Open Access. Powered by Scholars. Published by Universities.®

Computer Engineering Commons

Open Access. Powered by Scholars. Published by Universities.®

Android

Computer Sciences

Articles 1 - 25 of 25

Full-Text Articles in Computer Engineering

Gaindroid: General Automated Incompatibility Notifier For Android Applications, Bruno Vieira Resende E Silva Apr 2019

Gaindroid: General Automated Incompatibility Notifier For Android Applications, Bruno Vieira Resende E Silva

Computer Science and Engineering: Theses, Dissertations, and Student Research

With the ever-increasing popularity of mobile devices over the last decade, mobile apps and the frameworks upon which they are built frequently change. This rapid evolution leads to a confusing jumble of devices and applications utilizing differing features even within the same framework. For Android apps and devices, representing over 80% of the market share, mismatches between the version of the Android operating system installed on a device and the version of the app installed, can lead to several run-time crashes, providing a poor user experience.

This thesis presents GAINDroid, an analysis approach, backed with a classloader based program analyzer ...


Permission-Based Privacy Analysis For Android Applications, Erza Gashi, Zhilbert Tafa Feb 2019

Permission-Based Privacy Analysis For Android Applications, Erza Gashi, Zhilbert Tafa

International Journal of Business and Technology

While Information and Communication Technology (ICT) trends are moving towards the Internet of Things (IoT), mobile applications are becoming more and more popular. Mostly due to their pervasiveness and the level of interaction with the users, along with the great number of advantages, the mobile applications bring up a great number of privacy related issues as well. These platforms can gather our very sensitive private data by only granting them a list of permissions during the installation process. Additionally, most of the users can find it difficult, or even useless, to analyze system permissions. Thus, their guess of app’s ...


Androparse - An Android Feature Extraction Framework & Dataset, Robert Schmicker, Frank Breitinger, Ibrahim Baggili Sep 2018

Androparse - An Android Feature Extraction Framework & Dataset, Robert Schmicker, Frank Breitinger, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

Android malware has become a major challenge. As a consequence, practitioners and researchers spend a significant time analyzing Android applications (APK). A common procedure (especially for data scientists) is to extract features such as permissions, APIs or strings which can then be analyzed. Current state of the art tools have three major issues: (1) a single tool cannot extract all the significant features used by scientists and practitioners (2) Current tools are not designed to be extensible and (3) Existing parsers do not have runtime efficiency. Therefore, this work presents AndroParse which is an open-source Android parser written in Golang ...


Assured Android Execution Environments, Brandon P. Froberg Mar 2018

Assured Android Execution Environments, Brandon P. Froberg

Theses and Dissertations

Current cybersecurity best practices, techniques, tactics and procedures are insufficient to ensure the protection of Android systems. Software tools leveraging formal methods use mathematical means to assure both a design and implementation for a system and these methods can be used to provide security assurances. The goal of this research is to determine methods of assuring isolation when executing Android software in a contained environment. Specifically, this research demonstrates security properties relevant to Android software containers can be formally captured and validated, and that an implementation can be formally verified to satisfy a corresponding specification. A three-stage methodology called "The ...


If I Had A Million Cryptos: Cryptowallet Application Analysis And A Trojan Proof-Of-Concept, Trevor Haigh, Frank Breitinger, Ibrahim Baggili Jan 2018

If I Had A Million Cryptos: Cryptowallet Application Analysis And A Trojan Proof-Of-Concept, Trevor Haigh, Frank Breitinger, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

Cryptocurrencies have gained wide adoption by enthusiasts and investors. In this work, we examine seven different Android cryptowallet applications for forensic artifacts, but we also assess their security against tampering and reverse engineering. Some of the biggest benefits of cryptocurrency is its security and relative anonymity. For this reason it is vital that wallet applications share the same properties. Our work, however, indicates that this is not the case. Five of the seven applications we tested do not implement basic security measures against reverse engineering. Three of the applications stored sensitive information, like wallet private keys, insecurely and one was ...


Permission-Based Privacy Analysis For Android Applications, Erza Gashi, Zhilbert Tafa Oct 2017

Permission-Based Privacy Analysis For Android Applications, Erza Gashi, Zhilbert Tafa

UBT International Conference

While Information and Communication Technology (ICT) trends are moving towards the Internet of Things (IoT), mobile applications are becoming more and more popular. Mostly due to their pervasiveness and the level of interaction with the users, along with the great number of advantages, the mobile applications bring up a great number of privacy related issues as well. These platforms can gather our very sensitive private data by only granting them a list of permissions during the installation process. Additionally, most of the users can find it difficult, or even useless, to analyze system permissions. Thus, their guess of app’s ...


Breaking Into The Vault: Privacy, Security And Forensic Analysis Of Android Vault Applications, Xiaolu Zhang, Ibrahim Baggili, Frank Breitinger Aug 2017

Breaking Into The Vault: Privacy, Security And Forensic Analysis Of Android Vault Applications, Xiaolu Zhang, Ibrahim Baggili, Frank Breitinger

Electrical & Computer Engineering and Computer Science Faculty Publications

In this work we share the first account for the forensic analysis, security and privacy of Android vault applications. Vaults are designed to be privacy enhancing as they allow users to hide personal data but may also be misused to hide incriminating files. Our work has already helped law enforcement in the state of Connecticut to reconstruct 66 incriminating images and 18 videos in a single criminal case. We present case studies and results from analyzing 18 Android vault applications (accounting for nearly 220 million downloads from the Google Play store) by reverse engineering them and examining the forensic artifacts ...


Toward Accurate Network Delay Measurement On Android Phones, Weichao Li, Daoyuan Wu, Rocky K. C. Chang, Ricky K. P. Mok Aug 2017

Toward Accurate Network Delay Measurement On Android Phones, Weichao Li, Daoyuan Wu, Rocky K. C. Chang, Ricky K. P. Mok

Research Collection School Of Information Systems

Measuring and understanding the performance of mobile networks is becoming very important for end users and operators. Despite the availability of many measurement apps, their measurement accuracy has not received sufficient scrutiny. In this paper, we appraise the accuracy of smartphone-based network performance measurement using the Android platform and the network round-trip time (RTT) as the metric. We show that two of the most popular measurement apps-Ookla Speedtest and MobiPerf-have their RTT measurements inflated. We build three test apps that cover three common measurement methods and evaluate them in a testbed. We overcome the main challenge of obtaining a complete ...


Development Of An Android Based Performance Assessment System For Motivational Interviewing Training, Sowmya Pappu Jan 2017

Development Of An Android Based Performance Assessment System For Motivational Interviewing Training, Sowmya Pappu

Browse all Theses and Dissertations

Motivational Interviewing (MI) has been proved to be an effective Screening, Brief Intervention, and Referral to Treatment (SBIRT) technique. It is an evidence-based practice used to identify, reduce, and prevent problematic use, abuse, and dependence on alcohol and illicit drugs. It emphasizes on patient-centered counseling approach that can help resolve their ambivalence through a non-confrontational, goal-oriented style for eliciting behavior change from the patient, almost like patients talk themselves into change. This approach provokes less resistance and stimulates the progress of patients at their own pace towards deciding about planning, making and sustaining positive behavioral change. Thus, training medical professionals ...


Android Drone: Remote Quadcopter Control With A Phone, Aubrey John Russell Dec 2016

Android Drone: Remote Quadcopter Control With A Phone, Aubrey John Russell

Computer Engineering

The purpose of the “Android Drone” project was to create a quadcopter that can be controlled by user input sent over the phone’s Wi-Fi connection or 4G internet connection. Furthermore, the purpose was also to be able to receive live video feedback over the internet connection, thus making the drone an inexpensive option compared to other, equivalent drones that might cost thousands of dollars. Not only that, but the Android phone also has a host of other useful features that could be utilized by the drone: this includes GPS, pathing, picture taking, data storage, networking and TCP/IP, a ...


Semeo: A Semantic Equivalence Analysis Framework For Obfuscated Android Applications, Zhen Hu Dec 2016

Semeo: A Semantic Equivalence Analysis Framework For Obfuscated Android Applications, Zhen Hu

Computer Science and Engineering: Theses, Dissertations, and Student Research

Software repackaging is a common approach for creating malware. In this approach, malware authors inject malicious payloads into legitimate applications; then, to ren- der security analysis more difficult, they obfuscate most or all of the code. This forces analysts to spend a large amount of effort filtering out benign obfuscated methods in order to locate potentially malicious methods for further analysis. If an effective mechanism for filtering out benign obfuscated methods were available, the number of methods that must be analyzed could be reduced, allowing analysts to be more productive. In this thesis, we introduce SEMEO, a highly effective and ...


Using Ubiquitous Data To Improve Smartwatches' Context Awareness, Yuankun Song Aug 2016

Using Ubiquitous Data To Improve Smartwatches' Context Awareness, Yuankun Song

Open Access Theses

Nowadays, more and more data is being generated by various software applications, services and smart devices every second. The data contains abundant information about people’s daily lives. This research explored the possibility of improving smartwatches’ context awareness by using common ubiquitous data. The researcher developed a prototype system consisting of an Android application and a web application, and conducted an experiment where 10 participants performed several tasks with the help of a smartwatch. The result showed a significant improvement of the smartwatch’s context awareness running the prototype application, which used ubiquitous data to automatically execute proper actions according ...


Significant Permission Identification For Android Malware Detection, Lichao Sun Jul 2016

Significant Permission Identification For Android Malware Detection, Lichao Sun

Computer Science and Engineering: Theses, Dissertations, and Student Research

A recent report indicates that a newly developed malicious app for Android is introduced every 11 seconds. To combat this alarming rate of malware creation, we need a scalable malware detection approach that is effective and efficient. In this thesis, we introduce SigPID, a malware detection system based on permission analysis to cope with the rapid increase in the number of Android malware. Instead of analyzing all 135 Android permissions, our approach applies 3-level pruning by mining the permission data to identify only significant permissions that can be effective in distinguishing benign and malicious apps. Based on the identified significant ...


Pinpoint: Efficient And Effective Resource Isolation For Mobile Security And Privacy, Paul Ratazzi, Ashok Bommisetti, Nian Ji, Wenliang Du May 2015

Pinpoint: Efficient And Effective Resource Isolation For Mobile Security And Privacy, Paul Ratazzi, Ashok Bommisetti, Nian Ji, Wenliang Du

Electrical Engineering and Computer Science

Virtualization is frequently used to isolate untrusted processes and control their access to sensitive resources. However, isolation usually carries a price in terms of less resource sharing and reduced inter-process communication. In an open architecture such as Android, this price and its impact on performance, usability, and transparency must be carefully considered. Although previous efforts in developing general-purpose isolation solutions have shown that some of these negative sideeffects can be mitigated, doing so involves overcoming significant design challenges by incorporating numerous additional platform complexities not directly related to improved security. Thus, the general purpose solutions become inefficient and burdensome if ...


Network And Device Forensic Analysis Of Android Social-Messaging Applications, Daniel Walnycky, Ibrahim Baggili, Andrew Marrington, Jason Moore, Frank Breitinger Jan 2015

Network And Device Forensic Analysis Of Android Social-Messaging Applications, Daniel Walnycky, Ibrahim Baggili, Andrew Marrington, Jason Moore, Frank Breitinger

Electrical & Computer Engineering and Computer Science Faculty Publications

In this research we forensically acquire and analyze the device-stored data and network traffic of 20 popular instant messaging applications for Android. We were able to reconstruct some or the entire message content from 16 of the 20 applications tested, which reflects poorly on the security and privacy measures employed by these applications but may be construed positively for evidence collection purposes by digital forensic practitioners. This work shows which features of these instant messaging applications leave evidentiary traces allowing for suspect data to be reconstructed or partially reconstructed, and whether network forensics or device forensics permits the reconstruction of ...


Spirit: A Home Automation System, Andrew Choi Jun 2014

Spirit: A Home Automation System, Andrew Choi

Computer Engineering

Spirit is a multi device home automation system. Designed and implemented for California Polytechnic State University’s Senior Project program, this project was worked on during the duration of two school quarters from January 7, 2014 to June 13, 2014. The system consists of monitor/controllers designed to carry out everyday tasks in the average American household and an accompanying mobile application designed to receive information and control the devices. The monitor/controllers, or “Spirits”, are primarily developed using Arduino development tools and Arduino microcontroller boards. The spirits include a thermostat, named Tempus, an electrical outlet, Electrus, and a wall ...


Tapjacking Threats And Mitigation Techniques For Android Applications, Vanessa Cooper May 2014

Tapjacking Threats And Mitigation Techniques For Android Applications, Vanessa Cooper

Dissertations, Theses and Capstone Projects

With the increased dependency on web applications through mobile devices, malicious attack techniques have now shifted from traditional web applications running on desktop or laptop (allowing mouse click- based interactions) to mobile applications running on mobile devices (allowing touch-based interactions). Clickjacking is a type of malicious attack originating in web applications, where victims are lured to click on seemingly benign objects in web pages. However, when clicked, unintended actions are performed without the user’s knowledge. In particular, it is shown that users are lured to touch an object of an application triggering unintended actions not actually intended by victims ...


The Impact Of Custom Rom Backups On Android External Storage Erasure, Haydon Hope, Peter Hannay Jan 2014

The Impact Of Custom Rom Backups On Android External Storage Erasure, Haydon Hope, Peter Hannay

Australian Digital Forensics Conference

The Android operating system is the current market leader on mobile devices such as smartphones and tablet computers. The core operating system is open source and has a number of developers creating variants of this operating system. These variants, often referred to as custom ROMs are available for a wide number of mobile devices. Custom ROMs provide a number of features, such as enhanced control over the operating system, variation in user interfaces and so on. The process of installing custom ROMs is often accomplished through the use of a ROM manager application. Such applications often provide mechanisms to back ...


Mobile Device Vulnerabilities & Securities, Luke Rondeau Jan 2014

Mobile Device Vulnerabilities & Securities, Luke Rondeau

Senior Honors Theses

An investigation on current mobile vulnerabilities and research into security. Also, a proof of concept to show the ease of injecting an Android phone with a virus.


Forensic Analysis Of Whatsapp On Android Smartphones, Neha S. Thakur Aug 2013

Forensic Analysis Of Whatsapp On Android Smartphones, Neha S. Thakur

University of New Orleans Theses and Dissertations

Android forensics has evolved over time offering significant opportunities and exciting challenges. On one hand, being an open source platform Android is giving developers the freedom to contribute to the rapid growth of the Android market whereas on the other hand Android users may not be aware of the security and privacy implications of installing these applications on their phones. Users may assume that a password-locked device protects their personal information, but applications may retain private information on devices, in ways that users might not anticipate. In this thesis we will be concentrating on one such application called 'WhatsApp', a ...


Trends In Android Malware Detection, Kaveh Shaerpour, Ali Dehghantanha, Ramlan Mahmod Jan 2013

Trends In Android Malware Detection, Kaveh Shaerpour, Ali Dehghantanha, Ramlan Mahmod

Journal of Digital Forensics, Security and Law

This paper analyzes different Android malware detection techniques from several research papers, some of these techniques are novel while others bring a new perspective to the research work done in the past. The techniques are of various kinds ranging from detection using host based frameworks and static analysis of executable to feature extraction and behavioral patterns. Each paper is reviewed extensively and the core features of each technique are highlighted and contrasted with the others. The challenges faced during the development of such techniques are also discussed along with the future prospects for Android malware detection. The findings of the ...


Check Image Processing: Webp Conversion And Micr Scan Android Application, Trevor Bliss Apr 2012

Check Image Processing: Webp Conversion And Micr Scan Android Application, Trevor Bliss

Computer Engineering

As more users favor smartphones over computers for simple tasks, small businesses are constantly exploring mobile options to present to their customers. This write-up documents an Android application designed for a small company, which allows users to send pictures of checks to the company’s servers for processing. The picture is taken with the devices built-in camera and is converted to Google’s new image format, WebP. The company’s server processes the check and returns the check’s MICR code as a response. This application leverages the Android NDK and JNI to use Google’s open source image conversion ...


Comparing Android Applications To Find Copying, Larry Melling, Bob Zeidman Jan 2012

Comparing Android Applications To Find Copying, Larry Melling, Bob Zeidman

Journal of Digital Forensics, Security and Law

The Android smartphone operating system includes a Java virtual machine that enables rapid development and deployment of a wide variety of applications. The open nature of the platform means that reverse engineering of applications is relatively easy, and many developers are concerned as applications similar to their own show up in the Android marketplace and want to know if these applications are pirated. Fortunately, the same characteristics that make an Android application easy to reverse engineer and copy also provide opportunities for Android developers to compare downloaded applications to their own. This paper describes the process for comparing a developer ...


A Location-Aware Architecture Supporting Intelligent Real-Time Mobile Applications, Sean J. Barbeau Jan 2012

A Location-Aware Architecture Supporting Intelligent Real-Time Mobile Applications, Sean J. Barbeau

Graduate Theses and Dissertations

This dissertation presents LAISYC, a modular location-aware architecture for intelligent real-time mobile applications that is fully-implementable by third party mobile app developers and supports high-precision and high-accuracy positioning systems such as GPS. LAISYC significantly improves device battery life, provides location data authenticity, ensures security of location data, and significantly reduces the amount of data transferred between the phone and server. The design, implementation, and evaluation of LAISYC using real mobile phones include the following modules: the GPS Auto-Sleep module saves battery energy when using GPS, maintaining acceptable movement tracking (approximately 89% accuracy) with an approximate average doubling of battery life ...


Forensic Analysis Of Social Networking Applications On Mobile Devices, Noora Al Mutawa, Ibrahim Baggili, Andrew Marrington Jan 2012

Forensic Analysis Of Social Networking Applications On Mobile Devices, Noora Al Mutawa, Ibrahim Baggili, Andrew Marrington

Electrical & Computer Engineering and Computer Science Faculty Publications

The increased use of social networking applications on smartphones makes these devices a goldmine for forensic investigators. Potential evidence can be held on these devices and recovered with the right tools and examination methods. This paper focuses on conducting forensic analyses on three widely used social networking applications on smartphones: Facebook, Twitter, and MySpace. The tests were conducted on three popular smartphones: BlackBerrys, iPhones, and Android phones. The tests consisted of installing the social networking applications on each device, conducting common user activities through each application, acquiring a forensically sound logical image of each device, and performing manual forensic analysis ...