An Empirical Study on Android-related Vulnerabilities

Mobile devices are used more and more in everyday life. They are our cameras, wallets, and keys. Basically, they embed most of our private information in our pocket. For this and other reasons, mobile devices, and in particular the software that runs on them, are considered first-class citizens in the software-vulnerabilities landscape. Several studies investigated the software-vulnerabilities phenomenon in the context of mobile apps and, more in general, mobile devices. Most of these studies focused on vulnerabilities that could affect mobile apps, while just few investigated vulnerabilities affecting the underlying platform on which mobile apps run: the Operating System (OS). Also, these studies have been run on a very limited set of vulnerabilities. In this paper we present the largest study at date investigating Android-related vulnerabilities, with a specific focus on the ones affecting the Android OS. In particular, we (i) define a detailed taxonomy of the types of Android-related vulnerability; (ii) investigate the layers and subsystems from the Android OS affected by vulnerabilities; and (iii) study the survivability of vulnerabilities (i.e., the number of days between the vulnerability introduction and its fixing). Our findings could help OS and apps developers in focusing their verification & validation activities, and researchers in building vulnerability detection tools tailored for the mobile world

Survivability of Deterministic Dynamical Systems

The notion of a part of phase space containing desired (or allowed) states of a dynamical system is important in a wide range of complex systems research. It has been called the safe operating space, the viability kernel or the sunny region. In this paper we define the notion of survivability: Given a random initial condition, what is the likelihood that the transient behaviour of a deterministic system does not leave a region of desirable states. We demonstrate the utility of this novel stability measure by considering models from climate science, neuronal networks and power grids. We also show that a semi-analytic lower bound for the survivability of linear systems allows a numerically very efficient survivability analysis in realistic models of power grids. Our numerical and semi-analytic work underlines that the type of stability measured by survivability is not captured by common asymptotic stability measures.Comment: 21 pages, 6 figure

Towards an evaluation framework for medical web applications

Copyright @ 2013 EMCIS.The main aim of this study is to review and analyse various evaluation frameworks used to assess the operational effectiveness of various Information Technology (IT) processes/applications and identify their strengths in order to form a new holistic framework for economic evaluation of web applications. This research aims to address the need for a new holistic evaluation framework for the purpose of the evaluation of the medical web applications. Over the last decade more and more, companies used accountancy techniques such as the frameworks analysed in this research. This new holistic framework that was developed will include also steps regarding the indirect and intangible costs and benefits identification and their incorporation in the evaluation process. Moreover the new emerging market of the medical websites and the embedded on them web applications requires also a new evaluation framework that will provide accurate results in the estimation of the efficiency of an investment on them. The paper first presents an introduction about why economic evaluation is important when evaluating the Information Technology in organizations. Various studies are reviewed, which highlight the ever increasing importance of integrating economic evaluation processes, such as Cost Benefit Analysis (CBA) and Return on Investment (ROI), into systems and processes of organizations and economic organizations, and analyse the factors that govern their role. Finally, the evaluation frameworks and methods that are found in these studies should be used as a part of a proactive systematic action plan that the organizations could use to avoid budget reduction due to incorrect planning. The next part of this study includes a comprehensive presentation and review of past frameworks used to evaluate Information Technology. The frameworks that are reviewed are the Framework for evaluation of information systems, the Information Technology Adoption Model (ITAM), the Total Evaluation and Acceptance Methodology (TEAM) framework, the ROI Process Model and HOT-fit evaluation framework for Health Information Systems

Survivability : A Unifiying Concept for the Transient Resilience of Deterministic Dynamical Systems

16 pagesNon peer reviewedPreprin

Impact of Embedded Carbon Fiber Heating Panel on the Structural/Mechanical Performance of Roadway Pavement

INE/AUTC 12.3