Program analysis for anomaly detection

When interacting with mobile applications, users may not always get what they expect. For instance, when users download Android applications from a market, they do not know much about their actual behavior. A brief description, a set of screenshots and a list of permissions, which give a high level intuition of what applications might be doing, form user expectations. However applications do not always meet them. For example, a gaming application intentionally could send SMS messages to a premium number in a background without a user’s knowledge. A less harmful scenario would be a wrong message confirming a successful action that was never executed. Whatever the behavior of a mobile application might (app) be, in order to test and fully understand it, there needs to be a technique that can analyse the User Interface (UI) of the app and the code associated with it as the whole. This thesis presents a static analysis framework called SAFAND that given an ANDROID app performs the following analysis: - gathers information on how the application uses sensitive data; - identifies and analyses UI elements of the application; - binds UI elements with their corresponding behavior. The thesis illustrates how results obtained from the framework can be used to identify problems ranging from small usability issues to malicious behavior of real-world applications.Bei der Interaktion mit mobilen Anwendungen erhalten Benutzer möglicherweise nicht immer das, was sie erwarten. Wenn Benutzer beispielsweise Android- Anwendungen von einem Marktplatz herunterladen, wissen sie nicht viel über das tatsächliche Verhalten dieser Anwendungen. Eine kurze Beschreibung, eine Reihe von Screenshots und eine Liste von Berechtigungen, die eine umfassende Vorstellung davon geben sollen, welche Anwendungen möglicherweise ausgeführt werden können, bilden die Erwartungen der Benutzer. Die Anwendungen entsprechen diesen Erwartungen aber nicht immer. Zum Beispiel könnte ein Spiel ohne Wissen des Benutzers im Hintergrund absichtlich SMS-Nachrichten an eine Premium-Nummer senden. Ein weniger schädliches Szenario wäre eine falsche Meldung, welche eine erfolgreiche Aktion bestätigt, die jedoch niemals durchgeführt wurde. Unabhängig vom Verhalten einer mobilen Anwendung (App) muss eine Technik vorhanden sein, die die Benutzeroberfläche (User Interface, UI) der App und des damit verbundenen Codes testet und als Ganzes versteht. In dieser Arbeit wird ein statisches Analyseframework namens SAFAND2 vorgestellt, bei dem eine ANDROID-App die folgende Analyse durchführt: * sammelt Informationen darüber, wie die Anwendung sensible Daten verwendet; * identifiziert und analysiert UI-Elemente der Anwendung; * verbindet UI-Elemente mit ihrem entsprechenden Verhalten. Die Arbeit zeigt, wie Probleme, von kleinen Usability-Problemen bis hin zu böswilligem Verhalten realer Anwendungen, mit den Ergebnissen des Frameworks identifiziert werden können. 2SAFAND = Static Analysis For Anomaly Detectio

Keeping Context In Mind: Automating Mobile App Access Control with User Interface Inspection

Recent studies observe that app foreground is the most striking component that influences the access control decisions in mobile platform, as users tend to deny permission requests lacking visible evidence. However, none of the existing permission models provides a systematic approach that can automatically answer the question: Is the resource access indicated by app foreground? In this work, we present the design, implementation, and evaluation of COSMOS, a context-aware mediation system that bridges the semantic gap between foreground interaction and background access, in order to protect system integrity and user privacy. Specifically, COSMOS learns from a large set of apps with similar functionalities and user interfaces to construct generic models that detect the outliers at runtime. It can be further customized to satisfy specific user privacy preference by continuously evolving with user decisions. Experiments show that COSMOS achieves both high precision and high recall in detecting malicious requests. We also demonstrate the effectiveness of COSMOS in capturing specific user preferences using the decisions collected from 24 users and illustrate that COSMOS can be easily deployed on smartphones as a real-time guard with a very low performance overhead.Comment: Accepted for publication in IEEE INFOCOM'201

The Generic Spacecraft Analyst Assistant (gensaa): a Tool for Developing Graphical Expert Systems

During numerous contacts with a satellite each day, spacecraft analysts must closely monitor real-time data. The analysts must watch for combinations of telemetry parameter values, trends, and other indications that may signify a problem or failure. As the satellites become more complex and the number of data items increases, this task is becoming increasingly difficult for humans to perform at acceptable performance levels. At NASA GSFC, fault-isolation expert systems are in operation supporting this data monitoring task. Based on the lessons learned during these initial efforts in expert system automation, a new domain-specific expert system development tool named the Generic Spacecraft Analyst Assistant (GenSAA) is being developed to facilitate the rapid development and reuse of real-time expert systems to serve as fault-isolation assistants for spacecraft analysts. Although initially domain-specific in nature, this powerful tool will readily support the development of highly graphical expert systems for data monitoring purposes throughout the space and commercial industry

Exploring the eradication of code smells: An empirical and theoretical perspective

This article has been made available through the Brunel Open Access Publishing Fund - Copyright @ 2010 Hindawi Publishing CorporationCode smells reflect code decay, and, as such, developers should seek to eradicate such smells through application of “deodorant” in the form of one or more refactorings. However, a relative lack of studies exploring code smells either theoretically or empirically when compared with literature on refactoring suggests that there are reasons why smell eradication is neither being applied in anger, nor the subject of significant research. In this paper, we present three studies as supporting evidence for this stance. The first is an analysis of a set of five, open-source Java systems in which we show very little tendency for smells to be eradicated by developers; the second is an empirical study of a subsystem of a proprietary, C# web-based application where practical problems arise in smell identification and the third, a theoretical enumeration of smell-related refactorings to suggest why smells may be left alone from an effort perspective. Key findings of the study were that first, smells requiring application of simple refactorings were eradicated in favour of smells requiring more complex refactorings; second, a wide range of conflicts and anomalies soon emerged when trying to identify smelly code; an interesting result with respect to comment lines was also observed. Finally, perceived (estimated) effort to eradicate a smell may be a key factor in explaining why smell eradication is avoided by developers. The study thus highlights the need for a clearer research strategy on the issue of code smells and all aspects of their identification and measurement.The research in this paper was supported by a grant from the UK Engineering and Physical Sciences Research Council (EPSRC) (Grant no: EP/G031126/1

Monitoring and analysis of data from complex systems

Some of the methods, systems, and prototypes that have been tested for monitoring and analyzing the data from several spacecraft and vehicles at the Marshall Space Flight Center are introduced. For the Huntsville Operations Support Center (HOSC) infrastructure, the Marshall Integrated Support System (MISS) provides a migration path to the state-of-the-art workstation environment. Its modular design makes it possible to implement the system in stages on multiple platforms without the need for all components to be in place at once. The MISS provides a flexible, user-friendly environment for monitoring and controlling orbital payloads. In addition, new capabilities and technology may be incorporated into MISS with greater ease. The use of information systems technology in advanced prototype phases, as adjuncts to mainline activities, is used to evaluate new computational techniques for monitoring and analysis of complex systems. Much of the software described (specially, HSTORESIS (Hubble Space Telescope Operational Readiness Expert Safemode Investigation System), DRS (Device Reasoning Shell), DART (Design Alternatives Rational Tool), elements of the DRA (Document Retrieval Assistant), and software for the PPS (Peripheral Processing System) and the HSPP (High-Speed Peripheral Processor)) is available with supporting documentation, and may be applicable to other system monitoring and analysis applications

Making intelligent systems team players: Case studies and design issues. Volume 1: Human-computer interaction design

Initial results are reported from a multi-year, interdisciplinary effort to provide guidance and assistance for designers of intelligent systems and their user interfaces. The objective is to achieve more effective human-computer interaction (HCI) for systems with real time fault management capabilities. Intelligent fault management systems within the NASA were evaluated for insight into the design of systems with complex HCI. Preliminary results include: (1) a description of real time fault management in aerospace domains; (2) recommendations and examples for improving intelligent systems design and user interface design; (3) identification of issues requiring further research; and (4) recommendations for a development methodology integrating HCI design into intelligent system design

Reusable Rocket Engine Turbopump Health Management System

A health monitoring expert system software architecture has been developed to support condition-based health monitoring of rocket engines. Its first application is in the diagnosis decisions relating to the health of the high pressure oxidizer turbopump (HPOTP) of Space Shuttle Main Engine (SSME). The post test diagnostic system runs off-line, using as input the data recorded from hundreds of sensors, each running typically at rates of 25, 50, or .1 Hz. The system is invoked after a test has been completed, and produces an analysis and an organized graphical presentation of the data with important effects highlighted. The overall expert system architecture has been developed and documented so that expert modules analyzing other line replaceable units may easily be added. The architecture emphasizes modularity, reusability, and open system interfaces so that it may be used to analyze other engines as well