{"title":"Proceedings of the 1st International Workshop on Advances in Mobile App Analysis","authors":"","doi":"10.1145/3243218","DOIUrl":"https://doi.org/10.1145/3243218","url":null,"abstract":"","PeriodicalId":324676,"journal":{"name":"Proceedings of the 1st International Workshop on Advances in Mobile App Analysis","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114363404","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
To counter the continuous threat posed by Android malware, we attempted to devise a novel method based on active learning. Nonetheless, evaluating our active learning based method on three different Android malware datasets resulted in performance discrepancies. In an attempt to explain such inconsistencies, we postulated research questions and designed corresponding experiments to answer them. The results of our experiments unveiled the reasons behind the struggles of our method and, more importantly, revealed some limitations with the current Android malware detection methods that, we fear, can be leveraged by malware authors to evade detection. In this paper, we share with the research community our research questions, experiments, and findings to instigate researchers to devise methods to tackle such limitations.
{"title":"Poking the bear: lessons learned from probing three Android malware datasets","authors":"Aleieldin Salem, A. Pretschner","doi":"10.1145/3243218.3243222","DOIUrl":"https://doi.org/10.1145/3243218.3243222","url":null,"abstract":"To counter the continuous threat posed by Android malware, we attempted to devise a novel method based on active learning. Nonetheless, evaluating our active learning based method on three different Android malware datasets resulted in performance discrepancies. In an attempt to explain such inconsistencies, we postulated research questions and designed corresponding experiments to answer them. The results of our experiments unveiled the reasons behind the struggles of our method and, more importantly, revealed some limitations with the current Android malware detection methods that, we fear, can be leveraged by malware authors to evade detection. In this paper, we share with the research community our research questions, experiments, and findings to instigate researchers to devise methods to tackle such limitations.","PeriodicalId":324676,"journal":{"name":"Proceedings of the 1st International Workshop on Advances in Mobile App Analysis","volume":"50 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127683063","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Android has rocketed to the top of the mobile market thanks in large part to its open source model. Vendors use Android for their devices for free, and companies make customizations to suit their needs. This has resulted in a myriad of configurations that are extant in the user space today. In this paper, we show that differences in configurations, if ignored, can lead to differences in test outputs and code coverage. Consequently, researchers who develop new testing techniques and evaluate them on only one or two configurations are missing a necessary dimension in their experiments and developers who ignore this may release buggy software. In a large study on 18 apps across 88 configurations, we show that only one of the 18 apps studied showed no variation at all. The rest showed variation in either, or both, code coverage and test results. 15% of the 2,000 plus test cases across all of the apps vary, and some of the variation is subtle, i.e. not just a test crash. Our results suggest that configurations in Android testing do matter and that developers need to test using configuration-aware techniques.
{"title":"Configurations in Android testing: they matter","authors":"Emily Kowalczyk, Myra B. Cohen, A. Memon","doi":"10.1145/3243218.3243219","DOIUrl":"https://doi.org/10.1145/3243218.3243219","url":null,"abstract":"Android has rocketed to the top of the mobile market thanks in large part to its open source model. Vendors use Android for their devices for free, and companies make customizations to suit their needs. This has resulted in a myriad of configurations that are extant in the user space today. In this paper, we show that differences in configurations, if ignored, can lead to differences in test outputs and code coverage. Consequently, researchers who develop new testing techniques and evaluate them on only one or two configurations are missing a necessary dimension in their experiments and developers who ignore this may release buggy software. In a large study on 18 apps across 88 configurations, we show that only one of the 18 apps studied showed no variation at all. The rest showed variation in either, or both, code coverage and test results. 15% of the 2,000 plus test cases across all of the apps vary, and some of the variation is subtle, i.e. not just a test crash. Our results suggest that configurations in Android testing do matter and that developers need to test using configuration-aware techniques.","PeriodicalId":324676,"journal":{"name":"Proceedings of the 1st International Workshop on Advances in Mobile App Analysis","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130498028","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Vincenzo Chiaramida, F. Pinci, U. Buy, Rigel Gjomemo
We identify several reliability issues arising from interactions between components of system-defined Android apps and components of third-party apps. These issues are generally caused by incorrect assumptions that system apps make about the behavior of third-party apps, resulting in significant vulnerabilities in system apps. For instance, it is possible for a third-party app to make many system applications to crash, including the Phone app used to make and receive phone calls, the Settings app used to configure a mobile device, and several other apps that expose a so-called started service. Our findings indicate that additional automated tools for integration testing and static analysis of Android apps are in order. Here we discuss AppSeer, a toolset that automatically detects vulnerabilities of system apps and third-party apps. Preliminary precision and recall results for AppSeer are quite encouraging.
{"title":"AppSeer: discovering flawed interactions among Android components","authors":"Vincenzo Chiaramida, F. Pinci, U. Buy, Rigel Gjomemo","doi":"10.1145/3243218.3243225","DOIUrl":"https://doi.org/10.1145/3243218.3243225","url":null,"abstract":"We identify several reliability issues arising from interactions between components of system-defined Android apps and components of third-party apps. These issues are generally caused by incorrect assumptions that system apps make about the behavior of third-party apps, resulting in significant vulnerabilities in system apps. For instance, it is possible for a third-party app to make many system applications to crash, including the Phone app used to make and receive phone calls, the Settings app used to configure a mobile device, and several other apps that expose a so-called started service. Our findings indicate that additional automated tools for integration testing and static analysis of Android apps are in order. Here we discuss AppSeer, a toolset that automatically detects vulnerabilities of system apps and third-party apps. Preliminary precision and recall results for AppSeer are quite encouraging.","PeriodicalId":324676,"journal":{"name":"Proceedings of the 1st International Workshop on Advances in Mobile App Analysis","volume":"63 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116731670","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Partial evaluation is widely performed statically, to perform a source to source transformation on a source program that yields a specialized source program. A key observation is that current partial evaluation schemes perform fast but relatively shallow static analyses. In this paper we propose to deepen the reach of such partial evaluation schemes by selectively adding local symbolic execution. Concretely, we describe the SPEjs symbolic partial evaluator for JavaScript that is built on Babel and the SMT solver Z3. To gauge the promise of this approach we compared SPEjs with Facebook's state-of-the-art partial evaluator Prepack. Our results on a set of micro benchmarks and Prepack's test suite indicate that, within Prepack's runtime budget, SPEjs was able to simplify additional expressions and therefore remove dead code branches that Prepack failed to remove, yielding smaller residual programs.
{"title":"SPEjs: a symbolic partial evaluator for JavaScript","authors":"Sümeyye Süslü, Christoph Csallner","doi":"10.1145/3243218.3243220","DOIUrl":"https://doi.org/10.1145/3243218.3243220","url":null,"abstract":"Partial evaluation is widely performed statically, to perform a source to source transformation on a source program that yields a specialized source program. A key observation is that current partial evaluation schemes perform fast but relatively shallow static analyses. In this paper we propose to deepen the reach of such partial evaluation schemes by selectively adding local symbolic execution. Concretely, we describe the SPEjs symbolic partial evaluator for JavaScript that is built on Babel and the SMT solver Z3. To gauge the promise of this approach we compared SPEjs with Facebook's state-of-the-art partial evaluator Prepack. Our results on a set of micro benchmarks and Prepack's test suite indicate that, within Prepack's runtime budget, SPEjs was able to simplify additional expressions and therefore remove dead code branches that Prepack failed to remove, yielding smaller residual programs.","PeriodicalId":324676,"journal":{"name":"Proceedings of the 1st International Workshop on Advances in Mobile App Analysis","volume":"65 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124594170","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Cuiyun Gao, Jichuan Zeng, Federica Sarro, Michael R. Lyu, Irwin King
Advertising is an important revenue source for mobile app development, especially for free apps. However, ads also carry costs to users. Displaying ads can interfere user experience, and lead to less user retention and reduced earnings ultimately. Although there are recent studies devoted to directly mitigating ad costs, for example, by reducing the battery or memory consumed, comprehensive analysis on ad embedded schemes (e.g., ad sizes and ad providers) has rarely been conducted. In this paper, we focus on analyzing three types of performance cost, i.e., cost of memory/CPU, traffic, and battery. We explore 12 ad schemes used in 104 popular Android apps and compare their performance consumption. We show that the performance costs of the ad schemes we analyzed are significantly different. We also summarize the ad schemes that would generate low resource cost to users. Our summary is endorsed by 37 experienced app developers we surveyed.
{"title":"Exploring the effects of ad schemes on the performance cost of mobile phones","authors":"Cuiyun Gao, Jichuan Zeng, Federica Sarro, Michael R. Lyu, Irwin King","doi":"10.1145/3243218.3243221","DOIUrl":"https://doi.org/10.1145/3243218.3243221","url":null,"abstract":"Advertising is an important revenue source for mobile app development, especially for free apps. However, ads also carry costs to users. Displaying ads can interfere user experience, and lead to less user retention and reduced earnings ultimately. Although there are recent studies devoted to directly mitigating ad costs, for example, by reducing the battery or memory consumed, comprehensive analysis on ad embedded schemes (e.g., ad sizes and ad providers) has rarely been conducted. In this paper, we focus on analyzing three types of performance cost, i.e., cost of memory/CPU, traffic, and battery. We explore 12 ad schemes used in 104 popular Android apps and compare their performance consumption. We show that the performance costs of the ad schemes we analyzed are significantly different. We also summarize the ad schemes that would generate low resource cost to users. Our summary is endorsed by 37 experienced app developers we surveyed.","PeriodicalId":324676,"journal":{"name":"Proceedings of the 1st International Workshop on Advances in Mobile App Analysis","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131120912","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Repackaging is a technique adopted by attackers to generate fake, malicious versions of legitimate Android apps, which undermines users’ trust in the Android ecosystem. Unfortunately, the process of releasing and evaluating anti-repackaging techniques is hindered by the difficulty of acquiring repackaged versions of legitimate apps that employ those techniques on demand. In this paper, we present Repackman, a tool to automatically repackage Android apps with arbitrary payloads. We evaluate the feasibility and reliability of the tool and furnish it upon request for the research community to generate repackaged apps on demand for research purposes.
{"title":"Repackman: a tool for automatic repackaging of Android apps","authors":"Aleieldin Salem, F. F. Paulus, A. Pretschner","doi":"10.1145/3243218.3243224","DOIUrl":"https://doi.org/10.1145/3243218.3243224","url":null,"abstract":"Repackaging is a technique adopted by attackers to generate fake, malicious versions of legitimate Android apps, which undermines users’ trust in the Android ecosystem. Unfortunately, the process of releasing and evaluating anti-repackaging techniques is hindered by the difficulty of acquiring repackaged versions of legitimate apps that employ those techniques on demand. In this paper, we present Repackman, a tool to automatically repackage Android apps with arbitrary payloads. We evaluate the feasibility and reliability of the tool and furnish it upon request for the research community to generate repackaged apps on demand for research purposes.","PeriodicalId":324676,"journal":{"name":"Proceedings of the 1st International Workshop on Advances in Mobile App Analysis","volume":"44 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128454746","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: