Computer Engineering Commons^™

Androparse - An Android Feature Extraction Framework & Dataset, Robert Schmicker, Frank Breitinger, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

Android malware has become a major challenge. As a consequence, practitioners and researchers spend a significant time analyzing Android applications (APK). A common procedure (especially for data scientists) is to extract features such as permissions, APIs or strings which can then be analyzed. Current state of the art tools have three major issues: (1) a single tool cannot extract all the significant features used by scientists and practitioners (2) Current tools are not designed to be extensible and (3) Existing parsers do not have runtime efficiency. Therefore, this work presents AndroParse which is an open-source Android parser written in Golang …

If I Had A Million Cryptos: Cryptowallet Application Analysis And A Trojan Proof-Of-Concept, Trevor Haigh, Frank Breitinger, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

Cryptocurrencies have gained wide adoption by enthusiasts and investors. In this work, we examine seven different Android cryptowallet applications for forensic artifacts, but we also assess their security against tampering and reverse engineering. Some of the biggest benefits of cryptocurrency is its security and relative anonymity. For this reason it is vital that wallet applications share the same properties. Our work, however, indicates that this is not the case. Five of the seven applications we tested do not implement basic security measures against reverse engineering. Three of the applications stored sensitive information, like wallet private keys, insecurely and one was …

Breaking Into The Vault: Privacy, Security And Forensic Analysis Of Android Vault Applications, Xiaolu Zhang, Ibrahim Baggili, Frank Breitinger

Electrical & Computer Engineering and Computer Science Faculty Publications

In this work we share the first account for the forensic analysis, security and privacy of Android vault applications. Vaults are designed to be privacy enhancing as they allow users to hide personal data but may also be misused to hide incriminating files. Our work has already helped law enforcement in the state of Connecticut to reconstruct 66 incriminating images and 18 videos in a single criminal case. We present case studies and results from analyzing 18 Android vault applications (accounting for nearly 220 million downloads from the Google Play store) by reverse engineering them and examining the forensic artifacts …

The Following Robot, Juan D. Cerda, Matthew S. Kwan, Vi M. Le

Computer Engineering

The objective of this project is to design, build, and test an autonomous robot with an associated Android application. The robot uses on board inertial measurement sensors (magnetometer, accelerometer, gyroscope) and coordinates itself through Bluetooth communication with the similar built­in measurement sensors on the Android phone to mimic and follow movement. The Following Robot incorporates the same basic movement functionality as a typical RC car. The robot follows the user’s phone through an application on one’s phone. This application accesses the phone’s accelerometer and gyroscope data and translates into appropriate conversions. Methods of tracking and calculating distance or angular displacement …

Wireless Window Blinds, Cooper Laone, Niraj Morar, Zachary Malig, Jake Phillips

Electrical Engineering

The Internet of Things asserts that there exists a global need for all objects to connect easily and accessibly. Today, smartphones, tablets, laptops and smart watches makeup just a few of the interconnected devices by the greater population. As a result a growing need for wireless connection between personal devices like phones, and computers to everyday appliances exists. This idea extends directly to households, businesses and buildings, where a growing need for smart home or smart-business appliances has taken root. Many companies like Nest, ADT and Apple make products for automated home security and in home media control. The Wireless …

Design And Implementation Of An Improved Android Application For Bard Shuttle Services, Chance O'Neihl Wren

Senior Projects Spring 2017

With the growing population of Bard College, the need for the college’s shuttle system continues to grow. As a result, enabling the Bard community to quickly and easily access the shuttle schedules and times, has also become more important in the daily of life of Bard College's inhabitants. Although Bard College has a mobile application for Android and iPhone mobile devices alike, there was a growing demand for a new improved shuttle application for Android mobile devices. This project seeks to improve the functionality, user friendliness, and availability of shuttle schedules to the Bard Community, in the form of a …

Pothole Reporting System, Alissa L. Mcgill, Brian G. Simmons, Sean D. Querry, Elizabeth J. Hammell

Williams Honors College, Honors Research Projects

The purpose of this project is to create a pothole detection device that can be attached to the underside of a commercial vehicle. Potholes cost motorists around 6.4 billion dollars annually, thus demonstrating the need for a system to aid with the detection and reporting of potholes. The four systems we needed to consider for the implementation of this project were the power system, the sensing system, the data processing system, and the reporting and logging system. Power pulled from the vehicle will enable the sensors and data processing module. The data processing module will analyze the readings from the …

Pinpoint: Efficient And Effective Resource Isolation For Mobile Security And Privacy, Paul Ratazzi, Ashok Bommisetti, Nian Ji, Wenliang Du

Electrical Engineering and Computer Science - All Scholarship

Virtualization is frequently used to isolate untrusted processes and control their access to sensitive resources. However, isolation usually carries a price in terms of less resource sharing and reduced inter-process communication. In an open architecture such as Android, this price and its impact on performance, usability, and transparency must be carefully considered. Although previous efforts in developing general-purpose isolation solutions have shown that some of these negative sideeffects can be mitigated, doing so involves overcoming significant design challenges by incorporating numerous additional platform complexities not directly related to improved security. Thus, the general purpose solutions become inefficient and burdensome if …

Analyzing Wi­Fi P2p In The Context Of A Hangman Game, William L. Honig

William L Honig

Wi­Fi P2P , which complies with the Wi­Fi Alliance's Wi­Fi Direct™ certification

2 3

program, is a relatively new addition to wireless communications systems. It is now

supported in Android operating system (since version 4.0). In theory, Wi­Fi Direct offers

advantages for ad hoc communications between mobile apps. A key goal of this project

was to evaluate the ability of Wi­Fi P2P for interconnecting mobile apps by using a

common game suitable to mobile screens and devices.

The application allows the user to interconnect two devices using Wi­Fi P2P and

play the classic hangman game. The players search for devices …

Network And Device Forensic Analysis Of Android Social-Messaging Applications, Daniel Walnycky, Ibrahim Baggili, Andrew Marrington, Jason Moore, Frank Breitinger

Electrical & Computer Engineering and Computer Science Faculty Publications

In this research we forensically acquire and analyze the device-stored data and network traffic of 20 popular instant messaging applications for Android. We were able to reconstruct some or the entire message content from 16 of the 20 applications tested, which reflects poorly on the security and privacy measures employed by these applications but may be construed positively for evidence collection purposes by digital forensic practitioners. This work shows which features of these instant messaging applications leave evidentiary traces allowing for suspect data to be reconstructed or partially reconstructed, and whether network forensics or device forensics permits the reconstruction of …

Trends In Android Malware Detection, Kaveh Shaerpour, Ali Dehghantanha, Ramlan Mahmod

Journal of Digital Forensics, Security and Law

This paper analyzes different Android malware detection techniques from several research papers, some of these techniques are novel while others bring a new perspective to the research work done in the past. The techniques are of various kinds ranging from detection using host based frameworks and static analysis of executable to feature extraction and behavioral patterns. Each paper is reviewed extensively and the core features of each technique are highlighted and contrasted with the others. The challenges faced during the development of such techniques are also discussed along with the future prospects for Android malware detection. The findings of the …

Lyfi, Kianoosh Salami, Justin Cotton, Elush Shirazpour

Electrical Engineering

This paper will cover the steps necessary to design, build, and manage networkable smart light switches over WiFi via a mobile application. It contains a microcontroller running a real time operating system, a WiFi module, a Java server with SQLite databasing, and a mobile phone application.

LyFi is designed to turn on/off and dim household lights while only requiring the same installation procedure as a less capable dimmer switch. Once installed and connected to a network, LyFi will self-discover and configure. The server automatically propogates a database of nodes where any mobile device running an application can receive an updated …

Comparing Android Applications To Find Copying, Larry Melling, Bob Zeidman

Journal of Digital Forensics, Security and Law

The Android smartphone operating system includes a Java virtual machine that enables rapid development and deployment of a wide variety of applications. The open nature of the platform means that reverse engineering of applications is relatively easy, and many developers are concerned as applications similar to their own show up in the Android marketplace and want to know if these applications are pirated. Fortunately, the same characteristics that make an Android application easy to reverse engineer and copy also provide opportunities for Android developers to compare downloaded applications to their own. This paper describes the process for comparing a developer’s …

Forensic Analysis Of Social Networking Applications On Mobile Devices, Noora Al Mutawa, Ibrahim Baggili, Andrew Marrington

Electrical & Computer Engineering and Computer Science Faculty Publications

The increased use of social networking applications on smartphones makes these devices a goldmine for forensic investigators. Potential evidence can be held on these devices and recovered with the right tools and examination methods. This paper focuses on conducting forensic analyses on three widely used social networking applications on smartphones: Facebook, Twitter, and MySpace. The tests were conducted on three popular smartphones: BlackBerrys, iPhones, and Android phones. The tests consisted of installing the social networking applications on each device, conducting common user activities through each application, acquiring a forensically sound logical image of each device, and performing manual forensic analysis …