11,483 research outputs found
ChimpCheck: Property-Based Randomized Test Generation for Interactive Apps
We consider the problem of generating relevant execution traces to test rich
interactive applications. Rich interactive applications, such as apps on mobile
platforms, are complex stateful and often distributed systems where
sufficiently exercising the app with user-interaction (UI) event sequences to
expose defects is both hard and time-consuming. In particular, there is a
fundamental tension between brute-force random UI exercising tools, which are
fully-automated but offer low relevance, and UI test scripts, which are manual
but offer high relevance. In this paper, we consider a middle way---enabling a
seamless fusion of scripted and randomized UI testing. This fusion is
prototyped in a testing tool called ChimpCheck for programming, generating, and
executing property-based randomized test cases for Android apps. Our approach
realizes this fusion by offering a high-level, embedded domain-specific
language for defining custom generators of simulated user-interaction event
sequences. What follows is a combinator library built on industrial strength
frameworks for property-based testing (ScalaCheck) and Android testing (Android
JUnit and Espresso) to implement property-based randomized testing for Android
development. Driven by real, reported issues in open source Android apps, we
show, through case studies, how ChimpCheck enables expressing effective testing
patterns in a compact manner.Comment: 20 pages, 21 figures, Symposium on New ideas, New Paradigms, and
Reflections on Programming and Software (Onward!2017
ERP implementation for an administrative agency as a corporative frontend and an e-commerce smartphone app
This document contains all the descriptions, arguments and demonstrations of the researches, analysis, reasoning, designs and tasks performed to achieve the requirement to technologically evolve an managing agency in a way that, through a solution that requires a reduced investment, makes possible to arrange a business management tool with e-commerce and also a mobile application that allows access and consultation of mentioned tool. The first part of the document describes the scenario in order to contextualize the project and introduces ERP (Enterprise Resources Planning). In the second part, a deep research of ERP market products is carried out, identifying the strengths and weaknesses of each one of the products in order to finish with the choice of the most suitable product for the scenario proposed in the project. A third part of the document describes the installation process of the selected product carried out based on the use of Dockers, as well as the configurations and customizations that they make on the selected ERP. A description of the installation and configuration of additional modules is also made, necessary to achieve the agreed scope of the project. In a fourth part of the thesis, the process of creating an iOS and Android App that connects to the selected ERP database is described. The process begins with the design of the App. Once designed, it is explained the process of study and documentation of technologies to choose the technology stack that allows making an application robust and contemporary without use of licensing. After choosing the technologies to use there are explained the dependencies and needs to install runtime enviornments prior to the start of coding. Later, it describes how the code of the App has been raised and developed. The compilation and verification mechanisms are indicated in continuation. And finally, it is showed the result of the development of the App once distributed. Finally, a chapter for the conclusions analyzes the difficulties encountered during the project and the achievements, analyzing what has been learned during the development of this project
Android HIV: A Study of Repackaging Malware for Evading Machine-Learning Detection
Machine learning based solutions have been successfully employed for
automatic detection of malware in Android applications. However, machine
learning models are known to lack robustness against inputs crafted by an
adversary. So far, the adversarial examples can only deceive Android malware
detectors that rely on syntactic features, and the perturbations can only be
implemented by simply modifying Android manifest. While recent Android malware
detectors rely more on semantic features from Dalvik bytecode rather than
manifest, existing attacking/defending methods are no longer effective. In this
paper, we introduce a new highly-effective attack that generates adversarial
examples of Android malware and evades being detected by the current models. To
this end, we propose a method of applying optimal perturbations onto Android
APK using a substitute model. Based on the transferability concept, the
perturbations that successfully deceive the substitute model are likely to
deceive the original models as well. We develop an automated tool to generate
the adversarial examples without human intervention to apply the attacks. In
contrast to existing works, the adversarial examples crafted by our method can
also deceive recent machine learning based detectors that rely on semantic
features such as control-flow-graph. The perturbations can also be implemented
directly onto APK's Dalvik bytecode rather than Android manifest to evade from
recent detectors. We evaluated the proposed manipulation methods for
adversarial examples by using the same datasets that Drebin and MaMadroid (5879
malware samples) used. Our results show that, the malware detection rates
decreased from 96% to 1% in MaMaDroid, and from 97% to 1% in Drebin, with just
a small distortion generated by our adversarial examples manipulation method.Comment: 15 pages, 11 figure
- …