Neural-Augmented Static Analysis of Android Communication

We address the problem of discovering communication links between applications in the popular Android mobile operating system, an important problem for security and privacy in Android. Any scalable static analysis in this complex setting is bound to produce an excessive amount of false-positives, rendering it impractical. To improve precision, we propose to augment static analysis with a trained neural-network model that estimates the probability that a communication link truly exists. We describe a neural-network architecture that encodes abstractions of communicating objects in two applications and estimates the probability with which a link indeed exists. At the heart of our architecture are type-directed encoders (TDE), a general framework for elegantly constructing encoders of a compound data type by recursively composing encoders for its constituent types. We evaluate our approach on a large corpus of Android applications, and demonstrate that it achieves very high accuracy. Further, we conduct thorough interpretability studies to understand the internals of the learned neural networks.Comment: Appears in Proceedings of the 2018 ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE

Teaching Concurrent Software Design: A Case Study Using Android

In this article, we explore various parallel and distributed computing topics from a user-centric software engineering perspective. Specifically, in the context of mobile application development, we study the basic building blocks of interactive applications in the form of events, timers, and asynchronous activities, along with related software modeling, architecture, and design topics.Comment: Submitted to CDER NSF/IEEE-TCPP Curriculum Initiative on Parallel and Distributed Computing - Core Topics for Undergraduate

Vibration Alert Bracelet for Notification of the Visually and Hearing Impaired

This paper presents the prototype of an electronic vibration bracelet designed to help the visually and hearing impaired to receive and send emergency alerts. The bracelet has two basic functions. The first function is to receive a wireless signal and respond with a vibration to alert the user. The second function is implemented by pushing one button of the bracelet to send an emergency signal. We report testing on a prototype system formed by a mobile application and two bracelets. The bracelets and the application form a complete system intended to be used in retirement apartment communities. However, the system is flexible and could be expanded to add new features or to serve as a research platform for gait analysis and location services. The medical and professional potential of the proposed system is that it offers a simple, modular, and cost-effective alternative to all the existing medical devices with similar functionality currently on the market. The proposed system has an educational potential as well: it can be used as a starting point for capstone projects and demonstration purposes in schools to attract students to STEM disciplines

Fog Computing in Medical Internet-of-Things: Architecture, Implementation, and Applications

In the era when the market segment of Internet of Things (IoT) tops the chart in various business reports, it is apparently envisioned that the field of medicine expects to gain a large benefit from the explosion of wearables and internet-connected sensors that surround us to acquire and communicate unprecedented data on symptoms, medication, food intake, and daily-life activities impacting one's health and wellness. However, IoT-driven healthcare would have to overcome many barriers, such as: 1) There is an increasing demand for data storage on cloud servers where the analysis of the medical big data becomes increasingly complex, 2) The data, when communicated, are vulnerable to security and privacy issues, 3) The communication of the continuously collected data is not only costly but also energy hungry, 4) Operating and maintaining the sensors directly from the cloud servers are non-trial tasks. This book chapter defined Fog Computing in the context of medical IoT. Conceptually, Fog Computing is a service-oriented intermediate layer in IoT, providing the interfaces between the sensors and cloud servers for facilitating connectivity, data transfer, and queryable local database. The centerpiece of Fog computing is a low-power, intelligent, wireless, embedded computing node that carries out signal conditioning and data analytics on raw data collected from wearables or other medical sensors and offers efficient means to serve telehealth interventions. We implemented and tested an fog computing system using the Intel Edison and Raspberry Pi that allows acquisition, computing, storage and communication of the various medical data such as pathological speech data of individuals with speech disorders, Phonocardiogram (PCG) signal for heart rate estimation, and Electrocardiogram (ECG)-based Q, R, S detection.Comment: 29 pages, 30 figures, 5 tables. Keywords: Big Data, Body Area Network, Body Sensor Network, Edge Computing, Fog Computing, Medical Cyberphysical Systems, Medical Internet-of-Things, Telecare, Tele-treatment, Wearable Devices, Chapter in Handbook of Large-Scale Distributed Computing in Smart Healthcare (2017), Springe

Exploring Ransomware on The Oculus Quest 2

Virtual Reality Head Mounted Displays, also coined VR headsets, have breached barriers that held back widespread adoption and usage in the past. While covering the reasons for this large-scale spread, the idea is introduced that HMDs, which are standalone units, can become targets for malware. This work explores how applicable Android ransomware is to the Oculus Quest 2’s attack surface, due to the Quest’s usage of Android 10 as a base operating system. Existing ransomware samples are evaluated to determine an abstract definition of ransomware. This work also introduces SRS, Simple Ransomware Sample, which acts as a Proof-of-Concept, a minimum viable ransomware for testing ransomware on Android device attack surfaces. SRS is designed around the abstract ransomware definition that is derived. In addition to SRS, WannaLocker and Koler samples are used in testing. All samples are compared through execution on the Oculus Quest 2. Observed ransomware sample behavior is compared to expected behavior of each ransomware sample, as well as to the abstract ransomware definition. Ransomware sample success is evaluated based on expected behavior and the ability of the samples to execute definitional ransomware traits. The conclusion is that the Oculus Quest 2’s attack surface does contain the necessary aspects for the successful execution of ransomware

Computational Soundness for Dalvik Bytecode

Automatically analyzing information flow within Android applications that rely on cryptographic operations with their computational security guarantees imposes formidable challenges that existing approaches for understanding an app's behavior struggle to meet. These approaches do not distinguish cryptographic and non-cryptographic operations, and hence do not account for cryptographic protections: f(m) is considered sensitive for a sensitive message m irrespective of potential secrecy properties offered by a cryptographic operation f. These approaches consequently provide a safe approximation of the app's behavior, but they mistakenly classify a large fraction of apps as potentially insecure and consequently yield overly pessimistic results. In this paper, we show how cryptographic operations can be faithfully included into existing approaches for automated app analysis. To this end, we first show how cryptographic operations can be expressed as symbolic abstractions within the comprehensive Dalvik bytecode language. These abstractions are accessible to automated analysis, and they can be conveniently added to existing app analysis tools using minor changes in their semantics. Second, we show that our abstractions are faithful by providing the first computational soundness result for Dalvik bytecode, i.e., the absence of attacks against our symbolically abstracted program entails the absence of any attacks against a suitable cryptographic program realization. We cast our computational soundness result in the CoSP framework, which makes the result modular and composable.Comment: Technical report for the ACM CCS 2016 conference pape