Bibliography for Tightening the Android Mobile Platform

Bibliography for Tightening the Android Mobile Platform

Prabhaker Matetiwww.wright.edu/~pmateti

Wright State University, Dayton, OH 45435, USA

Nov 18, 2016

This is a bibliography of Android security researchpapers. For our own use. Obviously, not exhaustive.Needs lot more curating! Annotations are not mine.

The .bib files are located at http://cecs.wright.edu/~pmateti/ TBD. If you wish to contribute,please send me your .bib file.

I am trying to split the orignal android.bib intosmaller topic-focused files. At the moment, my bib-liography line includes these: analylis, ast-dsl,code-audit, kernels, android, battery,

forensics, privacy, uboot, arm-xen-kvm,

cloud, framework, provenance

References

Yousra Aafer, Wenliang Du, and Heng Yin. 2013.DroidAPIMiner: Mining API-level features for ro-bust malware detection in Android. In Security andPrivacy in Communication Networks. Springer,86103.

Yousra Aafer, Xiao Zhang, and Wenliang Du.2016. Harvesting Inconsistent Security Configura-tions in Custom Android ROMs via DifferentialAnalysis. In Proc. 25th USENIX Security Sym-posium (SEC16), USENIX Association. https://www.usenix.org/system/files/conference/

usenixsecurity16/sec16_paper_aafer.pdf.

Zair Abdelouahab, Claudio Aroucha, DenivaldoLopes, Jonathan Santos, Willian Ribeiro, andHigo Pires. 2015. Adaptive Security Mechanism:a study on the different approaches to mobile

devices. Journal of Information Sciences andComputing Technologies 2, 2 (2015), 147153.http://www.scitecresearch.com/journals/

index.php/jisct/article/viewFile/70/38.

Adrien Abraham, Radoniaina Andriatsimandefitra,Adrien Brunelat, J-F Lalande, and V Viet TriemTong. 2015. GroddDroid: a gorilla for trigger-ing malicious behaviors. In 2015 10th InternationalConference on Malicious and Unwanted Software(MALWARE). IEEE, 119127. https://hal.inria.fr/hal-01201743/document.

Aaron Adams. 2016. A Few Notes on UsefullyExploiting Libstagefright On Android 5.x. Tech-nical Report. www.nccgroup.trust. 22 pages.https://www.nccgroup.trust/globalassets/

our-research/uk/whitepapers/2016/01/

libstagefright-exploit-notespdf/2016.

Carlisle Adams. 2013. Have Money, Will Travel: ABrief Survey of the Mobile Payments Landscape.(2013).

Christoffer Quist Adamsen, Gianluca Mezzetti, andAnders Mller. 2015. Systematic execution of An-droid test suites in adverse conditions. In Proceed-ings of the 2015 International Symposium on Soft-ware Testing and Analysis. ACM, 8393.

Olawale Surajudeen Adebayo and Normaziah AbdulAziz. 2015. Static Code Analysis of Permission-based Features for Android Malware ClassificationUsing Apriori Algorithm with Particle Swarm Op-timization. Journal of Information Assurance &Security 10, 4 (2015).

1

www.wright.edu/~pmatetihttp://cecs.wright.edu/~pmateti/http://cecs.wright.edu/~pmateti/https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_aafer.pdfhttps://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_aafer.pdfhttps://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_aafer.pdfhttp://www.scitecresearch.com/journals/index.php/jisct/article/viewFile/70/38http://www.scitecresearch.com/journals/index.php/jisct/article/viewFile/70/38https://hal.inria.fr/hal-01201743/documenthttps://hal.inria.fr/hal-01201743/documenthttps://www.nccgroup.trust/ globalassets/ our-research/ uk/ whitepapers/ 2016/01/ libstagefright- exploit- notespdf/ 2016https://www.nccgroup.trust/ globalassets/ our-research/ uk/ whitepapers/ 2016/01/ libstagefright- exploit- notespdf/ 2016https://www.nccgroup.trust/ globalassets/ our-research/ uk/ whitepapers/ 2016/01/ libstagefright- exploit- notespdf/ 2016

www.wright.edu/~pmateti Android Security References

Vitor Afonso, Antonio Bianchi, Yanick Fratanto-nio, Adam Doupe, Mario Polino, Paulo de Geus,Christopher Kruegel, and Giovanni Vigna. 2016.Going Native: Using a Large-Scale Analysis ofAndroid Apps to Create a Practical Native-CodeSandboxing Policy. (2016).

Yuvraj Agarwal and Malcolm Hall. 2013. Pro-tectMyPrivacy: Detecting and MitigatingPrivacy Leaks on iOS Devices Using Crowd-sourcing. In Proceeding of the 11th annualinternational conference on Mobile systems,applications, and services. ACM, 97110.http://www.synergylabs.org/yuvraj/docs/

Agarwal_MobiSys2013_ProtectMyPrivacy.pdf.

Farhan Habib Ahmad, Komal Batool, and AzharJaved. 2016. Detection of Privacy Threat by Pe-culiar Feature Extraction in Malwares to Com-bat Targeted Cyber Attacks. In Advanced Com-puter and Communication Engineering Technol-ogy. Springer, 12371247.

Masab Ahmad, Syed Kamran Haider, Farrukh Hi-jaz, Marten van Dijk, and Omer Khan. 2015. Ex-ploring the performance implications of memorysafety primitives in many-core processors execut-ing multi-threaded workloads. In Proceedings of theFourth Workshop on Hardware and ArchitecturalSupport for Security and Privacy. ACM, 6.

Mehdi Aichouch and Moha Ait Hmid. 2015. Towardsan Implementation of a Blind Hypervisor. (2015),3. https://sec2-2015.inria.fr/files/2015/06/aichouch-paper.pdf.:: Towards an Implementation of a Blind Hy-pervisor Mehdi Aichouch and Moha Ait HmidCEA, List, Software Modules for System Secu-rity and Dependability Laboratory Point cour-rier 172, F-91191 Gif-sur-Yvette, [email protected], [email protected] Ab-stract One major fear of many virtual machinesusers is a corrupted hypervisor that might violatethe privacy of their VMs data. One possible ideato tackle such a problematic situation is to protectthe privacy of a virtual machine even though thehypervisor is not trustworthy. The blind hypervisor

approach define a set of hardware extensions andsoftware adaptation to prevent a hypervisor fromaccessing virtual machines private data even if ithas the most privileged access to hardware. ;;

PS Aiyyappan. 2015. Android Forensic SupportFramework. Masters thesis. Amrita VishwaVidyapeetham, Ettimadai, Tamil Nadu 641112, In-dia. Advisor: Prabhaker Mateti, http://cecs.wright.edu/~pmateti/Students/index.html.

Devdatta Akhawe and Adrienne Porter Felt. 2013.Alice in Warningland: A Large-Scale FieldStudy of Browser Security Warning Effectiveness(USENIX Security Symposium 2013).

Md Mozammil Alam, Sourav Hati, Debashis De, andSamiran Chattopadhyay. 2014. SeCure Sharing OfMobile Device Data Using Public Cloud. In Con-fluence The Next Generation Information Technol-ogy Summit (Confluence), 2014 5th InternationalConference-. IEEE, 149154.

Mohammed S Alam and Son T Vuong. 2015. Perfor-mance of malware classifier for android. In Com-puting and Communication (IEMCON), 2015 In-ternational Conference and Workshop on. IEEE,17.

Elvira Albert and Ivan Lanese. 2016. Formal Tech-niques for Distributed Objects, Components, andSystems: 36th IFIP WG 6.1 International Con-ference, FORTE 2016, Held as Part of the 11thInternational Federated Conference on DistributedComputing Techniques, DisCoTec 2016, Heraklion,Crete, Greece, June 6-9, 2016, Proceedings. Vol.9688. Springer. http://link.springer.com/book/10.1007/978-3-319-39570-8.

Bas Alberts and Massimiliano Oldani. 2011. Beatingup on Android. http://titanium.immunityinc.com/(2011). http://titanium.immunityinc.com/infiltrate/archives.html.

Ahmad-Reza Sadeghi Alexandra Dmitrienko,Christopher Liebchen, Christian Rossow. 2014.On the (In)Security of Mobile Two-Factor Au-thentication. In Financial Cryptography and

2 2016/11/18

www.wright.edu/~pmateti http://www.synergylabs.org/yuvraj/docs/Agarwal_MobiSys2013_ProtectMyPrivacy.pdf http://www.synergylabs.org/yuvraj/docs/Agarwal_MobiSys2013_ProtectMyPrivacy.pdfhttps://sec2-2015.inria.fr/files/2015/06/aichouch-paper.pdfhttps://sec2-2015.inria.fr/files/2015/06/aichouch-paper.pdfhttp://cecs.wright.edu/~pmateti/Students/index.htmlhttp://cecs.wright.edu/~pmateti/Students/index.htmlhttp://link.springer.com/book/10.1007/978-3-319-39570-8http://link.springer.com/book/10.1007/978-3-319-39570-8http://titanium.immunityinc.com/infiltrate/archives.htmlhttp://titanium.immunityinc.com/infiltrate/archives.html


Data Security (FC14). http://www.icri-sc.org/fileadmin/user_upload/Group_TRUST/

PubsPDF/Dmitrienko-127-camera-ready.pdf.:: Abstract: Two-factor authentication (2FA)schemes aim at strengthening the security of loginpassword-based authentication by deploying sec-ondary authentication tokens. In this context, mo-bile 2FA schemes require no additional hardware(e.g., a smartcard) to store and handle the sec-ondary authentication token, and hence are con-sidered as a reasonable trade-off between security,usability and costs. They are widely used in on-line banking and increasingly deployed by Inter-net service providers. In this paper, we investi-gate 2FA implementations of several well-knownInternet service providers such as Google, Drop-box, Twitter and Facebook. We identify variousweaknesses that allow an attacker to easily by-pass them, even when the secondary authentica-tion token is not under attackers control. We thengo a step further and present a more general at-tack against mobile 2FA schemes. Our attack re-lies on cross-platform infection that subverts con-trol over both end points (PC and a mobile device)involved in the authentication protocol. We ap-ply this attack in practice and successfully circum-vent diverse schemes: SMS-based TAN solutionsof four large banks, one instance of a visual TANscheme, 2FA login verification systems of Google,Dropbox, Twitter and Facebook accounts, and theGoogle Authenticator app currently used by 32third-party service providers. Finally, we clusterand analyze hundreds of real-world malicious An-droid apps that target mobile 2FA schemes andshow that banking Trojans already deploy mobilecounterparts that steal 2FA credentials like TANs.;;

Mohammed Alhamed, Khalid Amiri, MansoorOmari, and Wei Le. 2013. Comparing privacy con-trol methods for smartphone platforms. In Engi-neering of Mobile-Enabled Systems (MOBS), 20131st International Workshop on the. IEEE, 3641.

Nicholas Allen, Bernhard Scholz, and PadmanabhanKrishnan. 2015. Staged points-to analysis for large

code bases. In Compiler Construction. Springer,131150.

Shaikh Bushra Almin and Madhumita Chatterjee.2015. A Novel Approach to Detect Android Mal-ware. Procedia Computer Science InternationalConference on Advanced Computing Technologiesand Applications (ICACTA) 45 (2015), 407417.

H.M.J. Almohri, Danfeng Yao, and D. Kafura.2014a. Process Authentication for High Sys-tem Assurance. Dependable and Secure Com-puting, IEEE Transactions on 11, 2 (March2014), 168180. DOI:http://dx.doi.org/10.1109/TDSC.2013.29

Hussain MJ Almohri, Danfeng Daphne Yao, andDennis Kafura. 2014b. DroidBarrier: Know whatis executing on your Android. In Proceedings of the4th ACM conference on Data and Application Se-curity and Privacy. ACM, 257264.

Ali Almossawi, Kelvin Lim, and Tanmay Sinha. 2006.Analysis tool evaluation: Coverity prevent. Pitts-burgh, PA: Carnegie Mellon University (2006).http://www.cs.cmu.edu/~aldrich/courses/

654-sp09/tools/cure-coverity-06.pdf.

Cory Altheide and Harlan Carvey. 2011. Dig-ital Forensics with Open Source Tools: UsingOpen Source Platform Tools for Performing Com-puter Forensics on TargetSystems: Windows, Mac,Linux, Unix, etc. Elsevier.

Domenico Amalfitano, Anna Rita Fasolino, PorfirioTramontana, and Bryan Robbins. 2013. TestingAndroid Mobile Applications: Challenges, Strate-gies, and Approaches. Advances in Computers(2013).:: Abstract Recently, the rise in popularity of mo-bile applications for mobile devices and the growthestimates for this market make mobile applicationdevelopment a strategic business sector. As a vari-ety of new scenarios for mobile devices and applica-tions emerges, users and developers will require im-proved reliability, usability, performance, and secu-rity. In such a context, open platforms for mobile

3 2016/11/18

www.wright.edu/~pmatetihttp://www.icri-sc.org/fileadmin/user_upload/Group_TRUST/PubsPDF/Dmitrienko-127-camera-ready.pdfhttp://www.icri-sc.org/fileadmin/user_upload/Group_TRUST/PubsPDF/Dmitrienko-127-camera-ready.pdfhttp://www.icri-sc.org/fileadmin/user_upload/Group_TRUST/PubsPDF/Dmitrienko-127-camera-ready.pdfhttp://dx.doi.org/10.1109/TDSC.2013.29http://dx.doi.org/10.1109/TDSC.2013.29http://www.cs.cmu.edu/~aldrich/courses/654-sp09/tools/cure-coverity-06.pdfhttp://www.cs.cmu.edu/~aldrich/courses/654-sp09/tools/cure-coverity-06.pdf


application development, such as the Android op-erating system, are assuming a preponderant role.To satisfy this growing request for high quality ap-plications, developers must devote greater effortand attention to software development processes.In particular, testing and its automation play astrategic part for assuring the quality of applica-tions. This chapter analyzes the main challengesand open issues in the field of mobile applicationtesting for the Android platform, with an empha-sis on advances in the field. We present suitableand effective principles, guidelines, models, tech-niques, and technologies for Android applicationtesting and conclude with an outline of future per-spectives. ;;

Domenico Amalfitano, Anna Rita Fasolino, PorfirioTramontana, Bryan Dzung Ta, and Atif M Memon.2015. MobiGUITAR: Automated Model-BasedTesting of Mobile Apps. Software, IEEE 32, 5(2015), 5359.

Farzane Aminmansour and Hamid Reza Shahriari.2015. Patulous Code Reuse Attack: A novel codereuse attack on ARM architecture (A proof of con-cept on Android OS). In Information Security andCryptology (ISCISC), 2015 12th International Ira-nian Society of Cryptology Conference on. IEEE,104109.

Benjamin Andow, Adwait Nadkarni, BlakeBassett, William Enck, and Tao Xie. AStudy of Grayware on Google Play. (????).https://pdfs.semanticscholar.org/328c/

e47e85339ff47d4977bd6545d761f2ff8b2f.pdf.:: Benjamin Andow? , Adwait Nadkarni? ,Blake Bassett , William Enck? , Tao Xie?North Carolina State University beandow, ap-nadkar, [email protected] University of Illinois atUrbana-Champaign rbasset2, [email protected] there have been various studiesidentifying and classifying Android malware, thereis limited discussion of the broader class of appsthat fall in a gray area. Mobile grayware is dis-tinct from PC grayware due to differences in oper-ating system properties. Due to mobile graywaressubjective nature, it is difficult to identify mobile

grayware via program analysis alone. Instead, wehypothesize enhancing analysis with text analyticscan effectively reduce human effort when triaginggrayware. In this paper, we design and implementheuristics for seven main categories of grayware.We then use these heuristics to simulate graywaretriage on a large set of apps from Google Play.We then present the results of our empirical study,demonstrating a clear problem of grayware. In do-ing so, we show how even relatively simple heuris-tics can quickly triage apps that take advantage ofusers in an undesirable way. ;;

Chris Andreae, James Noble, Shane Markstrum,and Todd Millstein. 2006. A framework for im-plementing pluggable type systems. In OOPSLA2006, ACM SIGPLAN Notices, Vol. 41. ACM, 5774. http://web.cs.ucla.edu/~todd/research/oopsla06b.pdf.

Mauro Andreolini, Michele Colajanni, and MircoMarchetti. 2015. A collaborative framework for in-trusion detection in mobile networks. InformationSciences (2015).

Andriller. 2015. Andriller Smartphone Forensic De-coder. Technical Report. andriller.com.:: Andriller is collection of forensic tools for smart-phones. It performs read-only, forensically sound,non-destructive acquisition from Android devices.It has other features, such as powerful Lockscreencracking for Pattern, PIN code, or Password; cus-tom decoders for Apps data from Android (andsome Apple iOS) databases for decoding commu-nications. Extraction and decoders produce reportsin HTML and Excel (.xlsx) formats. ;;

Andro AndroRat. 2014. How to Spy Any AndroidDevice with AndroRat. web. (Aug. 2014).

Jeremy Andrus, Christoffer Dall, Alexander VantHof, Oren Laadan, and Jason Nieh. 2011. Cells: AVirtual Mobile Smartphone Architecture. In Pro-ceedings of the Twenty-Third ACM Symposium onOperating Systems Principles. ACM, 173187.

Maxim Anikeev, Felix C Freiling, JohannesGotzfried, and Tilo Muller. 2015. Secure

4 2016/11/18

www.wright.edu/~pmatetihttps://pdfs.semanticscholar.org/328c/e47e85339ff47d4977bd6545d761f2ff8b2f.pdfhttps://pdfs.semanticscholar.org/328c/e47e85339ff47d4977bd6545d761f2ff8b2f.pdfhttp://web.cs.ucla.edu/~todd/research/oopsla06b.pdfhttp://web.cs.ucla.edu/~todd/research/oopsla06b.pdf


garbage collection: Preventing malicious dataharvesting from deallocated Java objects insidethe Dalvik VM. Journal of Information Securityand Applications 22 (2015), 8186.

Joseph Annuzzi Jr, Lauren Darcey, and Shane Con-der. 2013. Introduction to Android application de-velopment: Android essentials. Pearson Educa-tion.

Zahid Anwar and Waqas Ahmad Khan. 2015. Guesswho is listening in to the board meeting: on the useof mobile device applications as roving spy bugs.Security and Communication Networks (2015).:: ... The next entry, AndroRAT, is a fully featuredremote access Trojan for Android devices that letshackers remotely control various aspects of a mo-bile device using Internet protocol communicationover a user datagram protocol port. Used togetherwith a binder software, it can be ... ;;

Dimitris Apostolopoulos, Giannis Marinakis,Christoforos Ntantogian, and Christos Xenakis.2013. Discovering Authentication Credentialsin Volatile Memory of Android Mobile Devices.In Collaborative, Trusted and Privacy-Awaree/m-Services. Springer, 178185.

Axelle Apvrille and Ange Albertini. 2014.Hide Android Applications in Im-ages. blackhat.com. https://www.blackhat.com/docs/eu-14/materials/

eu-14-Apvrille-Hide-{Android}-Applications-In-Images-wp.

pdf.:: Axelle Apvrille, Fortinet, FortiGuard Labs120, rue Albert Caquot 06410 Biot, [email protected] Ange Albertini, [email protected] September 18, 2014 AbstractWith AngeCryption, [Alb14b] has demonstrated itis possible to encrypt any input into a chosen JPGor PNG image. For a mobile malware author, thisis particularly interesting when applied to Androidpackages (APK). Indeed, in that case, an attackercan craft a seemingly genuine wrapping APK whichcontains a valid image (e.g a logo) as resource orasset. However, the code is able to transform thisunsuspicious image into another APK, carrying

the malicious payload. The attacker installs thatAPK, and performs his/her nefarious deeds. Suchan attack is highly likely to go unnoticed, becausethe wrapping APK hardly has anything suspiciousabout it, and nothing about the payload APK leaksas it is encrypted. Additionally, the attack workswith any payload and currently on any version ofAndroid. In short, what you see is on the left (animage). What there really is on the right (an An-droid application). ;;

Argp and Huku. 2012. Pseudomonarchia jemallocum:The false kingdom of jemalloc, or On exploiting thejemalloc memory manager. Phrack Volume 0x0e,Phile #0x0a of 0x13, Issue 0x44 (4 2012). http://phrack.org/issues/68/10.html#article.

Patroklos Argyroudis and Chariton Karamitas. 2012.Exploiting the jemalloc Memory Allocator: Own-ing Firefoxs Heap. Blackhat USA (2012). https://media.blackhat.com/bh-us-12/Briefings/

Argyoudis/BH_US_12_Argyroudis_Exploiting_

the_jemalloc_Memory_Allocator_WP.pdf.

Lorenzo Cavallaro Aristide Fattori, Kimberly Tam,Salahuddin J. Khan and Alessandro Reina. 2014.On the Reconstruction of Android Malware Behav-iors. (2014).:: This is pioneering work which uses Binder as acentral component of an Android malware analysissystem. ;;

Alessandro Armando, Gianluca Bocci, GiantonioChiarelli, Gabriele Costa, Gabriele De Maglie,Rocco Mammoliti, and Alessio Merlo. 2015. SAM:the static analysis module of the MAVERIC mo-bile app security verification platform. In Toolsand Algorithms for the Construction and Analysisof Systems. Springer, 225230.

Alessandro Armando, Gabriele Costa, and AlessioMerlo. 2013. Formal modeling and reasoning aboutthe Android security framework. In Trustwor-thy Global Computing. Springer, 6481. http://www.csec.it/pubs/tgc2012.pdf.:: Abstract. Android OS is currently the mostwidespread mobile operating system and is very

5 2016/11/18

www.wright.edu/~pmatetihttps://www.blackhat.com/docs/eu-14/materials/eu-14-Apvrille-Hide-{Android}-Applications-In-Images-wp.pdfhttps://www.blackhat.com/docs/eu-14/materials/eu-14-Apvrille-Hide-{Android}-Applications-In-Images-wp.pdfhttps://www.blackhat.com/docs/eu-14/materials/eu-14-Apvrille-Hide-{Android}-Applications-In-Images-wp.pdfhttps://www.blackhat.com/docs/eu-14/materials/eu-14-Apvrille-Hide-{Android}-Applications-In-Images-wp.pdfhttp://phrack.org/issues/68/10.html#articlehttp://phrack.org/issues/68/10.html#articlehttps://media.blackhat.com/bh-us-12/Briefings/Argyoudis/BH_US_12_Argyroudis_Exploiting_the_ jemalloc_Memory_ Allocator_WP.pdfhttps://media.blackhat.com/bh-us-12/Briefings/Argyoudis/BH_US_12_Argyroudis_Exploiting_the_ jemalloc_Memory_ Allocator_WP.pdfhttps://media.blackhat.com/bh-us-12/Briefings/Argyoudis/BH_US_12_Argyroudis_Exploiting_the_ jemalloc_Memory_ Allocator_WP.pdfhttps://media.blackhat.com/bh-us-12/Briefings/Argyoudis/BH_US_12_Argyroudis_Exploiting_the_ jemalloc_Memory_ Allocator_WP.pdfhttp://www.csec.it/pubs/tgc2012.pdfhttp://www.csec.it/pubs/tgc2012.pdf


likely to remain so in the near future. The num-ber of available Android applications will soonreach the staggering figure of 500,000, with an av-erage of 20,000 applications being introduced inthe Android Market over the last 6 months. Sincemany applications (e.g., home banking applica-tions) deal with sensitive data, the security of An-droid is receiving a growing attention by the re-search community. However, most of the work as-sumes that Android meets some given high-levelsecurity goals (e.g. sandboxing of applications).Checking whether these security goals are met istherefore of paramount importance. Unfortunatelythis is also a very difficult task due to the lack ofa detailed security model encompassing not onlythe interaction among applications but also the in-terplay between the applications and the function-alities offered by Android. To remedy this situa-tion in this paper we propose a formal model ofAndroid OS that allows one to formally state thehigh-level security goals as well as to check whetherthese goals are met or to identify potential securityweaknesses. ;;

Alessandro Armando, Alessio Merlo, MauroMigliardi, and Luca Verderame. 2012. WouldYou Mind Forking This Process? A Denial ofService Attack on Android (and Some Counter-measures). In Information Security and PrivacyResearch. Springer, 1324.

Alessandro Armandoa, Alessio Merloa, MauroMigliardid, and Luca Verderamea. 2013. Breakingand fixing the Android Launching Flow. Comput-ers & Security Volume 39, Part A (2013), 104115.:: Abstract The security model of the Android OSis based on the effective combination of a number ofwell-known security mechanisms (e.g. statically de-fined permissions for applications, the isolation of-fered by the Dalvik Virtual Machine, and the well-known Linux discretionary access control model).Although each security mechanism has been ex-tensively tested and proved to be effective in iso-lation, their combination may suffer from unex-pected security flaws. We show that this is actu-ally the case by presenting a severe vulnerability inAndroid related to the application launching flow.

This vulnerability is based on a security flaw af-fecting a kernel-level socket (namely, the Zygotesocket). We also present an exploit of the vulnera-bility that allows a malicious application to mounta severe Denial-of-Service attack that makes theAndroid devices become totally unresponsive. Be-sides explaining the vulnerability (which affects allversions of Android up to version 4.0.3) we proposetwo fixes. One of the two fixes has been adopted inthe official release of Android, starting with ver-sion 4.1. We empirically assess the impact of thevulnerability as well as the efficacy of the counter-measures on the end user. We conclude by extend-ing our security analysis to the whole set of sockets,showing that other sockets do not suffer from thesame vulnerability as the Zygote one. ;;

Daniel Arp, Michael Spreitzenbarth, Malte Hubner,Hugo Gascon, Konrad Rieck, and CERT Siemens.2014. DREBIN: Effective and Explainable Detec-tion of Android Malware in Your Pocket. In Net-work and Distributed System Security Symposium(NDSS).

Nitay Artenstein and Idan Revivo. 2014. Man inthe Binder: He Who Controls IPC, Controls theDroid. (2014). https://www.blackhat.com/docs/eu-14/materials/eu-14-/Artenstein-/

Man-In-The-Binder-/He-Who-Controls-/

IPC-Controls-The-Droid-wp.pdf.

Cyrille Artho, Klaus Havelund, Rahul Kumar,and Yoriyuki Yamagata. 2015. Domain-specificlanguages with Scala. In Formal Meth-ods and Software Engineering. Springer, 116. https://staff.aist.go.jp/c.artho/papers/artho-2015-icfem.pdf.:: Cyrille Artho1 , Klaus Havelund2 , Rahul Ku-mar2 , and Yoriyuki Yamagata1 1 AIST, Ama-gasaki, Japan 2 Jet Propulsion Laboratory, Cali-fornia Institute of Technology, California, USA Ab-stract. Domain-Specific Languages (DSLs) are of-ten classified into external and internal DSLs. Anexternal DSL is a stand-alone language with itsown parser. An internal DSL is an extension of anexisting programming language, the host language,offering the user of the DSL domain-specific con-

6 2016/11/18

www.wright.edu/~pmatetihttps://www.blackhat.com/docs/eu-14/materials/eu-14-/Artenstein-/Man-In-The-Binder-/He-Who-Controls- /IPC-Controls-The-Droid-wp.pdfhttps://www.blackhat.com/docs/eu-14/materials/eu-14-/Artenstein-/Man-In-The-Binder-/He-Who-Controls- /IPC-Controls-The-Droid-wp.pdfhttps://www.blackhat.com/docs/eu-14/materials/eu-14-/Artenstein-/Man-In-The-Binder-/He-Who-Controls- /IPC-Controls-The-Droid-wp.pdfhttps://www.blackhat.com/docs/eu-14/materials/eu-14-/Artenstein-/Man-In-The-Binder-/He-Who-Controls- /IPC-Controls-The-Droid-wp.pdfhttps://staff.aist.go.jp/c.artho/papers/artho-2015-icfem.pdfhttps://staff.aist.go.jp/c.artho/papers/artho-2015-icfem.pdf


structs as well as the constructs of the host lan-guage, thus providing a richer language than theDSL itself. In this paper we report on experiencesimplementing external as well as internal formalmodeling DSLs with the Scala programming lan-guage, known in particular for its support for defin-ing DSLs. The modeling languages include mon-itoring logics, a testing language, and a generalpurpose SysML inspired modeling language. Wepresent a systematic overview of advantages anddisadvantages of each option. Keywords: Externaland internal Domain-specific language, DSL, Scala,modeling, programming, language design, evalua-tion. ;;

Steven Arzt, Siegfried Rasthofer, and EricBodden. 2013. Instrumenting Androidand Java Applications as Easy as abc. InRuntime Verification. Springer, 364381.https://www.informatik.tu-darmstadt.de/

fileadmin/user_upload/Group_EC-Spride/

Publikationen/Instrumenting_Android_and_

Java_Applications_as_Easy_as_abc.pdf.

Zubair Ashraf. 2014. How to Cheat Your MDM:Compliance without a Password. TechnicalReport. https://securityintelligence.com/how-to-cheat-your-mdm-compliance-without-a-password/.:: What this means is that the MDM app on yourAndroid device would have a false sense that itcan wipe data, lock the device, enforce passwordquality policies and so on and will therefore let youaccess corporate email, data or intranet resourceswhile in reality it would have no such control andyou can continue to use your device without anyof the corporate restrictions. We know you did notlike to type those long passwords and would ratherhave no password and no lock screen. After all,dont you want to share your personal data witheveryone? ;;

Aswathy Asok. 201x. Mobile Device OS Architecturesfor Privacy. Ph.D. Dissertation. Amrita VishwaVidyapeetham.

N. Asokan, Jan-Erik Ekberg, Kari Kostiainen, AnandRajan, Carlos Rozas, Ahmad-Reza Sadeghi, Stef-

fen Schulz, , and Christian Wachsmann. 2014. Mo-bile Trusted Computing. Proc. IEEE 102, 8 (Aug.2014).

Nicola Atzei and Massimo Bartoletti. 2016. De-veloping Honest Java Programs with Diogenes.In International Conference on Formal Tech-niques for Distributed Objects, Components,and Systems. Springer, 5261. https://b5a70920-a-62cb3a1a-s-sites.googlegroups.

com/site/tcsunica/papers/diogenes.pdf.

Kathy Wain Yee Au, Yi Fan Zhou, Zhen Huang,and David Lie. 2012a. Pscout: analyzing the an-droid permission specification. In Proceedings ofthe 2012 ACM conference on Computer and com-munications security. ACM, 217228.

Kathy Wain Yee Au, Yi Fan Zhou, Zhen Huang,and David Lie. 2012b. Pscout: Analyzing the An-droid Permission Specification. In Proceedings ofthe 2012 ACM conference on Computer and com-munications security. ACM, 217228.

GitHub AuthorUnknown. Android Vul-nerability Test Suite. Technical Report.https://github.com/AndroidVTS/android-vts.

Abhijeet Awade, Amir Talwar, Bhushan Khopade,and Vishal Nande. 2014. WallDroid: Firewallsfor the Android OS. International Journal ofAdvanced Engineering & Innovative Technology 1(2014). Issue 1. http://ijaeit.com/Paper-Pdf/Paper05.pdf.:: Questionable journal, and article. Abhi-jeet Awade,Amir Talwar, Bhushan Khopadeand Vishal Nande B.E Computer Engi-neering, Navsahyadri Education SocietysGroup of Institutions, Pune. For corre-spondence:[email protected],[email protected],[email protected],[email protected] - Security is becoming an increasinglyimportant feature of todays mobile environmentwhere users download unknown apps and connecttheir smartphones to unknown networks whileroaming. Android has become a very popular op-erating systems for smartphones and tablets but at

7 2016/11/18

www.wright.edu/~pmatetihttps://www.informatik.tu-darmstadt.de/fileadmin/user_upload/Group_EC-Spride/Publikationen/Instrumenting_Android_and_Java_Applications_as_Easy_as_abc.pdfhttps://www.informatik.tu-darmstadt.de/fileadmin/user_upload/Group_EC-Spride/Publikationen/Instrumenting_Android_and_Java_Applications_as_Easy_as_abc.pdfhttps://www.informatik.tu-darmstadt.de/fileadmin/user_upload/Group_EC-Spride/Publikationen/Instrumenting_Android_and_Java_Applications_as_Easy_as_abc.pdfhttps://www.informatik.tu-darmstadt.de/fileadmin/user_upload/Group_EC-Spride/Publikationen/Instrumenting_Android_and_Java_Applications_as_Easy_as_abc.pdfhttps://securityintelligence.com/how-to-cheat-your-mdm-compliance-without-a-password/https://securityintelligence.com/how-to-cheat-your-mdm-compliance-without-a-password/https://b5a70920-a-62cb3a1a-s-sites.googlegroups.com/site/tcsunica/papers/diogenes.pdfhttps://b5a70920-a-62cb3a1a-s-sites.googlegroups.com/site/tcsunica/papers/diogenes.pdfhttps://b5a70920-a-62cb3a1a-s-sites.googlegroups.com/site/tcsunica/papers/diogenes.pdfhttp://ijaeit.com/Paper-Pdf/Paper 05.pdfhttp://ijaeit.com/Paper-Pdf/Paper 05.pdf


the same time threats associated to this platform,like malware or exploits, are also growing. As itis becoming more and more popular to connectmobile phone and other hand held devices to theinternet, the big question is; How to protect thosedevices from the perils of the internet?. Thisproject investigates issues with the implementa-tion of a Firewall system for protecting mobiledevices. To enable an ordinary mobile phone userto setup a Firewall configuration to protect hismobile phone it is important to have a systemthat is easy to understand and warns the userof possible mistakes. This project proposes andvaluates an enhanced security model and architec-ture, WallDroid, enabling virtualized applicationspecifc Firewalls. The WallDroid solution can beconsidered as an Android Firewall Application butwith some extra functionality. Keycomponentsused by the solution include VPN technologies likethe Point to Point Tunneling Protocol (PPTP)and the Android Cloud to Device MessagingFramework (C2DM). Our project is based on thecloud keeping track of millions of applications andtheir reputation (good, bad, or unknown) andcomparing traffic flows of applications with a listof knownmalicious IP servers. ;;

Ahmed Ben Ayed. 2015. A literature Re-view on Android Permission System. In-ternational Journal of Advanced Research inComputer Engineering & Technology (2015).http://ijarcet.org/wp-content/uploads/

IJARCET-VOL-4-ISSUE-4-1520-1523.pdf.:: Ahmed Ben Ayed has received his Bachelor ofScience in Computer Information Systems, Masterof Science in Cyber Security and Information As-surance, and currently pursuing a doctorate degreein Computer Science at Colorado Technical Uni-versity, his research interest are Android Security,Pattern recognition of Malicious Applications, Ma-chine Learning, Cryptography, Information & Sys-tem Security, and Computer networks.;; Abstract -Android uses a permission-based model to protectits users information and system resources. Thispermission-based system has been the center ofmany researchers interest; they have been used to

identify malicious behaviors and ultimately couldhelp identify malicious applications. This study isnot intended to create an anti-malware solution ormethod; instead it offers a literature review on An-droid permissions system and illustrates previouswork that has been studied using permissions toidentify harmful applications. This study could beused as a source to better understand the Androidarchitecture and its permission-based system. In-dex TermsAndroid Security, Permission-based sys-tems, malware detection. ;;

Ahmet Ilhan Aysan and Sevil Sen. 2015. Do You Want to Install an Update of ThisApplication? A Rigorous Analysis of Up-dated Android Applications. In Cyber Securityand Cloud Computing (CSCloud), 2015 IEEE2nd International Conference on. IEEE, 181186. http://web.cs.hacettepe.edu.tr/~ssen/files/papers/CSCloud15.pdf.

Md Tanzirul Azim, Iulian Neamtiu, and Lisa MMarvel. 2014. Towards Self-Healing SmartphoneSoftware via Automated Patching. In Proceedingsof the 29th ACM/IEEE international conferenceon Automated software engineering. ACM, 623628. http://www.cs.ucr.edu/~neamtiu/pubs/ase14azim.pdf.

Tanzirul Azim and Iulian Neamtiu. 2013a. Targetedand depth-first exploration for systematic testingof Android apps. ACM SIGPLAN Notices 48, 10(2013), 641660.

Tanzirul Azim and Iulian Neamtiu. 2013b. Targetedand Depth-first Exploration for Systematic Testingof Android Apps. In OOPSLA 2013. ACM, 641660. http://www.cs.ucr.edu/~neamtiu/pubs/oopsla13azim.pdf.:: University of California, Riverside;; Experi-ments with using our approach on 25 popularAndroid apps including BBC News, Gas Buddy,Amazon Mobile, YouTube, Shazam Encore, andCNN, show that our exploration techniques achieve59.3964.11% activity coverage and 29.5336.46%method coverage ;;

8 2016/11/18

www.wright.edu/~pmatetihttp://ijarcet.org/wp-content/uploads/IJARCET-VOL-4-ISSUE-4-1520-1523.pdfhttp://ijarcet.org/wp-content/uploads/IJARCET-VOL-4-ISSUE-4-1520-1523.pdfhttp://web.cs.hacettepe.edu.tr/~ssen/files/papers/CSCloud15.pdfhttp://web.cs.hacettepe.edu.tr/~ssen/files/papers/CSCloud15.pdfhttp://www.cs.ucr.edu/~neamtiu/pubs/ase14azim.pdfhttp://www.cs.ucr.edu/~neamtiu/pubs/ase14azim.pdfhttp://www.cs.ucr.edu/~neamtiu/pubs/oopsla13azim.pdfhttp://www.cs.ucr.edu/~neamtiu/pubs/oopsla13azim.pdf


Michael Backes, Sven Bugiel, Sebastian Gerling,and Philipp von Styp-Rekowsky. 2014. AndroidSecurity Framework: Extensible multi-layeredaccess control on Android. In Proceedings ofthe 30th Annual Computer Security Appli-cations Conference. ACM, 4655. https://infsec.cs.uni-saarland.de/~bugiel/

publications/pdfs/bugiel14-acsac1.pdf.

Sherenaz Al-Haj Baddar, Alessio Merlo, and MauroMigliardi. 2014. Anomaly Detection in ComputerNetworks: A State-of-the-Art Review. Journalof Wireless Mobile Networks, Ubiquitous Com-puting, and Dependable Applications (JoWUA) 5,4 (2014), 2964. http://isyou.info/jowua/papers/jowua-v5n4-2.pdf.:: Abstract The ever-lasting challenge of detect-ing and mitigating failures in computer networkshas become more essential than ever; especiallywith the enormous number of smart devices thatget connected to all sorts of network everyday.Whether the root cause of a given anomaly is asecurity breach, a component failure, an environ-mental factor, or even any combination of thesereasons, anomalies need to be detected and mit-igated timely and properly. In this paper, we re-view and evaluate the state-of-the-art studies onthe problem of anomaly detection in computer net-works. We provide an elaborate description of theanomaly detection problem, and depict the differ-ent categorizations of its solutions. We also illus-trate some recent state-of-the-art solutions on thenetwork level, and depict current trends in han-dling malware-induced anomalies in smartphonenetworks. Additionally, we evaluate the presentedsolutions and highlight their shortcomings. ;;

Hamid Bagheri, Alireza Sadeghi, Joshua Gar-cia, and Sam Malek. COVERT: CompositionalAnalysis of Android Inter-App Vulnerabilities.(????). http://cs.gmu.edu/~tr-admin/papers/GMU-CS-TR-2015-1.pdf.:: Abstract Android is the most popular plat-form for mobile devices. It facilitates sharing ofdata and services among applications using a richinter-app communication system. While access to

resources can be controlled by the Android per-mission system, enforcing permissions is not suffi-cient to prevent security violations, as permissionsmay be mismanaged, intentionally or unintention-ally. Androids enforcement of the permissions is atthe level of individual apps, allowing multiple ma-licious apps to collude and combine their permis-sions or to trick vulnerable apps to perform actionson their behalf that are beyond their individualprivileges. In this paper, we present COVERT, atool for compositional analysis of Android inter-app vulnerabilities. COVERTs analysis is modularto enable incremental analysis of applications asthey are installed, updated, and removed. It stat-ically analyzes the reverse engineered source codeof each individual app, and extracts relevant secu-rity specifications in a format suitable for formalverification. Given a collection of specifications ex-tracted in this way, a formal analysis engine (e.g.,model checker) is then used to verify whether it issafe for a combination of applicationsholding cer-tain permissions and potentially interacting witheach otherto be installed together. Our experiencewith using COVERT to examine over 200 real-world apps corroborates its ability to find inter-app vulnerabilities in bundles of some of the mostpopular apps on the market. ;;

Hamid Bagheri, Alireza Sadeghi, Reyhaneh Jabbar-vand, and Sam Malek. Automated Dynamic En-forcement of Synthesized Security Policies in An-droid. (????). http://cs.gmu.edu/~tr-admin/papers/GMU-CS-TR-2015-5.pdf.:: Abstract As the dominant mobile computingplatform, Android has become a prime target forcyber-security attacks. Many of these attacks aremanifested at the application level, and throughthe exploitation of vulnerabilities in apps down-loaded from the popular app stores. Increasingly,sophisticated attacks exploit the vulnerabilities inmultiple installed apps, making it extremely dif-ficult to foresee such attacks, as neither the appdevelopers nor the store operators know a prioriwhich apps will be installed together. This pa-per presents an approach that allows the end-usersto safeguard a given bundle of apps installed on

9 2016/11/18

www.wright.edu/~pmatetihttps://infsec.cs.uni-saarland.de/~bugiel/publications/pdfs/bugiel14-acsac1.pdfhttps://infsec.cs.uni-saarland.de/~bugiel/publications/pdfs/bugiel14-acsac1.pdfhttps://infsec.cs.uni-saarland.de/~bugiel/publications/pdfs/bugiel14-acsac1.pdfhttp://isyou.info/jowua/papers/jowua-v5n4-2.pdfhttp://isyou.info/jowua/papers/jowua-v5n4-2.pdfhttp://cs.gmu.edu/~tr-admin/papers/GMU-CS-TR-2015-1.pdfhttp://cs.gmu.edu/~tr-admin/papers/GMU-CS-TR-2015-1.pdfhttp://cs.gmu.edu/~tr-admin/papers/GMU-CS-TR-2015-5.pdfhttp://cs.gmu.edu/~tr-admin/papers/GMU-CS-TR-2015-5.pdf


their device from such attacks. The approach, re-alized in a tool, called DROIDGUARD, combinesstatic code analysis with lightweight formal meth-ods to automatically infer security-relevant proper-ties from a bundle of apps. It then uses a constraintsolver to synthesize possible security exploits, fromwhich fine-grained security policies are derived andautomatically enforced to protect a given device.In our experiments with over 4,000 Android apps,DROIDGUARD has proven to be highly effectiveat detecting previously unknown vulnerabilities aswell as preventing their exploitation. ;;

Vipin Balachandran. 2015. Query by ex-ample in large-scale code repositories. InSoftware Maintenance and Evolution (IC-SME), 2015 IEEE International Confer-ence on. IEEE, 467476. https://labs.vmware.com/wp-content/uploads/2015/09/

2015-001-Balachandran-IEEE-preprint.pdf.:: Vipin Balachandran VMware Bangalore, In-dia [email protected] Abstract Searching codesamples in a code repository is an important partof program comprehension. Most of the existingtools for code search support syntactic elementsearch and regular expression pattern search. How-ever, they are text-based and hence cannot handlequeries which are syntactic patterns. The proposedsolutions for querying syntactic patterns using spe-cialized query languages present a steep learningcurve for users. The querying would be more user-friendly if the syntactic pattern can be formulatedin the underlying programming language (as a sam-ple code snippet) instead of a specialized querylanguage. In this paper, we propose a solution forthe query by example problem using Abstract Syn-tax Tree (AST) structural similarity match. Thequery snippet is converted to an AST, then its sub-trees are compared against AST subtrees of sourcefiles in the repository and the similarity values ofmatching subtrees are aggregated to arrive at a rel-evance score for each of the source files. To scalethis approach to large code repositories, we uselocality-sensitive hash functions and numerical vec-tor approximation of trees. Our experimental eval-uation involves running control queries against a

real project. The results show that our algorithmcan achieve high precision (0.73) and recall (0.81)and scale to large code repositories without com-promising quality ;;

Rebecca Balebako, Abigail Marsh, Jialiu Lin, JasonHong, and Lorrie Faith Cranor. 2014. The Privacyand Security Behaviors of Smartphone App Devel-opers. In USEC. 23 February 2014, ISBN1-891562-37-1 http://dx.doi.org/10.14722/usec.2014.23006.

Justin R Ball. 2014. Detection and Prevention ofAndroid Malware Attempting to Root the Device.Technical Report. DTIC Document.

Arjun Baokar and Primal Wijesekera. 2016. AContextually-Aware Privacy-Preserving An-droid Permission Model. (2016). https://www2.eecs.berkeley.edu/Pubs/TechRpts/

2016/EECS-2016-69.pdf.

Konstantia Barbatsalou, Bruno Sousa, and EdmundoMonteiro1and Paulo Simoes. 2015. Mobile Foren-sics for PPDR Communications: How and why. InThe Proceedings of the 10th International Confer-ence on Cyber Warfare and Security ICCWS 2015.Academic Conferences Limited, 30.

David Barnhizer. 2016. The Future of Work:Apps, Artificial Intelligence, Automation and An-droids. Artificial Intelligence, Automation and An-droids (January 15, 2016). Cleveland-Marshall Le-gal Studies Paper 289 (2016).

Ken Barr, Prashanth Bungale, Stephen Deasy, Vik-tor Gyuris, Perry Hung, Craig Newell, HarveyTuch, and Bruno Zoppis. 2010. The VMware Mo-bile Virtualization Platform: Is that a Hypervisorin Your Pocket? ACM SIGOPS Operating SystemsReview 44, 4 (2010), 124135.

Paulo Barros, Rene Just, Suzanne Millstein,Paul Vines, Werner Dietl, Marcelo dAmorim,and Michael D Ernst. 2015. Static analysisof implicit control flow: Resolving Java reflec-tion and Android intents (extended version).University of Washington Department of Com-puter Science and Engineering, Seattle, WA,

10 2016/11/18

www.wright.edu/~pmatetihttps://labs.vmware.com/wp-content/uploads/2015/09/2015-001-Balachandran-IEEE-preprint.pdfhttps://labs.vmware.com/wp-content/uploads/2015/09/2015-001-Balachandran-IEEE-preprint.pdfhttps://labs.vmware.com/wp-content/uploads/2015/09/2015-001-Balachandran-IEEE-preprint.pdfhttps://www2.eecs.berkeley.edu/Pubs/TechRpts/2016/EECS-2016-69.pdfhttps://www2.eecs.berkeley.edu/Pubs/TechRpts/2016/EECS-2016-69.pdfhttps://www2.eecs.berkeley.edu/Pubs/TechRpts/2016/EECS-2016-69.pdf


USA, Tech. Rep. UW-CSE-15-08-01 (2015).http://homes.cs.washington.edu/~mernst/

pubs/implicit-control-flow-tr150801.pdf.

Steffen Bartsch, Karsten Sohr, Michaela Bunke,Oliver Hofrichter, and Bernhard Berger. 2012.The Transitivity of Trust Problem in the Inter-action of Android Applications. arXiv preprintarXiv:1204.1458 (2012).

Lynn M Batten, Veelasha Moonsamy, and MoutazAlazab. 2016. Smartphone Applications, Mal-ware and Data Theft. In Computational Intelli-gence, Cyber Security and Computational Models.Springer, 1524.

Andreas Bauer, Jan-Christoph Kuster, and Gil Veg-liach. 2012. Runtime Verification Meets An-droid Security. In NASA Formal Methods.Springer, 174180. http://kuester.multics.org/publications/NFM12.pdf.

Andrew Baumann, Dongyoon Lee, Pedro Fonseca,Lisa Glendenning, Jacob R Lorch, Barry Bond,Reuben Olinsky, and Galen C Hunt. 2013. Com-posing OS extensions safely and efficiently withBascule. In Proceedings of the 8th ACM Euro-pean Conference on Computer Systems. ACM,239252. http://www.msr-waypoint.net/pubs/180156/bascule_eurosys13.pdf.

Andrew Baumann, Marcus Peinado, and GalenHunt. 2014. Shielding applications from anuntrusted cloud with haven. In USENIXSymposium on Operating Systems Designand Implementation (OSDI). https://www.usenix.org/system/files/conference/

osdi14/osdi14-paper-baumann.pdf.

Jan Becicka, Petr Zajac, and Petr Hrebejk. 2007. Us-ing Java 6 Compiler as a Refactoring and an Anal-ysis Engine. The TRex TTCN-3 Refactoring andMetrics Tool3 (2007), 56. https://bitbucket.org/jlahoda/jackpot30/, https://kenai.com/projects/refactoringng/.:: Jan Beika Technical Lead for the Net-Beans Refactoring Engine Sun Microsystems,

Inc. [email protected] Petr Zajac Sun Mi-crosystems, Inc. PhD student at VB - TUOstrava [email protected] Petr Hebejk En-gineering Manager Sun Microsystems, [email protected] Abstract: One of the coolfeatures available in Java 6 is set of three relatedcompiler APIs: JSR-199: JavaTM CompilerAPI, JSR 269: Pluggable Annotation ProcessingAPI, and the Tree API (com.sun.source.treeand com.sun.source.util). These APIs provide aread-only model of Java source code. NetBeansIDE puts all these three APIs together withJackpot transformation engine and provides fullmodel of Java language offering read/write modelcapable of model transformation and formattedsource rewriting. These four API work togetherto define a toolkit to create just about any Javalanguage-aware tool. This presentation will showthese APIs in action. We will talk about usingJava 6 compiler for Java Refactoring features andfor Code Analysis features (Codeviation project).;;

Michael Beck, Robert Magnus, and Ulrich Kunitz.2002. Linux Kernel Internals. Addison-WesleyLongman Publishing Co., Inc.

Hanan Beer. 2016. Metaphor: A (Real) RealLifeStagefright Exploit. Technical Report. NorthBit.https://www.exploit-db.com/docs/39527.pdf.

Eric Beguet and Eugene Burmako. 2015. Traver-sal Query Language For Scala. Meta. TechnicalReport. http://infoscience.epfl.ch/record/204789/files/TraversableQueryLanguage.pdf.:: Eric Bguet Eugene Burmako EPFL, Switzer-land [email protected] ABSTRACT With the riseof metaprogramming in Scala, manipulating ASTshas become a daily job. Yet the standard API pro-vides only low-level mechanisms to transform or tocollect information on those data structures. More-over, those mechanisms often force the programmerto manipulate state in order to retrieve informa-tion on these ASTs. In this report we try to solvethose problems by introducing TQL, a high-levelcombinator Scala library to transform and querydata structures in a purely functional way. Parser

11 2016/11/18

www.wright.edu/~pmateti http://homes.cs.washington.edu/~mernst/pubs/implicit-control-flow-tr150801.pdf http://homes.cs.washington.edu/~mernst/pubs/implicit-control-flow-tr150801.pdfhttp://kuester.multics.org/publications/NFM12.pdfhttp://kuester.multics.org/publications/NFM12.pdfhttp://www.msr-waypoint.net/pubs/180156/bascule_eurosys13.pdfhttp://www.msr-waypoint.net/pubs/180156/bascule_eurosys13.pdfhttps://www.usenix.org/system/files/conference/osdi14/osdi14-paper-baumann.pdfhttps://www.usenix.org/system/files/conference/osdi14/osdi14-paper-baumann.pdfhttps://www.usenix.org/system/files/conference/osdi14/osdi14-paper-baumann.pdfhttps://bitbucket.org/jlahoda/jackpot30/https://bitbucket.org/jlahoda/jackpot30/https://kenai.com/projects/refactoringng/https://kenai.com/projects/refactoringng/https://www.exploit-db.com/docs/39527.pdfhttp://infoscience.epfl.ch/record/204789/files/TraversableQueryLanguage.pdfhttp://infoscience.epfl.ch/record/204789/files/TraversableQueryLanguage.pdf


combinators allow to combine several small parsersto build a bigger one in an expressive way. In thisreport, we argue that we can apply the same con-cept to data structure manipulation and constructcomplicated traversers on top of smaller ones. Yetcombinators may feel unnatural or too complicatedfor certain usage. We therefore built a library ontop of TQL to manipulate data structures as a col-lection. We then put TQL in practice to scala.metaASTs, and describe the challenges we face whentraversing a real-word data structure, especiallyperformance-wise. Categories and Subject Descrip-tors D.3.4 [Software]: Programming Languages AST Traversal and Transformation General TermsLanguages, Performance Keywords combinators,macros, scala, traversal, transformation, optimiza-tion ;;

Adam Belay, Andrea Bittau, Ali Mashtizadeh, DavidTerei, David Mazieres, and Christos Kozyrakis.2012. Dune: Safe User-Level Access to PrivilegedCPU Features. In 10th USENIX Symposium onOperating Systems Design and Implementation(OSDI 12). USENIX, Hollywood, CA, 335348.https://www.usenix.org/conference/osdi12/

technical-sessions/presentation/belay

https://www.usenix.org/system/files/

conference/osdi12/osdi12-final-117.pdf.

Adam Belay, George Prekas, Ana Klimovic,Samuel Grossman, Christos Kozyrakis, andEdouard Bugnion. 2014a. IX: A protecteddataplane operating system for high through-put and low latency. In 11th USENIX Sym-posium on Operating Systems Design and Im-plementation (OSDI 14),(Broomfield, CO). 4965. https://www.usenix.org/system/files/conference/osdi14/osdi14-paper-belay.pdf.

Adam Belay, George Prekas, Ana Klimovic,Samuel Grossman, Christos Kozyrakis, andEdouard Bugnion. 2014b. IX: A protecteddataplane operating system for high through-put and low latency. In 11th USENIX Sym-posium on Operating Systems Design and Im-plementation (OSDI 14),(Broomfield, CO). 49

65. https://www.usenix.org/system/files/conference/osdi14/osdi14-paper-belay.pdf.

Giampaolo Bella and Helge Janicke. 2013. Specialissue on the Security Track at the ACM Sympo-sium on Applied Computing 2013. InternationalJournal of Information Security (2013), 12.

Fabio Bellini, Roberto Chiodi, and Isabella Mas-troeni. 2015. MIME: A Formal Approach to (An-droid) Emulation Malware Analysis. In Interna-tional Symposium on Foundations and Practice ofSecurity. Springer, 259267.

Muli Ben-Yehuda, Omer Peleg, Orna AgmonBen-Yehuda, Igor Smolyar, and Dan Tsafrir.2013. The nonkernel: a Kernel Designedfor the Cloud. In Proceedings of the 4thAsia-Pacific Workshop on Systems. ACM, 7.http://www.hypervisorconsulting.com/pubs/

nom/nonkernel-apsys13.pdf.

Ryad Benadjila, Olivier Billet, Shay Gueron, andMatt JB Robshaw. 2009. The Intel AES instruc-tions set and the SHA-3 candidates. In Advancesin CryptologyASIACRYPT 2009. Springer, 162178.:: Abstract. The search for SHA-3 is now well-underway and the 51 accepted submissions reflecta wide variety of design approaches. A significantnumber are built around Rijndael/AES-based op-erations and, in some cases, the AES round func-tion itself. Many of the design teams have pointedto the forthcoming Intel AES instructions set, toappear on Westmere chips during 2010, when mak-ing a variety of performance claims. In this paperwe study, for the first time, the likely impact of thenew AES instructions set on all the SHA-3 candi-dates that might benefit. As well as distinguishingbetween those algorithms that are AES-based andthose that might be described as AES-inspired, wehave developed optimised code for all the former.Since Westmere processors are not yet available, wehave developed a novel software technique basedon publicly available information that allows us toaccurately emulate the performance of these algo-rithms on the currently available Nehalem proces-sor. This gives us the most accurate insight to-date

12 2016/11/18

www.wright.edu/~pmatetihttps://www.usenix.org/conference/osdi12/technical-sessions/presentation/belayhttps://www.usenix.org/conference/osdi12/technical-sessions/presentation/belayhttps://www.usenix.org/system/files/conference/osdi12/osdi12-final-117.pdfhttps://www.usenix.org/system/files/conference/osdi12/osdi12-final-117.pdfhttps://www.usenix.org/system/files/conference/osdi14/osdi14-paper-belay.pdfhttps://www.usenix.org/system/files/conference/osdi14/osdi14-paper-belay.pdfhttps://www.usenix.org/system/files/conference/osdi14/osdi14-paper-belay.pdfhttps://www.usenix.org/system/files/conference/osdi14/osdi14-paper-belay.pdfhttp://www.hypervisorconsulting.com/pubs/nom/nonkernel-apsys13.pdfhttp://www.hypervisorconsulting.com/pubs/nom/nonkernel-apsys13.pdf


of the potential performance of SHA-3 candidatesusing the Intel AES instructions set ;;

Christian Benvenuti. 2006. Understanding Linux net-work internals. OReilly Media, Inc.

Mateusz Berezecki. 2014. Managing overhead asso-ciated with service requests via software generatedinterrupts. (May 20 2014). US Patent 8,732,371.

Bernhard J Berger, Michaela Bunke, and KarstenSohr. 2011. An Android security case study withbauhaus. In Reverse Engineering (WCRE), 201118th Working Conference on. IEEE, 179183.

Emery D Berger and Benjamin G Zorn. 2006.DieHard: Probabilistic Memory Safety forUnsafe Languages. In ACM SIGPLAN No-tices, Vol. 41. ACM, 158168. http://scholarworks.umass.edu/cgi/viewcontent.

cgi?article=1086&context=cs_faculty_pubs.

Al Bessey, Ken Block, Ben Chelf, Andy Chou,Bryan Fulton, Seth Hallem, Charles Henri-Gros, Asya Kamsky, Scott McPeak, and Daw-son Engler. 2010. A few billion lines of codelater: using static analysis to find bugs inthe real world. Commun. ACM 53, 2 (2010),6675. http://courses.cs.washington.edu/courses/cse484/14au/reading/coverity.pdf.:: How Coverity built a bug-finding tool, and abusiness, around the unlimited supply of bugs insoftware systems. ;;

Shweta Bhandari, Rishabh Gupta, Vijay Laxmi,Manoj Singh Gaur, Akka Zemmari, and MaximAnikeev. 2015. DRACO: DRoid analyst combo anAndroid malware analysis framework. In Proceed-ings of the 8th International Conference on Secu-rity of Information and Networks. ACM, 283289.

Wasim Ahmad Bhat and SMK Quadri. 2012. OpenSource Code Doesnt Always Help: Case of File Sys-tem Development. Trends in Information Manage-ment (TRIM) 7, 2 (2012).

Antonio Bianchi, Yanick Fratantonio, ChristopherKruegel, and Giovanni Vigna. 2015. NJAS: Sand-boxing Unmodified Applications in non-rooted De-vices Running stock Android. In Proceedings of

the 5th Annual ACM CCS Workshop on Secu-rity and Privacy in Smartphones and Mobile De-vices. ACM, 2738. https://www.cs.ucsb.edu/

~vigna/publications/2015_SPSM_NJAS.pdf.

Jeffrey Bickford, H Andres Lagar-Cavilla, AlexanderVarshavsky, Vinod Ganapathy, and Liviu Iftode.2011. Security versus energy tradeoffs in host-based mobile malware detection. In Proceedings ofthe 9th international conference on Mobile systems,applications, and services. ACM, 225238.

Michael Bierma, Eric Gustafson, Jeremy Er-ickson, David Fritz, and Yung Ryn Choe.2014. Andlantis: Large-scale Android Dy-namic Analysis. http://arxiv.org/. (2014).http://arxiv.org/pdf/1410.7751.pdf.:: Sandia National Laboratories, University of Cal-ifornia, Davis;; Abstract Analyzing Android appli-cations for malicious behavior is an important areaof research, and is made difficult, in part, by theincreasingly large number of applications availablefor the platform. While techniques exist to per-form static analysis on a large number of appli-cations, dynamic analysis techniques are relativelylimited in scale due to the computational resourcesrequired to emulate the full Android system toachieve accurate execution. We present Andlantis,a scalable dynamic analysis system capable of pro-cessing over 3000 Android applications per hour.During this processing, the system is able to col-lect valuable forensic data, which helps reverse-engineers and malware researchers identify and un-derstand anomalous application behavior. We dis-cuss the results of running 1261 malware samplesthrough the system, and provide examples of mal-ware analysis performed with the resulting data.;;

Walter Binder. 2015. Analyzing Distributed Multi-platform Java and Android Applications withShadowVM. In Programming Languages and Sys-tems: 13th Asian Symposium, APLAS 2015, Po-hang, South Korea, November 30-December 2,2015, Proceedings, Vol. 9458. Springer, 356.

Tegawende F Bissyande. 2015. Harvesting FixHints in the History of Bugs. arXiv preprint

13 2016/11/18

www.wright.edu/~pmatetihttp://scholarworks.umass.edu/cgi/viewcontent.cgi?article=1086&context=cs_faculty_pubshttp://scholarworks.umass.edu/cgi/viewcontent.cgi?article=1086&context=cs_faculty_pubshttp://scholarworks.umass.edu/cgi/viewcontent.cgi?article=1086&context=cs_faculty_pubshttp://courses.cs.washington.edu/courses/cse484/14au/reading/coverity.pdfhttp://courses.cs.washington.edu/courses/cse484/14au/reading/coverity.pdf https://www.cs.ucsb.edu/~vigna/publications/2015_SPSM_NJAS.pdf https://www.cs.ucsb.edu/~vigna/publications/2015_SPSM_NJAS.pdf


arXiv:1507.05742 (2015). http://arxiv.org/pdf/1507.05742.pdf.:: Tegawende F. Bissyande SnT, Uni-versity of Luxembourg, [email protected] Abstract: In softwaredevelopment, fixing bugs is an important task thatis time consuming and cost-sensitive. While manyapproaches have been proposed to automaticallydetect and patch software code, the strategiesare limited to a set of identified bugs that werethoroughly studied to define their properties.They thus manage to cover a niche of faults suchas infinite loops. We build on the assumptionthat bugs, and the associated user bug reports,are repetitive and propose a new approach of fixrecommendations based on the history of bugs andtheir associated fixes. In our approach, once a bugis reported, it is automatically compared to allpreviously fixed bugs using information retrievaltechniques and machine learning classification.Based on this comparison, we recommend top-kfix actions, identified from past fix examples, thatmay be suitable as hints for software developersto address the new bug. ;;

W. Black and K. PRICE. 2014. Systemsand methods for transparent per-file encryp-tion and decryption via metadata identifica-tion. (Sept. 11 2014). https://www.google.com/patents/US20140258720 US Patent App.14/203,974.

Cedric Van Bockhaven and Jochem van Kerk-wijk. 2014. Android Patching. Masters the-sis. https://www.os3.nl/_media/2013-2014/courses/rp2/p40_report.pdf Supervisor:Jochem van Kerkwijk.

Andrey Bogdanov, Florian Mendel, Francesco Regaz-zoni, Vincent Rijmen, and Elmar Tischhauser.2014. ALE: AES-based lightweight authenticatedencryption. In Fast Software Encryption. Springer,447466.

Hristo Bojinov, Dan Boneh, Rich Cannings, andIliyan Malchev. 2011. Address space random-ization for mobile devices. In Proceedings of the

fourth ACM conference on Wireless network secu-rity. ACM, 127138.

Gianluca Borello. 2014. Sysdig Cloud -Hiding Linux Processes For Fun AndProfit. (2014). https://sysdig.com/hiding-linux-processes-for-fun-and-profit/.

Francisco Borrego-Jaraba, Gonzalo Cerruela Garca,Irene Luque Ruiz, and Miguel Angel Gomez-Nieto.2013. An NFC based context-aware solution for ac-cess to bibliographic sources in university environ-ments. Journal of Ambient Intelligence and SmartEnvironments 5, 1 (2013), 105118.

Daniel P Bovet and Marco Cesati. 2005. Understand-ing the Linux Kernel. OReilly Media, Inc.

Kjell Braden, Stephen Crane, Lucas Davi,Michael Franz, Per Larsen, ChristopherLiebchen, and Ahmad-Reza Sadeghi. 2016.Leakage-Resilient Layout Randomizationfor Mobile Devices. (2016). http://www.ics.uci.edu/~perl/ndss16_lr2.pdf.

Alexandre Braga12 and Ricardo Dahab. 2015. ASurvey on Tools and Techniques for the Program-ming and Verification of Secure CryptographicSoftware. In XV SIMPSIO BRASILEIRO EMSEGURANA DA INFORMAO E DE SISTEMASCOMPUTACIONAIS09 A 12 DE NOVEM-BRO FLORIANPOLIS/SC. https://www.researchgate.net/publication/283730120_A_

Survey_on_Tools_and_Techniques_for_the_

Programming_and_Verification_of_Secure_

Cryptographic_Software.

Stefan Brahler. 2010. Analysis of the An-droid architecture. Masters thesis. Karl-sruhe institute for technology. https://os.itec.kit.edu/downloads/sa_2010_

braehler-stefan_Android-architecture.pdf.:: Erstgutachter: Prof. Dr. Frank Bellosa Be-treuende Mitarbeiter: Dr. Jan Sto, Dipl.-Inform.Konrad Miller Bearbeitungszeit: 2. Juni 2010 6.Oktober 2010 ;;

14 2016/11/18

www.wright.edu/~pmatetihttp://arxiv.org/pdf/1507.05742.pdfhttp://arxiv.org/pdf/1507.05742.pdfhttps://www.google.com/patents/US20140258720https://www.google.com/patents/US20140258720https://www.os3.nl/_media/2013-2014/courses/rp2/p40_report.pdfhttps://www.os3.nl/_media/2013-2014/courses/rp2/p40_report.pdfhttps://sysdig.com/hiding-linux-processes-for-fun-and-profit/https://sysdig.com/hiding-linux-processes-for-fun-and-profit/http://www.ics.uci.edu/~perl/ndss16_lr2.pdfhttp://www.ics.uci.edu/~perl/ndss16_lr2.pdf https://www.researchgate.net/publication/283730120_A_Survey_on_Tools_and_Techniques_for_the_Programming_and_Verification_of_Secure_Cryptographic_Software https://www.researchgate.net/publication/283730120_A_Survey_on_Tools_and_Techniques_for_the_Programming_and_Verification_of_Secure_Cryptographic_Software https://www.researchgate.net/publication/283730120_A_Survey_on_Tools_and_Techniques_for_the_Programming_and_Verification_of_Secure_Cryptographic_Software https://www.researchgate.net/publication/283730120_A_Survey_on_Tools_and_Techniques_for_the_Programming_and_Verification_of_Secure_Cryptographic_Software https://www.researchgate.net/publication/283730120_A_Survey_on_Tools_and_Techniques_for_the_Programming_and_Verification_of_Secure_Cryptographic_Softwarehttps://os.itec.kit.edu/downloads/sa_2010_braehler-stefan_Android-architecture.pdfhttps://os.itec.kit.edu/downloads/sa_2010_braehler-stefan_Android-architecture.pdfhttps://os.itec.kit.edu/downloads/sa_2010_braehler-stefan_Android-architecture.pdf


Jorg Brakensiek, Axel Droge, Martin Botteck, Her-mann Hartig, and Adam Lackorzynski. 2008. Vir-tualization as an enabler for security in mobile de-vices. In Proceedings of the 1st workshop on Iso-lation and integration in embedded systems. ACM,1722.

Eric A Brewer, Jeremy Condit, Bill McCloskey, andFeng Zhou. 2005. Thirty Years Is Long Enough:Getting Beyond C.. In HotOS.

Fraser Brown, Andres Notzli, and Dawson Engler.2016. How to Build Static Checking Systems Us-ing Orders of Magnitude Less Code. In Proceedingsof the Twenty-First International Conference onArchitectural Support for Programming Languagesand Operating Systems. ACM, 143157. http://web.stanford.edu/~mlfbrown/paper.pdf.

Kerry D Brown and Ronald P Knapp. 2015.MOBILE-TO-MOBILE TRANSACTIONS.(Jan. 15 2015). US Patent 20,150,019,441.

Dominic Bucerzan and Crina Ratiu. 2016. ImageProcessing with Android Steganography. In SoftComputing Applications. Springer, 2736.

Sven Bugiel, Lucas Davi, Alexandra Dmitrienko,Thomas Fischer, and Ahmad-Reza Sadeghi.2011a. Xmandroid: A new android evolu-tion to mitigate privilege escalation attacks.Technische Universitat Darmstadt, Tech-nical Report TR-2011-04 (2011). https://www.ukp.tu-darmstadt.de/fileadmin/user_

upload/Group_TRUST/PubsPDF/xmandroid.pdf.

Sven Bugiel, Lucas Davi, Alexandra Dmitrienko,Thomas Fischer, and Ahmad-Reza Sadeghi. 2011b.XmAndroid: A new Android evolution to mitigateprivilege escalation attacks. Technische UniversitatDarmstadt, Technical Report TR-2011-04 (2011).

Sven Bugiel, Lucas Davi, Alexandra Dmitrienko,Thomas Fischer, Ahmad-Reza Sadeghi, andBhargava Shastry. 2012. Towards TamingPrivilege-Escalation Attacks on Android. In NDSS.18. http://core.ac.uk/download/files/544/18286747.pdf.

Sven Bugiel, Lucas Davi, Alexandra Dmitrienko,Stephan Heuser, Ahmad-Reza Sadeghi, and Bhar-gava Shastry. 2011. Practical and Lightweight Do-main Isolation on Android. In Proceedings of the1st ACM workshop on Security and privacy insmartphones and mobile devices. ACM, 5162.

Sven Bugiel, Stephan Heuser, and Ahmad-RezaSadeghi. 2013. Flexible and fine-grained manda-tory access control on Android for diverse secu-rity and privacy policies. In 22nd USENIX SecuritySymposium (USENIX Security13). USENIX.

Iker Burguera, Urko Zurutuza, and Simin Nadjm-Tehrani. 2011. Crowdroid: behavior-based mal-ware detection system for Android. In Proceedingsof the 1st ACM workshop on Security and privacyin smartphones and mobile devices. ACM, 1526.

Ivan Burke and Heloise Pieterse. 2015. Howto Tame Your Android Malware. In Iccws2015-The Proceedings of the 10th InternationalConference on Cyber Warfare and Security:ICCWS2015. Academic Conferences Lim-ited, 54. https://www.researchgate.net/profile/Ivan_Burke/publication/274255324_

How_to_Tame_Your_Android_Malware/links/

551a4b050cf2f51a6fea2f7c.pdf.:: Ivan Burke and Heloise Pieterse Cyber DefenceResearch Group, DPSS, CSIR, Pretoria, SouthAfrica [email protected] [email protected] ;;

Johnathon Burket, Lori Flynn, Will Klieber,Jonathan Lim, and William Snavely. 2015a. Mak-ing DidFail Succeed: Enhancing the CERT StaticTaint Analyzer for Android App Sets. (2015).

Johnathon Burket, Lori Flynn, Will Klieber,Jonathan Lim, and William Snavely. 2015b.Making DidFail Succeed: Enhancing the CERTStatic Taint Analyzer for Android App Sets.(2015). http://repository.cmu.edu/cgi/viewcontent.cgi?article=1825&context=sei.

Jesse Burns. 2009. Exploratory AndroidSurgery. In Black Hat Technical SecurityConference USA. http://www.blackhat.

15 2016/11/18

www.wright.edu/~pmatetihttp://web.stanford.edu/~mlfbrown/paper.pdfhttp://web.stanford.edu/~mlfbrown/paper.pdfhttps://www.ukp.tu-darmstadt.de/fileadmin/user_upload/Group_TRUST/PubsPDF/xmandroid.pdfhttps://www.ukp.tu-darmstadt.de/fileadmin/user_upload/Group_TRUST/PubsPDF/xmandroid.pdfhttps://www.ukp.tu-darmstadt.de/fileadmin/user_upload/Group_TRUST/PubsPDF/xmandroid.pdf http://core.ac.uk/download/files/544/18286747.pdf http://core.ac.uk/download/files/544/18286747.pdfhttps://www.researchgate.net/profile/Ivan_Burke/publication/274255324_How_to_Tame_Your_Android_Malware/links/551a4b050cf2f51a6fea2f7c.pdfhttps://www.researchgate.net/profile/Ivan_Burke/publication/274255324_How_to_Tame_Your_Android_Malware/links/551a4b050cf2f51a6fea2f7c.pdfhttps://www.researchgate.net/profile/Ivan_Burke/publication/274255324_How_to_Tame_Your_Android_Malware/links/551a4b050cf2f51a6fea2f7c.pdfhttps://www.researchgate.net/profile/Ivan_Burke/publication/274255324_How_to_Tame_Your_Android_Malware/links/551a4b050cf2f51a6fea2f7c.pdfhttp://repository.cmu.edu/cgi/viewcontent.cgi?article=1825&context=seihttp://repository.cmu.edu/cgi/viewcontent.cgi?article=1825&context=seihttp://www.blackhat.com/presentations/bh-usa-09/BURNS/BHUSA09-Burns-AndroidSurgery-SLIDES.pdfhttp://www.blackhat.com/presentations/bh-usa-09/BURNS/BHUSA09-Burns-AndroidSurgery-SLIDES.pdf


com/presentations/bh-usa-09/BURNS/

BHUSA09-Burns-AndroidSurgery-SLIDES.pdf.

Mathias Bylund. 2009. Evaluation of OKL4.Masters thesis. Malardalens University. http://www.diva-portal.org/smash/get/diva2:

221398/FULLTEXT01.pdf.:: Course: CDT307 Supervisor SAAB Aerotech:Martin Strand Supervisor Mlardalens University:Moris Behnam Examiner: Thomas Nolte Date:2009-04-16 ;; Abstract ... The company Open Ker-nel Labs is one of the leading providers of em-bedded systems software virtualization technologyand OKL4 is one of their products, which is basedon L4 family of second-generation microkernels. Inthis thesis, we will evaluate the kernel contains, theperformance, the security and the environment ofthe OKL4. Finally we conclude the advantages anddisadvantages of the product and technology. pm:Poorly written abstract. ;;

Miao Cai, Qinsheng Hou, Fangfang Jing, and QiaoDing. 2013. Research of Cloud Security Commu-nication Firewall Based on Android Platform. InProceedings of the 2nd International Conferenceon Computer Science and Electronics Engineering.Atlantis Press.

Aylin Caliskan-Islam, Richard Harang, AndrewLiu, Arvind Narayanan, Clare Voss, FabianYamaguchi, and Rachel Greenstadt. 2015.De-anonymizing Programmers via Code Sty-lometry. In 24th USENIX Security Symposium).USENIX Association, Washington, D.C., 255270. https://www.usenix.org/conference/usenixsecurity15/technical-sessions/

presentation/caliskan-islam.

Jennifer Campbell and Anya Tafliovich. 2015. AnExperience Report: Using Mobile Development ToTeach Software Design. In Proceedings of the 46thACM Technical Symposium on Computer ScienceEducation. ACM, 506511.:: ... In future, the instructors will plan a formaltraining session on Android and will aim to identifyTAs who are more expert in this area to becomethe go-to for this type of consultation. ... Learning

mobile security with Android security labware. ...;;

Gerardo Canfora, Francesco Mercaldo, and Cor-rado Aaron Visaggio. 2016. An HMM and struc-tural entropy based detector for Android malware:An empirical study. Computers & Security 61(2016), 118.

Yinzhi Cao, Yanick Fratantonio, Antonio Bianchi,Manuel Egele, Christopher Kruegel, Giovanni Vi-gna, and Yan Chen. 2015. EdgeMiner: Automat-ically Detecting Implicit Control Flow Transitionsthrough the Android Framework. In Network andDistributed System Security Symposium (NDSS).San Diego, CA, USA. http://cs.northwestern.edu/~ychen/Papers/NDSS15_edgeMinder.pdf.

Lucian Carata, Sherif Akoush, Nikilesh Balakrish-nan, Thomas Bytheway, Ripduman Sohan, MargoSelter, and Andy Hopper. 2014. A Primer onProvenance. Commun. ACM 57, 5 (2014), 5260. https://www.cl.cam.ac.uk/~sa497/pop_cacm.pdf.

Nicholas Carlini, Adrienne Porter Felt, and DavidWagner. 2012. An Evaluation of the GoogleChrome Extension Security Architecture (USENIXSecurity Symposium 2012).

Nicholas Carlini and David Wagner. 2014. ROPis still dangerous: Breaking modern defenses.In USENIX Security Symposium. https://www.usenix.org/system/files/conference/

usenixsecurity14/sec14-paper-carlini.pdf.

Aaron Carroll and Gernot Heiser. 2010. An Anal-ysis of Power Consumption in a Smartphone.. InUSENIX annual technical conference. 271285.

Davide Ceolin, Paul T Groth, Willem Robert VanHage, Archana Nottamkandath, and Wan Fokkink.2012. Trust Evaluation through User Reputationand Provenance Analysis. URSW 900 (2012), 1526. http://ceur-ws.org/Vol-900/paper2.pdf.

Subhamoy Chakraborti, DP Acharjya, and SugataSanyal. 2015. Application Security frameworkfor Mobile App Development in Enterprise setup.

16 2016/11/18

www.wright.edu/~pmatetihttp://www.blackhat.com/presentations/bh-usa-09/BURNS/BHUSA09-Burns-AndroidSurgery-SLIDES.pdfhttp://www.blackhat.com/presentations/bh-usa-09/BURNS/BHUSA09-Burns-AndroidSurgery-SLIDES.pdfhttp://www.diva-portal.org/smash/get/diva2:221398/FULLTEXT01.pdfhttp://www.diva-portal.org/smash/get/diva2:221398/FULLTEXT01.pdfhttp://www.diva-portal.org/smash/get/diva2:221398/FULLTEXT01.pdfhttps://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/caliskan-islamhttps://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/caliskan-islamhttps://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/caliskan-islamhttp://cs.northwestern.edu/~ychen/Papers/NDSS15_edgeMinder.pdfhttp://cs.northwestern.edu/~ychen/Papers/NDSS15_edgeMinder.pdf https://www.cl.cam.ac.uk/~sa497/pop_cacm.pdf https://www.cl.cam.ac.uk/~sa497/pop_cacm.pdfhttps://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-carlini.pdfhttps://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-carlini.pdfhttps://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-carlini.pdfhttp://ceur-ws.org/Vol-900/paper2.pdf


arXiv preprint arXiv:1503.05992 (2015). http://arxiv.org/pdf/1503.05992.pdf.:: *Subhamoy Chakraborti Magma Fin-corp Limited, India Email: [email protected] D. P. Acharjya School ofComputing Science and Engineering, VIT Univer-sity, Vellore, India E mail: [email protected] Sanyal Corporate Technology Office, TataConsultancy Services, Mumbai, India Email:[email protected] *Corresponding author ;;

Supriyo Chakraborty, Chenguang Shen, Kas-turi Rangan Raghavan, Yasser Shoukry, MattMillar, and Mani Srivastava. 2014. ipShield: aframework for enforcing context-aware privacy. InProceedings of the 11th USENIX Conference onNetworked Systems Design and Implementation.USENIX Association, 143156.

Patrick PF Chan, Lucas CK Hui, and Siu-Ming Yiu.2012. Droidchecker: analyzing Android applica-tions for capability leak. In Proceedings of the fifthACM conference on Security and Privacy in Wire-less and Mobile Networks. ACM, 125136.

C Kumar Charliepaul and G Immanual Gnanadu-rai. 2014. EFFICIENT INTEGRITY PROTEC-TION FOR ANDROID MOBILE. InternationalJournal On Engineering Technology and Sciences IJETS I (Aug. 2014). Issue IV. http://ijets.in/Downloads/Published/E0140104005.pdf.:: Dr.C.Kumar Charliepaul Principal A.S.LPauls College of Engg & Tech, Coimbatore.G.Immanual Gnanadurai Assistant professor /CSE Dhaya College of Engineering, Madurai. [email protected] [email protected]: Currently lot of studies regarding PCviruses and worms but very less effect has beendone regarding the same issues in the mobileatmosphere. But high-speed growth of smartphone users it increasingly become the target ofpropagating viruses through the Bluetooth andWi-Fi and reaches into the mobile networks. Ina mobile viruses and malwares can cause privacyleakage, extra charges, and reduction of batterypower, remote listening and accessing privateshort message and call history logs etc. Addition-

ally they can scrape wireless servers by sendinglot of spam messages or track user positions.In proposed system used a two layer networkmodel for spreading virus through both Bluetoothand SMS/MMS. Our work addressed the effectof human behaviors, i.e., Operational behaviorand Mobile behavior on virus propagation. Inaddition observe two strategies for avoid mobilevirus propagation i.e., Pre immunization andAdaptive Dissemination strategies represent onthe methodology of Autonomy-Oriented Com-puting. Here refer to these malware or viruses ascell-phone worms which are malicious codes thatact vulnerability in cell-phone software and spreadin networks through current services such as Blue-tooth and Short / Multimedia Messaging Service(SMS/MMS). A user can be automatically excit-ing for various SPAM messages generated by theworm and the phone battery will be quickly tired.Many studies reported the damages of mobileviruses. Keywords-Autonomy oriented comput-ing,Malwares,Android platform. ;; ... However,Clark-Wilson has the requirement that pro-grams undergo formal semantic verification. ... [4]Enck.W,Ongtang.M,andMcDaniel.P,UnderstandingAndroid Security,IEEE Security and Privacy, vol.7, no. 1, pp. 50-57, Jan.[2009]. ... ;;

Avik Chaudhuri. 2009. Language-based security onAndroid. In Proceedings of the ACM SIGPLANfourth workshop on programming languages andanalysis for security. ACM, 17.:: Abstract In this paper, we initiate a formal studyof security on Android: Googles new open-sourceplatform for mobile devices. Specifically, we presenta core typed language to describe Android appli-cations, and to reason about their data- flow se-curity properties. Our operational semantics andtype system provide some necessary foundationsto help both users and developers of Android ap-plications deal with their security concerns. Cat-egories and Subject Descriptors D.4.6 [OperatingSystems]: Security and ProtectionAccess controls,Verifi- cation; D.3.3 [Programming Languages]:Language Constructs and FeaturesControl con-structs General Terms Security, Languages, Veri-

17 2016/11/18

www.wright.edu/~pmatetihttp://arxiv.org/pdf/1503.05992.pdfhttp://arxiv.org/pdf/1503.05992.pdfhttp://ijets.in/Downloads/Published/E0140104005.pdfhttp://ijets.in/Downloads/Published/E0140104005.pdf


fication Keywords data-flow security, hybrid typesystem, mobile code, certified compilation ;;

Rinki R Chauhan and Chirag Gohel. 2015. Near FieldCommunication (NFC): An Emerging ContactlessTechnology. Wireless Communication 7, 1 (2015),1519.

Stephen Checkoway. 2013. Iago Attacks: Why theSystem Call API is a Bad Untrusted RPC In-terface. (2013). https://www.cs.jhu.edu/~s/papers/iago2013/iago2013.pdf.

Stephen Checkoway, Lucas Davi, AlexandraDmitrienko, Ahmad-Reza Sadeghi, HovavShacham, and Marcel Winandy. 2010. Return-oriented programming without returns. InProceedings of the 17th ACM conference onComputer and communications security. ACM,559572. http://cseweb.ucsd.edu/~hovav/dist/noret-ccs.pdf.

Kevin Chen, Warren He, Devdatta Akhawe, VijayDSilva, Prateek Mittal, and Dawn Song. 2015.ASPIRE: Iterative Specification Synthesis forSecurity. In 15th Workshop on Hot Topics inOperating Systems (HotOS XV). USENIX Asso-ciation, Kartause Ittingen, Switzerland. https://www.usenix.org/conference/hotos15/

workshop-program/presentation/chen_kevin

https://www.usenix.org/system/files/

conference/hotos15/hotos15-paper-chen_

kevin.pdf.:: Authors: Kevin Zijie Chen, Warren He, and De-vdatta Akhawe, University of California, Berkeley;Vijay DSilva; Prateek Mittal, Princeton Univer-sity; Dawn Song, University of California, Berke-ley Open Access Content USENIX is committedto Open Access to the research presented at ourevents. Papers and proceedings are freely avail-able to everyone once the event begins. Any video,audio, and/or slides that are posted after theevent are also free and open to everyone. Sup-port USENIX and our commitment to Open Ac-cess. Kevin Chen PDF View the slides BibTeXAbstract: How to perform a systematic securityanalysis of complex applications is a challenging

and open question. Approaches based on formalverification are impeded due to the lack of appli-cation specifications. To address this challenge, wepropose a framework, called ASPIRE, that enablesanalysts to automatically synthesize specificationsfrom examples such as application input-output ex-amples and system demonstrations. Our approachstarts by synthesizing the initial candidate specifi-cations in a domain specific language that conformto the examples, and iteratively prunes the candi-date set by incorporating more user feedback. Weimplement a prototype of ASPIRE for synthesizingand checking specifications of web applications, al-though our approach is not limited to web security,and use it in three case studies to demonstrate thediscovery of complex vulnerabilities in implemen-tations of real world web applications. Our work isthe first to design a general framework that lever-ages program synthesis techniques for security ap-plications. ;;

Kai Chen, Xueqiang Wang, Yi Chen, Peng Wang,Yeonjoon Lee, XiaoFeng Wang, Bin Ma, AohuiWang, Yingjun Zhang, and Wei Zou. 2016. Follow-ing Devils Footprints: Cross-Platform Analysis ofPotentially Harmful Libraries on Android and iOS.(2016).

Jiefeng Cheng, Jeffrey Xu Yu, Bolin Ding, Philip SYu, and Haixun Wang. 2008. Fast graph patternmatching. In Data Engineering, 2008. ICDE 2008.IEEE 24th International Conference on. IEEE,913922.

Brian Chess and Jacob West. 2007. Secure Program-ming with Static Analysis. Pearson Education. 619pp pages. https://www.owasp.org/images/a/a9/Owaspday2West.pdf slides 2008.

Erika Chin, Adrienne Porter Felt, Kate Green-wood, and David Wagner. 2011. Analyzing inter-application communication in Android. In Proceed-ings of the 9th international conference on Mo-bile systems, applications, and services. ACM, 239252. https://www.eecs.berkeley.edu/~daw/papers/intents-mobisys11.pdf.

18 2016/11/18

www.wright.edu/~pmatetihttps://www.cs.jhu.edu/~s/papers/iago2013/iago2013.pdfhttps://www.cs.jhu.edu/~s/papers/iago2013/iago2013.pdfhttp://cseweb.ucsd.edu/~hovav/dist/noret-ccs.pdfhttp://cseweb.ucsd.edu/~hovav/dist/noret-ccs.pdfhttps://www.usenix.org/conference/hotos15/workshop-program/presentation/chen_kevinhttps://www.usenix.org/conference/hotos15/workshop-program/presentation/chen_kevinhttps://www.usenix.org/conference/hotos15/workshop-program/presentation/chen_kevinhttps://www.usenix.org/system/files/conference/hotos15/hotos15-paper-chen_kevin.pdfhttps://www.usenix.org/system/files/conference/hotos15/hotos15-paper-chen_kevin.pdfhttps://www.usenix.org/system/files/conference/hotos15/hotos15-paper-chen_kevin.pdfhttps://www.owasp.org/images/a/a9/Owaspday2West.pdfhttps://www.owasp.org/images/a/a9/Owaspday2West.pdfhttps://www.eecs.berkeley.edu/~daw/papers/intents-mobisys11.pdfhttps://www.eecs.berkeley.edu/~daw/papers/intents-mobisys11.pdf


Haehyun Cho, Jiwoong Bang, Myeongju Ji, andJeong Hyun Yi. 2016. Mobile application tam-per detection scheme using dynamic code injectionagainst repackaging attacks. The Journal of Su-percomputing (2016), 117.

Sunil Choenni, Mortaza S Bargh, Carmelita Roepan,and Ronald F Meijer. 2016. Privacy and Securityin Smart Data Collection by Citizens. In Smarteras the New Urban Agenda. Springer, 349366.

Jongseok Choi and Howon Kim. 2012. A Novel Ap-proach for SMS security. International Journal ofSecurity and Its Applications 6 (2012), 373378.

Andy Chou, Junfeng Yang, Benjamin Chelf, SethHallem, and Dawson Engler. 2001. An empiricalstudy of operating systems errors. Vol. 35. ACM.

Amit Choudhary. 2006. Implementinga System Call on Linux 2.6 for i386.Technical Report. http://www.tldp.org/.http://www.tldp.org/HOWTO/html_single/

Implement-Sys-Call-Linux-2.6-i386/.

Shauvik Roy Choudhary, Alessandra Gorla, andAlessandro Orso. 2015. Automated Test InputGeneration for Android: Are We There Yet?(E). InAutomated Software Engineering (ASE), 2015 30thIEEE/ACM International Conference on. IEEE,429440. http://arxiv.org/pdf/1503.07217.pdf.:: Shauvik Roy Choudhary Georgia Instituteof Technology, USA [email protected] Gorla IMDEA Software Institute,Spain [email protected] AlessandroOrso Georgia Institute of Technology, [email protected] ;;

J. Chow, T. GARFINKEL, and D. LUCCHETTI.2014a. Method and system for recording aselected computer process for subsequent re-play. (Feb. 18 2014). https://www.google.com/patents/US8656222 US Patent 8,656,222.

J. Chow, T. GARFINKEL, and D. LUCCHETTI.2014b. Method and system for recording aselected computer process for subsequent re-play. (Feb. 18 2014). https://www.google.com/

patents/US8656222 US Patent 8,656,222, https://www.google.com/patents/US8656222.

Ankur Chowdhary. 2015. Secure Mobile SDN.Masters thesis. Arizona State University. https://repository.asu.edu/attachments/157956/

content/Chowdhary_asu_0010N_15174.pdf.:: Dijiang Huang, Chair Hasan Davulcu Hang-hang Tong;; Index terms: UBoot, BYOD (BringYour Own Device), ARM, Virtualization, Hypervi-sor, VM(Virtual Machine), SDN (Software DefinedNetwork), Controller, OpenFlow, GRE(GenericRouting Encapsulation), oVS (OpenFlow VirtualSwitch), KVM(Kernel Based Virtual Machine) ;;

Ciera Nicole Christopher. 2006a. Evaluat-ing Static Analysis Frameworks. Analysis,pag (2006), 117. https://www.cs.cmu.edu/~aldrich/courses/654-sp09/tools/

christopher-analysis-frameworks-06.pdf.:: Ciera Nicole Christopher Carnegie MellonUniversity Analysis of Software Artifacts [email protected] May 10, 2006 Abstract Manystatic analyses share a core set of common tech-niques. These techniques can be described in astatic analysis framework so that new analyses canreuse a common infrastructure. This allows compa-nies to create proprietary static analyses for spe-cific domains. In this paper, we examine the idealform for a static analysis framework and evaluatefour existing frameworks against this ideal. We alsoconsider where these frameworks need to improveto meet this ideal and satisfy the needs of a samplescenario ;;

Ciera Nicole Christopher. 2006b. Evaluating StaticAnalysis Frameworks. Analysis, pag (2006), 117.

Cristina Cifuentes, Andrew Gross, and NathanKeynes. 2015. Understanding caller-sensitivemethod vulnerabilities: a class of access controlvulnerabilities in the Java platform. In Proceedingsof the 4th ACM SIGPLAN International Workshopon State Of the Art in Program Analysis. ACM, 712.

Onur Cinar. 2012. Bionic API Primer. In Pro An-droid C++ with the NDK. Springer, 155177.

19 2016/11/18

www.wright.edu/~pmatetihttp://www.tldp.org/HOWTO/html_single/Implement-Sys-Call-Linux-2.6-i386/http://www.tldp.org/HOWTO/html_single/Implement-Sys-Call-Linux-2.6-i386/http://arxiv.org/pdf/1503.07217.pdfhttp://arxiv.org/pdf/1503.07217.pdfhttps://www.google.com/patents/US8656222https://www.google.com/patents/US8656222https://www.google.com/patents/US8656222https://www.google.com/patents/US8656222https://www.google.com/patents/US8656222https://www.google.com/patents/US8656222https://repository.asu.edu/attachments/157956/content/Chowdhary_asu_0010N_15174.pdfhttps://repository.asu.edu/attachments/157956/content/Chowdhary_asu_0010N_15174.pdfhttps://repository.asu.edu/attachments/157956/content/Chowdhary_asu_0010N_15174.pdfhttps://www.cs.cmu.edu/~aldrich/courses/654-sp09/tools/christopher-analysis-frameworks-06.pdfhttps://www.cs.cmu.edu/~aldrich/courses/654-sp09/tools/christopher-analysis-frameworks-06.pdfhttps://www.cs.cmu.edu/~aldrich/courses/654-sp09/tools/christopher-analysis-frameworks-06.pdf


Frances Cleary and Massimo Felici. 2014. CyberSecurity and Privacy: Third Cyber Security andPrivacy EU Forum, CSP Forum 2014, Athens,Greece, May 21-22, 2014, Revised Selected Papers.Vol. 470. Springer.

Zack Coker, Michael Maass, Tianyuan Ding, ClaireLe Goues, and Joshua Sunshine. 2015. Evaluatingthe Flexibility of the Java Sandbox. In Proceedingsof the 31st Annual Computer Security ApplicationsConference. ACM, 110.

Alberto Coletta, Victor Van Der Veen, and Fed-erico Maggi. 2016. DroydSeuss: A Mobile BankingTrojan Tracker-Short Paper. Financial Cryptog-raphy and Data Security, Lecture Notes in Com-puter Science (LNCS). Springer Berlin Heidel-berg 1 (2016). https://www.ifca.ai/fc16/preproceedings/14_Coletta.pdf.:: See preti2016 MS Thesis ;;

Kevin Conlan, Ibrahim Baggili, and Frank Bre-itinger. 2016. Anti-forensics: Furthering digitalforensic science through a new extended, granulartaxonomy. Digital Investigation 18 (2016), S66S75.

Mauro Conti, Luigi Vincenzo M

Documents

Bibliography for Tightening the Android Mobile Platform