Computer Sciences Commons^™

Security Analysis Of Permission Re-Delegation Vulnerabilities In Android Apps, Biniam Fisseha Demissie, Mariano Ceccato, Lwin Khin Shar

Research Collection School Of Computing and Information Systems

The Android platform facilitates reuse of app functionalities by allowing an app to request an action from another app through inter-process communication mechanism. This feature is one of the reasons for the popularity of Android, but it also poses security risks to the end users because malicious, unprivileged apps could exploit this feature to make privileged apps perform privileged actions on behalf of them. In this paper, we investigate the hybrid use of program analysis, genetic algorithm based test generation, natural language processing, machine learning techniques for precise detection of permission re-delegation vulnerabilities in Android apps. Our approach first groups …

Security Analysis Of Permission Re-Delegation Vulnerabilities In Android Apps, Biniam Fisseha Demissie, Mariano Ceccato, Lwin Khin Shar

Research Collection School Of Computing and Information Systems

The Android platform facilitates reuse of app func- tionalities by allowing an app to request an action from another app through inter-process communication mechanism. This fea- ture is one of the reasons for the popularity of Android, but it also poses security risks to end users because malicious, unprivileged apps could exploit this feature to make privileged apps perform privileged actions on behalf of them.

In our journal paper [4], we investigate the hybrid use of program analysis, genetic algorithm based test generation, natu- ral language processing, machine learning techniques for precise detection of permission re-delegation vulnerabilities in Android apps. …

Prevalence, Contents And Automatic Detection Of Kl-Satd, Leevi Rantala, Mika Mantyla, David Lo

Research Collection School Of Computing and Information Systems

When developers use different keywords such as TODO and FIXME in source code comments to describe self-admitted technical debt (SATD), we refer it as Keyword-Labeled SATD (KL-SATD). We study KL-SATD from 33 software repositories with 13,588 KL-SATD comments. We find that the median percentage of KL-SATD comments among all comments is only 1,52%. We find that KL-SATD comment contents include words expressing code changes and uncertainty, such as remove, fix, maybe and probably. This makes them different compared to other comments. KL-SATD comment contents are similar to manually labeled SATD comments of prior work. Our machine learning classifier using logistic …

Entity-Sensitive Attention And Fusion Network For Entity-Level Multimodal Sentiment Classification, Jianfei Yu, Jing Jiang

Research Collection School Of Computing and Information Systems

Entity-level (aka target-dependent) sentiment analysis of social media posts has recently attracted increasing attention, and its goal is to predict the sentiment orientations over individual target entities mentioned in users' posts. Most existing approaches to this task primarily rely on the textual content, but fail to consider the other important data sources (e.g., images, videos, and user profiles), which can potentially enhance these text-based approaches. Motivated by the observation, we study entity-level multimodal sentiment classification in this article, and aim to explore the usefulness of images for entity-level sentiment detection in social media posts. Specifically, we propose an Entity-Sensitive Attention …