By the analysis of vulnerabilities of Android native system services,we find that some vulnerabilities are caused by inconsistent data transmission and inconsistent data processing logic between client and server.The ...By the analysis of vulnerabilities of Android native system services,we find that some vulnerabilities are caused by inconsistent data transmission and inconsistent data processing logic between client and server.The existing research cannot find the above two types of vulnerabilities and the test cases of them face the problem of low coverage.In this paper,we propose an extraction method of test cases based on the native system services of the client and design a case construction method that supports multi-parameter mutation based on genetic algorithm and priority strategy.Based on the above method,we implement a detection tool-BArcherFuzzer to detect vulnerabilities of Android native system services.The experiment results show that BArcherFuzzer found four vulnerabilities of hundreds of exception messages,all of them were confirmed by Google and one was assigned a Common Vulnerabilities and Exposures(CVE)number(CVE-2020-0363).展开更多
ECG monitoring in daily life is an important means of treating heart disease. To make it easier for the medical to monitor the ECG of their patients outside the hospital, we designed and developed an ECG monitoring an...ECG monitoring in daily life is an important means of treating heart disease. To make it easier for the medical to monitor the ECG of their patients outside the hospital, we designed and developed an ECG monitoring and alarming system based on Android smart phone. In our system, an ECG device collects the ECG signal and transmits it to an Android phone. The Android phone detects alarms which come from the ECG devices. When alarms occur, Android phone will capture the ECG images and the details about the alarms, and sends them to the cloud Alarm Server (AS). Once received, AS push the messages to doctors’ phone, so the doctors could see the ECG images and alarm details on their mobile phone. In our system, high resolution ECG pictures are transmitted to doctors’ phone in a user-friendly way, which can help doctors keep track of their patient’s condition easily.展开更多
Android OS provides such security mechanisms as application signature, privilege limit and sandbox to protect the security of operational system. However, these methods are unable to protect the applications of Androi...Android OS provides such security mechanisms as application signature, privilege limit and sandbox to protect the security of operational system. However, these methods are unable to protect the applications of Android against anti-reverse engineering and the codes of such applications face the risk of being obtained or modified, which are always the first step for further attacks. In this paper, a security enhancement system with online authentication (SeSoa) for Android APK is proposed, in which the code of Android application package (APK) can be automatically encrypted. The encrypted code is loaded and run in the Android system after being successfully decrypted. Compared with the exiting software protecting systems, SeSoa uses online authentication mechanism to ensure the improvementof the APK security and good balance between security and usability.展开更多
Mobile platform develops rapidly in recent years,with its performance and capacity increasing.A large number of virtual reality applications such as 3D simulation and visualization have appeared on mobile platform.How...Mobile platform develops rapidly in recent years,with its performance and capacity increasing.A large number of virtual reality applications such as 3D simulation and visualization have appeared on mobile platform.However,due to restrictions,such as the lack of computing resources and the limited network bandwidth,the virtual reality systems on mobile platform could not have comparable performance as their peers on desktop platform.Taking resource restrictions into consideration,trade-offs have been made regarding the display of virtual reality systems.We propose a unified network scheduling strategy based on asynchronous multi-thread,database cache,prioritization and elimination of overdue requests.This strategy has been tested on the prototype system of virtual reality system on Android.The results demonstrate higher network resource utilization and better user experience.展开更多
The prevalence of smartphones is deeply embedded in modern society,impacting various aspects of our lives.Their versatility and functionalities have fundamentally changed how we communicate,work,seek entertainment,and...The prevalence of smartphones is deeply embedded in modern society,impacting various aspects of our lives.Their versatility and functionalities have fundamentally changed how we communicate,work,seek entertainment,and access information.Among the many smartphones available,those operating on the Android platform dominate,being the most widely used type.This widespread adoption of the Android OS has significantly contributed to increased malware attacks targeting the Android ecosystem in recent years.Therefore,there is an urgent need to develop new methods for detecting Android malware.The literature contains numerous works related to Android malware detection.As far as our understanding extends,we are the first ones to identify dangerous combinations of permissions and system calls to uncover malicious behavior in Android applications.We introduce a novel methodology that pairs permissions and system calls to distinguish between benign and malicious samples.This approach combines the advantages of static and dynamic analysis,offering a more comprehensive understanding of an application’s behavior.We establish covalent bonds between permissions and system calls to assess their combined impact.We introduce a novel technique to determine these pairs’Covalent Bond Strength Score.Each pair is assigned two scores,one for malicious behavior and another for benign behavior.These scores serve as the basis for classifying applications as benign or malicious.By correlating permissions with system calls,the study enables a detailed examination of how an app utilizes its requested permissions,aiding in differentiating legitimate and potentially harmful actions.This comprehensive analysis provides a robust framework for Android malware detection,marking a significant contribution to the field.The results of our experiments demonstrate a remarkable overall accuracy of 97.5%,surpassing various state-of-the-art detection techniques proposed in the current literature.展开更多
The Android Operating System(AOS)has been evolving since its inception and it has become one of the most widely used operating system for the Internet of Things(IoT).Due to the high popularity and reliability ofAOS fo...The Android Operating System(AOS)has been evolving since its inception and it has become one of the most widely used operating system for the Internet of Things(IoT).Due to the high popularity and reliability ofAOS for IoT,it is a target of many cyber-attacks which can cause compromise of privacy,financial loss,data integrity,unauthorized access,denial of services and so on.The Android-based IoT(AIoT)devices are extremely vulnerable to various malwares due to the open nature and high acceptance of Android in the market.Recently,several detection preventive malwares are developed to conceal their malicious activities from analysis tools.Hence,conventional malware detection techniques could not be applied and innovative countermeasures against such anti-detection malwares are indispensable to secure the AIoT.In this paper,we proposed the novel deep learning-based real-time multiclass malware detection techniques for the AIoT using dynamic analysis.The results show that the proposed technique outperforms existing malware detection techniques and achieves detection accuracy up to 99.87%.展开更多
Most of the millions of Android users worldwide use applications from the official Android market (Google Play store) and unregulated alternative markets to get more functionality from their devices. Many of these app...Most of the millions of Android users worldwide use applications from the official Android market (Google Play store) and unregulated alternative markets to get more functionality from their devices. Many of these applications transmit sensitive data stored on the device, either maliciously or accidentally, to outside networks. In this paper, we will study the ways that Android applications transmit data to outside servers and propose a user-friendly application, DroidData, to inform and protect the user from these security risks. We will use tools such as TaintDroid, AppIntent, and Securacy to propose an application that reveals what types of data are being transmitted from apps, the location to which the data is being transmitted, whether the data is being transmitted through a secure channel (such as HTTPS) and whether the user is aware that the information is being transmitted. The application will generate a report that allows the user to block the application that leaks sensitive information. In doing so, we will examine the importance, relevance, and prevalence of these Android Data security issues.展开更多
In social science,health care,digital therapeutics,etc.,smartphone data have played important roles to infer users’daily lives.However,smartphone data col-lection systems could not be used effectively and widely beca...In social science,health care,digital therapeutics,etc.,smartphone data have played important roles to infer users’daily lives.However,smartphone data col-lection systems could not be used effectively and widely because they did not exploit any Internet of Things(IoT)standards(e.g.,oneM2M)and class labeling methods for machine learning(ML)services.Therefore,in this paper,we propose a novel Android IoT lifelog system complying with oneM2M standards to collect various lifelog data in smartphones and provide two manual and automated class labeling methods for inference of users’daily lives.The proposed system consists of an Android IoT client application,an oneM2M-compliant IoT server,and an ML server whose high-level functional architecture was carefully designed to be open,accessible,and internation-ally recognized in accordance with the oneM2M standards.In particular,we explain implementation details of activity diagrams for the Android IoT client application,the primary component of the proposed system.Experimental results verified that this application could work with the oneM2M-compliant IoT server normally and provide corresponding class labels properly.As an application of the proposed system,we also propose motion inference based on three multi-class ML classifiers(i.e.,k nearest neighbors,Naive Bayes,and support vector machine)which were created by using only motion and location data(i.e.,acceleration force,gyroscope rate of rotation,and speed)and motion class labels(i.e.,driving,cycling,running,walking,and stil-ling).When compared with confusion matrices of the ML classifiers,the k nearest neighbors classifier outperformed the other two overall.Furthermore,we evaluated its output quality by analyzing the receiver operating characteristic(ROC)curves with area under the curve(AUC)values.The AUC values of the ROC curves for all motion classes were more than 0.9,and the macro-average and micro-average ROC curves achieved very high AUC values of 0.96 and 0.99,respectively.展开更多
基金This work was supported by the National Key R&D Program of China(2023YFB3106800)the National Natural Science Foundation of China(Grant No.62072051).We are overwhelmed in all humbleness and gratefulness to acknowledge my depth to all those who have helped me to put these ideas.
文摘By the analysis of vulnerabilities of Android native system services,we find that some vulnerabilities are caused by inconsistent data transmission and inconsistent data processing logic between client and server.The existing research cannot find the above two types of vulnerabilities and the test cases of them face the problem of low coverage.In this paper,we propose an extraction method of test cases based on the native system services of the client and design a case construction method that supports multi-parameter mutation based on genetic algorithm and priority strategy.Based on the above method,we implement a detection tool-BArcherFuzzer to detect vulnerabilities of Android native system services.The experiment results show that BArcherFuzzer found four vulnerabilities of hundreds of exception messages,all of them were confirmed by Google and one was assigned a Common Vulnerabilities and Exposures(CVE)number(CVE-2020-0363).
文摘ECG monitoring in daily life is an important means of treating heart disease. To make it easier for the medical to monitor the ECG of their patients outside the hospital, we designed and developed an ECG monitoring and alarming system based on Android smart phone. In our system, an ECG device collects the ECG signal and transmits it to an Android phone. The Android phone detects alarms which come from the ECG devices. When alarms occur, Android phone will capture the ECG images and the details about the alarms, and sends them to the cloud Alarm Server (AS). Once received, AS push the messages to doctors’ phone, so the doctors could see the ECG images and alarm details on their mobile phone. In our system, high resolution ECG pictures are transmitted to doctors’ phone in a user-friendly way, which can help doctors keep track of their patient’s condition easily.
基金supported by National Natural Science Foundation of China(61370195)ZTE Industry-Academia-Research Cooperation Funds
文摘Android OS provides such security mechanisms as application signature, privilege limit and sandbox to protect the security of operational system. However, these methods are unable to protect the applications of Android against anti-reverse engineering and the codes of such applications face the risk of being obtained or modified, which are always the first step for further attacks. In this paper, a security enhancement system with online authentication (SeSoa) for Android APK is proposed, in which the code of Android application package (APK) can be automatically encrypted. The encrypted code is loaded and run in the Android system after being successfully decrypted. Compared with the exiting software protecting systems, SeSoa uses online authentication mechanism to ensure the improvementof the APK security and good balance between security and usability.
基金Supported by National Natural Science Foundation of China(Nos.61472010 and 61421062)National Key Technology Support Program(No.2013BAK03B07)+2 种基金National Key Technology R&D Program(2015BAK01B06)Shenzhen Gov Projects(JCYJ20130331144416448)Public Science and Technology Research Funds Projects of Ocean(201505014-3)
文摘Mobile platform develops rapidly in recent years,with its performance and capacity increasing.A large number of virtual reality applications such as 3D simulation and visualization have appeared on mobile platform.However,due to restrictions,such as the lack of computing resources and the limited network bandwidth,the virtual reality systems on mobile platform could not have comparable performance as their peers on desktop platform.Taking resource restrictions into consideration,trade-offs have been made regarding the display of virtual reality systems.We propose a unified network scheduling strategy based on asynchronous multi-thread,database cache,prioritization and elimination of overdue requests.This strategy has been tested on the prototype system of virtual reality system on Android.The results demonstrate higher network resource utilization and better user experience.
文摘The prevalence of smartphones is deeply embedded in modern society,impacting various aspects of our lives.Their versatility and functionalities have fundamentally changed how we communicate,work,seek entertainment,and access information.Among the many smartphones available,those operating on the Android platform dominate,being the most widely used type.This widespread adoption of the Android OS has significantly contributed to increased malware attacks targeting the Android ecosystem in recent years.Therefore,there is an urgent need to develop new methods for detecting Android malware.The literature contains numerous works related to Android malware detection.As far as our understanding extends,we are the first ones to identify dangerous combinations of permissions and system calls to uncover malicious behavior in Android applications.We introduce a novel methodology that pairs permissions and system calls to distinguish between benign and malicious samples.This approach combines the advantages of static and dynamic analysis,offering a more comprehensive understanding of an application’s behavior.We establish covalent bonds between permissions and system calls to assess their combined impact.We introduce a novel technique to determine these pairs’Covalent Bond Strength Score.Each pair is assigned two scores,one for malicious behavior and another for benign behavior.These scores serve as the basis for classifying applications as benign or malicious.By correlating permissions with system calls,the study enables a detailed examination of how an app utilizes its requested permissions,aiding in differentiating legitimate and potentially harmful actions.This comprehensive analysis provides a robust framework for Android malware detection,marking a significant contribution to the field.The results of our experiments demonstrate a remarkable overall accuracy of 97.5%,surpassing various state-of-the-art detection techniques proposed in the current literature.
基金the MSIP and National Research Foundation of South Korea under Grant 2018R1D1A1B07049877.
文摘The Android Operating System(AOS)has been evolving since its inception and it has become one of the most widely used operating system for the Internet of Things(IoT).Due to the high popularity and reliability ofAOS for IoT,it is a target of many cyber-attacks which can cause compromise of privacy,financial loss,data integrity,unauthorized access,denial of services and so on.The Android-based IoT(AIoT)devices are extremely vulnerable to various malwares due to the open nature and high acceptance of Android in the market.Recently,several detection preventive malwares are developed to conceal their malicious activities from analysis tools.Hence,conventional malware detection techniques could not be applied and innovative countermeasures against such anti-detection malwares are indispensable to secure the AIoT.In this paper,we proposed the novel deep learning-based real-time multiclass malware detection techniques for the AIoT using dynamic analysis.The results show that the proposed technique outperforms existing malware detection techniques and achieves detection accuracy up to 99.87%.
文摘Most of the millions of Android users worldwide use applications from the official Android market (Google Play store) and unregulated alternative markets to get more functionality from their devices. Many of these applications transmit sensitive data stored on the device, either maliciously or accidentally, to outside networks. In this paper, we will study the ways that Android applications transmit data to outside servers and propose a user-friendly application, DroidData, to inform and protect the user from these security risks. We will use tools such as TaintDroid, AppIntent, and Securacy to propose an application that reveals what types of data are being transmitted from apps, the location to which the data is being transmitted, whether the data is being transmitted through a secure channel (such as HTTPS) and whether the user is aware that the information is being transmitted. The application will generate a report that allows the user to block the application that leaks sensitive information. In doing so, we will examine the importance, relevance, and prevalence of these Android Data security issues.
文摘In social science,health care,digital therapeutics,etc.,smartphone data have played important roles to infer users’daily lives.However,smartphone data col-lection systems could not be used effectively and widely because they did not exploit any Internet of Things(IoT)standards(e.g.,oneM2M)and class labeling methods for machine learning(ML)services.Therefore,in this paper,we propose a novel Android IoT lifelog system complying with oneM2M standards to collect various lifelog data in smartphones and provide two manual and automated class labeling methods for inference of users’daily lives.The proposed system consists of an Android IoT client application,an oneM2M-compliant IoT server,and an ML server whose high-level functional architecture was carefully designed to be open,accessible,and internation-ally recognized in accordance with the oneM2M standards.In particular,we explain implementation details of activity diagrams for the Android IoT client application,the primary component of the proposed system.Experimental results verified that this application could work with the oneM2M-compliant IoT server normally and provide corresponding class labels properly.As an application of the proposed system,we also propose motion inference based on three multi-class ML classifiers(i.e.,k nearest neighbors,Naive Bayes,and support vector machine)which were created by using only motion and location data(i.e.,acceleration force,gyroscope rate of rotation,and speed)and motion class labels(i.e.,driving,cycling,running,walking,and stil-ling).When compared with confusion matrices of the ML classifiers,the k nearest neighbors classifier outperformed the other two overall.Furthermore,we evaluated its output quality by analyzing the receiver operating characteristic(ROC)curves with area under the curve(AUC)values.The AUC values of the ROC curves for all motion classes were more than 0.9,and the macro-average and micro-average ROC curves achieved very high AUC values of 0.96 and 0.99,respectively.
