users’
feedback to determine the apps threat level. We implemented this platform as a module
and evaluated it in Aptoide - an Android app store - to support the quality assurance
decisions of app inspection, which might lead to the removal of the app from the store.
The assessment shows that for the 19% of the APKs ranked with the highest threat
level, the proposed module only failed in 2%. This means that, in a context of an app store
that receives thousands of apps per day, the module is able to inform with considerable
certainty which apps need to be inspected by the quality assurance team with urgency,
because are likely a threat to consumers. Therefore, the proposed solution contributes to
accelerate the app store response to mobile threats and, consequently, to the reduction of
its impact on app consumers.
Although the module improves and strengthens the application verification process
by uncovering problems that were not previously exposed, after we made more tests we
realised that the specification of these problems could be further adjusted.
41
(9728690), Ayush Maharjan. "Ranking of Android Apps based on Security Evidences." Thesis, 2021.
Find full textAbstract:
<p>With the large number of Android apps available in app stores such as
Google Play, it has become increasingly challenging to choose among the apps.
The users generally select the apps based on the ratings and reviews of other
users, or the recommendations from the app store. But it is very important to
take the security into consideration while choosing an app with the increasing
security and privacy concerns with mobile apps. This thesis proposes different
ranking schemes for Android apps based on security apps evaluated from the
static code analysis tools that are available. It proposes the ranking schemes
based on the categories of evidences reported by the tools, based on the
frequency of each category, and based on the severity of each evidence. The
evidences are gathered, and rankings are generated based on the theory of
Subjective Logic. In addition to these ranking schemes, the tools are
themselves evaluated against the Ghera benchmark. Finally, this work proposes
two additional schemes to combine the evidences from difference tools to
provide a combined ranking.</p>
42
Hsieh, Yi-Chen, and 謝宜蓁. "Security Analysis of Android Application-a Case Study of CloudBox Application." Thesis, 2014. http://ndltd.ncl.edu.tw/handle/vx5rz9.
Full textAbstract:
碩士<br>國防大學<br>資訊管理學系<br>102<br>As the Internet and mobile communication applications prevailing, this trend let people use more smart phones than feature phones. The open source android is a mainstream operating system for smartphones. Many android applications rapidly have been developed and used. Meanwhile, many information security issues occur for smartphones. A cloud storage service is one of smartphone applications. Users can use their smartphone to access or share information over the Internet at any moment. This application let users not worry about a storage issue. The cloud storage service would be a new trend for smartphones.
This study adopts a packet capture measure to collect transmitted packets between a cloud storage service server and an end user smartphone and the CloudBox app is the study case. With the collected packets, we try to analyze security vulnerabilities of the CloudBox app. The study results show that we can find accounts, passwords, and other information of users from transmitted packets between the CloudBox app server and an end user smartphone. This study result shows that we can examine whether users’ confidential information can be found or not in transmitted packets of others android apps with the packet collection and analysis measures. This will help us to assure security of specific android apps.
43
Rebenich, Niko. "Fast Low Memory T-Transform: string complexity in linear time and space with applications to Android app store security." Thesis, 2012. http://hdl.handle.net/1828/3924.
Full textAbstract:
This thesis presents flott, the Fast Low Memory T-Transform, the currently fastest and most memory efficient linear time and space algorithm available to compute the string complexity measure T-complexity. The flott algorithm uses 64.3% less memory and in our experiments runs asymptotically 20% faster than its predecessor. A full C-implementation is provided and published under the Apache Licence 2.0. From the flott algorithm two deterministic information measures are derived and applied to Android app store security. The derived measures are the normalized T-complexity distance and the instantaneous T-complexity rate which are used to detect, locate, and visualize unusual information changes in Android applications. The information measures introduced present a novel, scalable approach to assist with the detection of malware in app stores.<br>Graduate
44
Shih, Cheng-yen, and 施承諺. "Cloud Digital Classroom Information Security Risk Analysis as An Example - Citrix Xen App." Thesis, 2012. http://ndltd.ncl.edu.tw/handle/73747459870678674587.
Full textAbstract:
碩士<br>華梵大學<br>資訊管理學系碩士班<br>100<br>Due to the development of the communication technology and information technology, it provides a novel long-distance collaborative learning style with more cooperation and action in the classroom. Every student can be at any place, any time using mobile phones or other mobile device via 3G or WiFi to learn anywhere. To avoid the e-learning systems contents and materials to be hacked by the unauthorized personnel, tampering, forgery, and destruction is became to very important. However, due to different internal and external environmental factors and policy needs, it requires a new information security risk assessment management system to enhance security.
First, we performed a risk analysis and risk assessment based on the 11 administrative items of ISO27001 for information assets, including risk assessment, risk treatment, and risk tolerance and communication of enterprises, to help enterprises make decisions favorable to their operational performance when implementing the e-learning system. We also interviewed experts on the e-learning system to obtain preliminary risk assessment items. Then, we used the AHP (Analytic Hierarchy Process) to obtain assessment indicators and inter-item weights to obtain the priorities of various plans. Finally, we find out six factors in the information security management system when used Citrix Xen App to build a digital classroom. Through the literature survey, we construct a risk assessment model for digital classroom in enterprise based on the information security policy. Then they are analysis and sorted out by several experts through the Delphi method. It finds four dimensions such as Service Access Security Management, Software security controls, Personal control, and Hardware system security. These assessment criteria for each level contains five to six items, total of 21 of the criteria. The final results show that :【Confirm the method of notification in the event of a security threat and confirm the effectiveness of the corrective manner and instant】,【Set the company's internal information security policies, and regularly review the applicability and effectiveness of information security policy】,【To ensure that employees have to remove or modify the remote access to staff leave or change】,【The safety of protective equipment and assets, and the relative responsibilities should be divided into segments, and to prevent unauthorized access】,【To ensure the protection of network infrastructure】,【Confirm periodically backup the accuracy or completeness of the information】are the more important factors. Based on the above methods, we established an information security risk assessment model to help enterprises in choosing and implementing the ISMS of the e-learning system.
45
Wang, Shih-Shien, and 王詩賢. "The Study on the Key Factors the Content and Practical of Android Free App by Using Content Analysis—Hot App Lifestyle Type of Google Play Store." Thesis, 2012. http://ndltd.ncl.edu.tw/handle/cu8c8y.
Full textAbstract:
碩士<br>國立臺北科技大學<br>管理學院工業工程與管理EMBA專班<br>100<br>The spiking sales of smart phones has led to a trend of mobile applications (App), which, with all its variations, has changed people’s life patterns and their habits in regard to using mobile phones. Therefore, more and more firms have started to create an App of their brand, so as to provide patron services or do marketing. Through the compilation of literature, it has been discovered that the content and practicality of an App may well influence the willingness of users, and hence how to create a desired App for swarms of patrons to download has become a hot issue for discussion.
This research categorizes the content of an App into five constructs: Fluency, Aesthetics, Style, Integration and Trend, and classifies the practicality into three constructs: Convenience, Connectedness and Control, this study sets off to analyze the top 100 lifestyle Android Apps of the Google Play Store, pinpointing four driven key factors, including language localization, the combination of a firm’s image to App, advertisements are the source of profit for free Apps, and technological application services will not impact patrons’ willingness to use. The research results provide materials for Apps or telecommunications operators in writing programs or exploring new markets, and as a result, making their Apps more popular with and better appreciated by people.
46
(10732161), Yung Han Yoon. "A FRAMEWORK FOR THE SOFTWARE SECURITY ANALYSIS OF MOBILEPOWER SYSTEMS." Thesis, 2021.
Find full textAbstract:
Mobile devices have become increasingly ubiquitous as they serve many important functions in our daily lives. However, there is not much research on remote threats to the battery and power systems of these mobile devices. The consequences of a successful attack on the power system of a mobile device can range from being a general nuisance, financial harm, to loss of life if emergency communications were interrupted. Despite the relative abundance of work on implementing chemical and physical safety systems for battery cells and power systems, remote cyber threats against a mobile battery system have not been as well studied. This work created a framework aimed at auditing the power systems of mobile devices and validated the framework by implementing it in a case study on an Android device. The framework applied software auditing techniques to both the power system and operating system of a mobile device in a case study to discover possible vulnerabilities which could be used to exploit the power system. Lessons learned from the case study are then used to improve, revise, and discuss the limitations of the framework when put in practice. The effectiveness of the proposed framework was discovered to be limited by the availability of appropriate tools to conduct vulnerability assessments.<br>
47
Chowdhury, Nahida Sultana. "A Security Related and Evidence-Based Holistic Ranking and Composition Framework for Distributed Services." Thesis, 2021. http://dx.doi.org/10.7912/C2/7.
Full textAbstract:
Indiana University-Purdue University Indianapolis (IUPUI)<br>The number of smart mobile devices has grown at a significant rate in recent years. This growth has resulted in an exponential number of publicly available mobile Apps. To help the selection of suitable Apps, from various offered choices, the App distribution platforms generally rank/recommend Apps based on average star ratings, the number of installs, and associated reviews ― all the external factors of an App. However, these ranking schemes typically tend to ignore critical internal factors (e.g., bugs, security vulnerabilities, and data leaks) of the Apps. The AppStores need to incorporate a holistic methodology that includes internal and external factors to assign a level of trust to Apps. The inclusion of the internal factors will describe associated potential security risks. This issue is even more crucial with newly available Apps, for which either user reviews are sparse, or the number of installs is still insignificant. In such a scenario, users may fail to estimate the potential risks associated with installing Apps that exist in an AppStore.
This dissertation proposes a security-related and evidence-based ranking framework, called SERS (Security-related and Evidence-based Ranking Scheme) to compare similar Apps. The trust associated with an App is calculated using both internal and external factors (i.e., security flaws and user reviews) following an evidence-based approach and applying subjective logic principles. The SERS is formalized and further enhanced in the second part of this dissertation, resulting in its enhanced version, called as E-SERS (Enhanced SERS). These enhancements include an ability to integrate any number of sources that can generate evidence for an App and consider the temporal aspect and reputation of evidence sources. Both SERS and E-SERS are evaluated using publicly accessible Apps from the Google PlayStore and the rankings generated by them are compared with prevalent ranking techniques such as the average star ratings and the Google PlayStore Rankings. The experimental results indicate that E-SERS provides a comprehensive and holistic view of an App when compared with prevalent alternatives. E-SERS is also successful in identifying malicious Apps where other ranking schemes failed to address such vulnerabilities.
In the third part of this dissertation, the E-SERS framework is used to propose a trust-aware composition model at two different granularities. This model uses the trust score computed by E-SERS, along with the probability of an App belonging to the malicious category, as the desired attributes for selecting a composition as the two granularities. Finally, the trust-aware composition model is evaluated with the average star rating parameter and the trust score.
A holistic approach, as proposed by E-SERS, to computer a trust score will benefit all kinds of Apps including newly published Apps that follow proper security measures but initially struggle in the AppStore rankings due to a lack of a large number of reviews and ratings. Hence, E-SERS will be helpful both to the developers and users. In addition, the composition model that uses such a holistic trust score will enable system integrators to create trust-aware distributed systems for their specific needs.
48
(8800973), Kelsey Billups. "New and Emerging Mobile Apps Among Teens - Are Forensic Tools Keeping Up?" Thesis, 2020.
Find full textAbstract:
Mobile applications are an important but fast changing piece of the digital forensics’ world. For mobile forensics researchers and field analysts, it is hard to keep up with the pace of the ever-changing world of the newest and most popular applications teens are using. Mobile forensic tools are quickly becoming more and more supportive of new applications, but with how quickly apps are changing and new ones being released, it is still difficult for the tools to keep up. The research question for this project examines to what extent digital forensic tools support new and emerging applications seen recently in investigations involving teenagers? For this research, a survey was conducted asking digital forensic analysts, and others who investigate digital crimes, what applications they are coming across most frequently during investigations involving teens and whether those applications are being supported by forensic tools. The top three applications from the survey that were not supported by mobile forensic tools, Monkey, Houseparty, and Likee were populated onto a test device and then evaluated and analyzed to see what forensic artifacts were found in those applications. The mobile application artifacts were then compared on two different forensic tools to see which tool obtains the most forensic artifacts from the applications. Through the examination and analysis of the applications and data contained within the apps, it was determined that 61% of the populated forensic artifacts were recovered manually and only 45% were recovered by a forensic tool for the Monkey application. 100% of the populated forensic artifacts were recovered manually and only 29% were recovered by a forensic tool for the Houseparty application. 42% of the populated forensic artifacts were recovered manually and only 3% were recovered by a forensic tool for the Likee application. It was found that the extent of support from digital forensic tools for these types of applications depends greatly on how the application stores the artifacts, but the artifact extraction support was limited for all applications. This research benefits in helping researchers and analysts by understanding the data and artifacts contained within the applications, what forensic artifacts are recoverable, and where to find those important artifacts. This research can help in finding important evidence for future investigations.<br>