Computer Engineering Commons^™

A Real-World, Hybrid Event Sequence Generation Framework For Android Apps, Jun Sun

Department of Computer Science and Engineering: Dissertations, Theses, and Student Research

Generating meaningful inputs for Android apps is still a challenging issue that needs more research. Past research efforts have shown that random test generation is still an effective means to exercise User-Interface (UI) events to achieve high code coverage. At the same time, heuristic search approaches can effectively reach specified code targets. Our investigation shows that these approaches alone are insufficient to generate inputs that can exercise specific code locations in complex Android applications.

This thesis introduces a hybrid approach that combines two different input generation techniques--heuristic search based on genetic algorithm and random instigation of UI events, to reach …

Advanced Techniques To Detect Complex Android Malware, Zhiqiang Li

Department of Computer Science and Engineering: Dissertations, Theses, and Student Research

Android is currently the most popular operating system for mobile devices in the world. However, its openness is the main reason for the majority of malware to be targeting Android devices. Various approaches have been developed to detect malware.

Unfortunately, new breeds of malware utilize sophisticated techniques to defeat malware detectors. For example, to defeat signature-based detectors, malware authors change the malware’s signatures to avoid detection. As such, a more effective approach to detect malware is by leveraging malware’s behavioral characteristics. However, if a behavior-based detector is based on static analysis, its reported results may contain a large number of …

Advanced Security Analysis For Emergent Software Platforms, Mohannad Alhanahnah

Department of Computer Science and Engineering: Dissertations, Theses, and Student Research

Emergent software ecosystems, boomed by the advent of smartphones and the Internet of Things (IoT) platforms, are perpetually sophisticated, deployed into highly dynamic environments, and facilitating interactions across heterogeneous domains. Accordingly, assessing the security thereof is a pressing need, yet requires high levels of scalability and reliability to handle the dynamism involved in such volatile ecosystems.

This dissertation seeks to enhance conventional security detection methods to cope with the emergent features of contemporary software ecosystems. In particular, it analyzes the security of Android and IoT ecosystems by developing rigorous vulnerability detection methods. A critical aspect of this work is the …

Gaindroid: General Automated Incompatibility Notifier For Android Applications, Bruno Vieira Resende E Silva

Department of Computer Science and Engineering: Dissertations, Theses, and Student Research

With the ever-increasing popularity of mobile devices over the last decade, mobile apps and the frameworks upon which they are built frequently change. This rapid evolution leads to a confusing jumble of devices and applications utilizing differing features even within the same framework. For Android apps and devices, representing over 80% of the market share, mismatches between the version of the Android operating system installed on a device and the version of the app installed, can lead to several run-time crashes, providing a poor user experience.

This thesis presents GAINDroid, an analysis approach, backed with a classloader based program analyzer, …

Permission-Based Privacy Analysis For Android Applications, Erza Gashi, Zhilbert Tafa

International Journal of Business and Technology

While Information and Communication Technology (ICT) trends are moving towards the Internet of Things (IoT), mobile applications are becoming more and more popular. Mostly due to their pervasiveness and the level of interaction with the users, along with the great number of advantages, the mobile applications bring up a great number of privacy related issues as well. These platforms can gather our very sensitive private data by only granting them a list of permissions during the installation process. Additionally, most of the users can find it difficult, or even useless, to analyze system permissions. Thus, their guess of app’s safety …

Androparse - An Android Feature Extraction Framework & Dataset, Robert Schmicker, Frank Breitinger, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

Android malware has become a major challenge. As a consequence, practitioners and researchers spend a significant time analyzing Android applications (APK). A common procedure (especially for data scientists) is to extract features such as permissions, APIs or strings which can then be analyzed. Current state of the art tools have three major issues: (1) a single tool cannot extract all the significant features used by scientists and practitioners (2) Current tools are not designed to be extensible and (3) Existing parsers do not have runtime efficiency. Therefore, this work presents AndroParse which is an open-source Android parser written in Golang …

Assured Android Execution Environments, Brandon P. Froberg

Theses and Dissertations

Current cybersecurity best practices, techniques, tactics and procedures are insufficient to ensure the protection of Android systems. Software tools leveraging formal methods use mathematical means to assure both a design and implementation for a system and these methods can be used to provide security assurances. The goal of this research is to determine methods of assuring isolation when executing Android software in a contained environment. Specifically, this research demonstrates security properties relevant to Android software containers can be formally captured and validated, and that an implementation can be formally verified to satisfy a corresponding specification. A three-stage methodology called "The …

If I Had A Million Cryptos: Cryptowallet Application Analysis And A Trojan Proof-Of-Concept, Trevor Haigh, Frank Breitinger, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

Cryptocurrencies have gained wide adoption by enthusiasts and investors. In this work, we examine seven different Android cryptowallet applications for forensic artifacts, but we also assess their security against tampering and reverse engineering. Some of the biggest benefits of cryptocurrency is its security and relative anonymity. For this reason it is vital that wallet applications share the same properties. Our work, however, indicates that this is not the case. Five of the seven applications we tested do not implement basic security measures against reverse engineering. Three of the applications stored sensitive information, like wallet private keys, insecurely and one was …

Permission-Based Privacy Analysis For Android Applications, Erza Gashi, Zhilbert Tafa

UBT International Conference

While Information and Communication Technology (ICT) trends are moving towards the Internet of Things (IoT), mobile applications are becoming more and more popular. Mostly due to their pervasiveness and the level of interaction with the users, along with the great number of advantages, the mobile applications bring up a great number of privacy related issues as well. These platforms can gather our very sensitive private data by only granting them a list of permissions during the installation process. Additionally, most of the users can find it difficult, or even useless, to analyze system permissions. Thus, their guess of app’s safety …

Breaking Into The Vault: Privacy, Security And Forensic Analysis Of Android Vault Applications, Xiaolu Zhang, Ibrahim Baggili, Frank Breitinger

Electrical & Computer Engineering and Computer Science Faculty Publications

In this work we share the first account for the forensic analysis, security and privacy of Android vault applications. Vaults are designed to be privacy enhancing as they allow users to hide personal data but may also be misused to hide incriminating files. Our work has already helped law enforcement in the state of Connecticut to reconstruct 66 incriminating images and 18 videos in a single criminal case. We present case studies and results from analyzing 18 Android vault applications (accounting for nearly 220 million downloads from the Google Play store) by reverse engineering them and examining the forensic artifacts …

Toward Accurate Network Delay Measurement On Android Phones, Weichao Li, Daoyuan Wu, Rocky K. C. Chang, Ricky K. P. Mok

Research Collection School Of Computing and Information Systems

Measuring and understanding the performance of mobile networks is becoming very important for end users and operators. Despite the availability of many measurement apps, their measurement accuracy has not received sufficient scrutiny. In this paper, we appraise the accuracy of smartphone-based network performance measurement using the Android platform and the network round-trip time (RTT) as the metric. We show that two of the most popular measurement apps-Ookla Speedtest and MobiPerf-have their RTT measurements inflated. We build three test apps that cover three common measurement methods and evaluate them in a testbed. We overcome the main challenge of obtaining a complete …

Development Of An Android Based Performance Assessment System For Motivational Interviewing Training, Sowmya Pappu

Browse all Theses and Dissertations

Motivational Interviewing (MI) has been proved to be an effective Screening, Brief Intervention, and Referral to Treatment (SBIRT) technique. It is an evidence-based practice used to identify, reduce, and prevent problematic use, abuse, and dependence on alcohol and illicit drugs. It emphasizes on patient-centered counseling approach that can help resolve their ambivalence through a non-confrontational, goal-oriented style for eliciting behavior change from the patient, almost like patients talk themselves into change. This approach provokes less resistance and stimulates the progress of patients at their own pace towards deciding about planning, making and sustaining positive behavioral change. Thus, training medical professionals …

Android Drone: Remote Quadcopter Control With A Phone, Aubrey John Russell

Computer Engineering

The purpose of the “Android Drone” project was to create a quadcopter that can be controlled by user input sent over the phone’s Wi-Fi connection or 4G internet connection. Furthermore, the purpose was also to be able to receive live video feedback over the internet connection, thus making the drone an inexpensive option compared to other, equivalent drones that might cost thousands of dollars. Not only that, but the Android phone also has a host of other useful features that could be utilized by the drone: this includes GPS, pathing, picture taking, data storage, networking and TCP/IP, a Java software …

Semeo: A Semantic Equivalence Analysis Framework For Obfuscated Android Applications, Zhen Hu

Department of Computer Science and Engineering: Dissertations, Theses, and Student Research

Software repackaging is a common approach for creating malware. In this approach, malware authors inject malicious payloads into legitimate applications; then, to ren- der security analysis more difficult, they obfuscate most or all of the code. This forces analysts to spend a large amount of effort filtering out benign obfuscated methods in order to locate potentially malicious methods for further analysis. If an effective mechanism for filtering out benign obfuscated methods were available, the number of methods that must be analyzed could be reduced, allowing analysts to be more productive. In this thesis, we introduce SEMEO, a highly effective and …

Using Ubiquitous Data To Improve Smartwatches' Context Awareness, Yuankun Song

Open Access Theses

Nowadays, more and more data is being generated by various software applications, services and smart devices every second. The data contains abundant information about people’s daily lives. This research explored the possibility of improving smartwatches’ context awareness by using common ubiquitous data. The researcher developed a prototype system consisting of an Android application and a web application, and conducted an experiment where 10 participants performed several tasks with the help of a smartwatch. The result showed a significant improvement of the smartwatch’s context awareness running the prototype application, which used ubiquitous data to automatically execute proper actions according to contexts. …

Significant Permission Identification For Android Malware Detection, Lichao Sun

Department of Computer Science and Engineering: Dissertations, Theses, and Student Research

A recent report indicates that a newly developed malicious app for Android is introduced every 11 seconds. To combat this alarming rate of malware creation, we need a scalable malware detection approach that is effective and efficient. In this thesis, we introduce SigPID, a malware detection system based on permission analysis to cope with the rapid increase in the number of Android malware. Instead of analyzing all 135 Android permissions, our approach applies 3-level pruning by mining the permission data to identify only significant permissions that can be effective in distinguishing benign and malicious apps. Based on the identified significant …

Pinpoint: Efficient And Effective Resource Isolation For Mobile Security And Privacy, Paul Ratazzi, Ashok Bommisetti, Nian Ji, Wenliang Du

Electrical Engineering and Computer Science - All Scholarship

Virtualization is frequently used to isolate untrusted processes and control their access to sensitive resources. However, isolation usually carries a price in terms of less resource sharing and reduced inter-process communication. In an open architecture such as Android, this price and its impact on performance, usability, and transparency must be carefully considered. Although previous efforts in developing general-purpose isolation solutions have shown that some of these negative sideeffects can be mitigated, doing so involves overcoming significant design challenges by incorporating numerous additional platform complexities not directly related to improved security. Thus, the general purpose solutions become inefficient and burdensome if …

Network And Device Forensic Analysis Of Android Social-Messaging Applications, Daniel Walnycky, Ibrahim Baggili, Andrew Marrington, Jason Moore, Frank Breitinger

Electrical & Computer Engineering and Computer Science Faculty Publications

In this research we forensically acquire and analyze the device-stored data and network traffic of 20 popular instant messaging applications for Android. We were able to reconstruct some or the entire message content from 16 of the 20 applications tested, which reflects poorly on the security and privacy measures employed by these applications but may be construed positively for evidence collection purposes by digital forensic practitioners. This work shows which features of these instant messaging applications leave evidentiary traces allowing for suspect data to be reconstructed or partially reconstructed, and whether network forensics or device forensics permits the reconstruction of …

Spirit: A Home Automation System, Andrew Choi

Computer Engineering

Spirit is a multi device home automation system. Designed and implemented for California Polytechnic State University’s Senior Project program, this project was worked on during the duration of two school quarters from January 7, 2014 to June 13, 2014. The system consists of monitor/controllers designed to carry out everyday tasks in the average American household and an accompanying mobile application designed to receive information and control the devices. The monitor/controllers, or “Spirits”, are primarily developed using Arduino development tools and Arduino microcontroller boards. The spirits include a thermostat, named Tempus, an electrical outlet, Electrus, and a wall light switch, Luxos.

Mobile Device Vulnerabilities & Securities, Luke Rondeau

Senior Honors Theses and Projects

An investigation on current mobile vulnerabilities and research into security. Also, a proof of concept to show the ease of injecting an Android phone with a virus.

The Impact Of Custom Rom Backups On Android External Storage Erasure, Haydon Hope, Peter Hannay

Australian Digital Forensics Conference

The Android operating system is the current market leader on mobile devices such as smartphones and tablet computers. The core operating system is open source and has a number of developers creating variants of this operating system. These variants, often referred to as custom ROMs are available for a wide number of mobile devices. Custom ROMs provide a number of features, such as enhanced control over the operating system, variation in user interfaces and so on. The process of installing custom ROMs is often accomplished through the use of a ROM manager application. Such applications often provide mechanisms to back …

Forensic Analysis Of Whatsapp On Android Smartphones, Neha S. Thakur

University of New Orleans Theses and Dissertations

Android forensics has evolved over time offering significant opportunities and exciting challenges. On one hand, being an open source platform Android is giving developers the freedom to contribute to the rapid growth of the Android market whereas on the other hand Android users may not be aware of the security and privacy implications of installing these applications on their phones. Users may assume that a password-locked device protects their personal information, but applications may retain private information on devices, in ways that users might not anticipate. In this thesis we will be concentrating on one such application called 'WhatsApp', a …

Trends In Android Malware Detection, Kaveh Shaerpour, Ali Dehghantanha, Ramlan Mahmod

Journal of Digital Forensics, Security and Law

This paper analyzes different Android malware detection techniques from several research papers, some of these techniques are novel while others bring a new perspective to the research work done in the past. The techniques are of various kinds ranging from detection using host based frameworks and static analysis of executable to feature extraction and behavioral patterns. Each paper is reviewed extensively and the core features of each technique are highlighted and contrasted with the others. The challenges faced during the development of such techniques are also discussed along with the future prospects for Android malware detection. The findings of the …

A Location-Aware Architecture Supporting Intelligent Real-Time Mobile Applications, Sean J. Barbeau

USF Tampa Graduate Theses and Dissertations

This dissertation presents LAISYC, a modular location-aware architecture for intelligent real-time mobile applications that is fully-implementable by third party mobile app developers and supports high-precision and high-accuracy positioning systems such as GPS. LAISYC significantly improves device battery life, provides location data authenticity, ensures security of location data, and significantly reduces the amount of data transferred between the phone and server. The design, implementation, and evaluation of LAISYC using real mobile phones include the following modules: the GPS Auto-Sleep module saves battery energy when using GPS, maintaining acceptable movement tracking (approximately 89% accuracy) with an approximate average doubling of battery life. …

Check Image Processing: Webp Conversion And Micr Scan Android Application, Trevor Bliss

Computer Engineering

As more users favor smartphones over computers for simple tasks, small businesses are constantly exploring mobile options to present to their customers. This write-up documents an Android application designed for a small company, which allows users to send pictures of checks to the company’s servers for processing. The picture is taken with the devices built-in camera and is converted to Google’s new image format, WebP. The company’s server processes the check and returns the check’s MICR code as a response. This application leverages the Android NDK and JNI to use Google’s open source image conversion libraries as well as socket …

Comparing Android Applications To Find Copying, Larry Melling, Bob Zeidman

Journal of Digital Forensics, Security and Law

The Android smartphone operating system includes a Java virtual machine that enables rapid development and deployment of a wide variety of applications. The open nature of the platform means that reverse engineering of applications is relatively easy, and many developers are concerned as applications similar to their own show up in the Android marketplace and want to know if these applications are pirated. Fortunately, the same characteristics that make an Android application easy to reverse engineer and copy also provide opportunities for Android developers to compare downloaded applications to their own. This paper describes the process for comparing a developer’s …

Forensic Analysis Of Social Networking Applications On Mobile Devices, Noora Al Mutawa, Ibrahim Baggili, Andrew Marrington

Electrical & Computer Engineering and Computer Science Faculty Publications

The increased use of social networking applications on smartphones makes these devices a goldmine for forensic investigators. Potential evidence can be held on these devices and recovered with the right tools and examination methods. This paper focuses on conducting forensic analyses on three widely used social networking applications on smartphones: Facebook, Twitter, and MySpace. The tests were conducted on three popular smartphones: BlackBerrys, iPhones, and Android phones. The tests consisted of installing the social networking applications on each device, conducting common user activities through each application, acquiring a forensically sound logical image of each device, and performing manual forensic analysis …