Aplikasi Panic Buton Untuk Keamanan Warga Berbasis Android

Citizens highly expect environmental security, but criminality is inevitable. The level of crime in the community brings unrest and discomfort, so a security system is needed that is connected with the officers concerned. This study aims to build a security system application connected to environmental security officers. This system can help the public provide reports quickly through the panic button application embedded in Android. System development using the spiral model method. A spiral model is an evolutionary software process model assembling the interactive nature of the prototype using control and systematic aspects of a linear sequential model. Meanwhile, the system design stage uses the Unified Modeling Language (UML). The application is in Android Studio for the design stage, a unique Integrated Development Environment (IDE) that runs on the Android platform. The panic button application is a security system designed to assist the public in providing reports and make it easier for security officers to follow up on the messages given. Accelerate the follow-up process of crimes because it is based on Android.Citizens highly expect environmental security, but criminality is inevitable. The level of crime in the community brings unrest and discomfort, so a security system is needed that is connected with the officers concerned. This study aims to build a security system application connected to environmental security officers. This system can help the public provide reports quickly through the panic button application embedded in Android. System development using the spiral model method. A spiral model is an evolutionary software process model assembling the interactive nature of the prototype using control and systematic aspects of a linear sequential model. Meanwhile, the system design stage uses the Unified Modeling Language (UML). The application is in Android Studio for the design stage, a unique Integrated Development Environment (IDE) that runs on the Android platform. The panic button application is a security system designed to assist the public in providing reports and make it easier for security officers to follow up on the messages given. Accelerate the follow-up process of crimes because it is based on Android

R2-D2: ColoR-inspired Convolutional NeuRal Network (CNN)-based AndroiD Malware Detections

The influence of Deep Learning on image identification and natural language processing has attracted enormous attention globally. The convolution neural network that can learn without prior extraction of features fits well in response to the rapid iteration of Android malware. The traditional solution for detecting Android malware requires continuous learning through pre-extracted features to maintain high performance of identifying the malware. In order to reduce the manpower of feature engineering prior to the condition of not to extract pre-selected features, we have developed a coloR-inspired convolutional neuRal networks (CNN)-based AndroiD malware Detection (R2-D2) system. The system can convert the bytecode of classes.dex from Android archive file to rgb color code and store it as a color image with fixed size. The color image is input to the convolutional neural network for automatic feature extraction and training. The data was collected from Jan. 2017 to Aug 2017. During the period of time, we have collected approximately 2 million of benign and malicious Android apps for our experiments with the help from our research partner Leopard Mobile Inc. Our experiment results demonstrate that the proposed system has accurate security analysis on contracts. Furthermore, we keep our research results and experiment materials on http://R2D2.TWMAN.ORG.Comment: Verison 2018/11/15, IEEE BigData 2018, Seattle, WA, USA, Dec 10-13, 2018. (Accepted

AppGuard — fine-grained policy enforcement for untrusted android applications

Android’s success makes it a prominent target for malicious software. However, the user has very limited control over security-relevant operations. This work presents AppGuard, a powerful and flexible security system that overcomes these deficiencies. It enforces user-defined security policies on untrusted Android applications without requiring any changes to a smartphone’s firmware, root access, or the like. Finegrained and stateful security policies are expressed in a formal specification language, which also supports secrecy requirements. Our system offers complete mediation of security-relevant methods based on calleesite inline reference monitoring and supports widespread deployment. In the experimental analysis we demonstrate the removal of permissions for overly curious apps as well as how to defend against several recent real-world attacks on Android phones. Our technique exhibits very little space and runtime overhead. The utility of AppGuard has already been demonstrated by more than 1,000,000 downloads

Implementasi Aplikasi Kriptografi pada Layanan Pesan Singkat (SMS) Menggunakan Algoritma RC6 Berbasis Android

Security is a very important aspect in data communication. In the last decade, there was a rapid development in mobile phone technology. Smartphone have been equipped with various features and one of them is the short message service (SMS). However, messages sent via mobile phone networks pose threat to be accessed by people who do not have any authorization. Therefore, it is necessary to do research on the development of software to enhance the security of messages through message encryption and decryption features. This application uses Java programming language with SDK (Software Development Kit) Android and Android Studio 1.3.1 as an editor. The initial step of this research is to encrypt the original message to produce the ciphertext message. The second step is to decrypt ciphertext incoming messages to become genuine message. Results from this research are an Android-based application that can perform encryption and decryption of the SMS messages using the RC6 algorithm. With the application of cryptography for SMS messages, the expected level of information security of the message can be improved so that the message will be more secure from unauthorized access

The Transitivity of Trust Problem in the Interaction of Android Applications

Mobile phones have developed into complex platforms with large numbers of installed applications and a wide range of sensitive data. Application security policies limit the permissions of each installed application. As applications may interact, restricting single applications may create a false sense of security for the end users while data may still leave the mobile phone through other applications. Instead, the information flow needs to be policed for the composite system of applications in a transparent and usable manner. In this paper, we propose to employ static analysis based on the software architecture and focused data flow analysis to scalably detect information flows between components. Specifically, we aim to reveal transitivity of trust problems in multi-component mobile platforms. We demonstrate the feasibility of our approach with Android applications, although the generalization of the analysis to similar composition-based architectures, such as Service-oriented Architecture, can also be explored in the future

AndroShield:automated Android applications vulnerability detection, a hybrid static and dynamic analysis approach

The security of mobile applications has become a major research field which is associated with a lot of challenges. The high rate of developing mobile applications has resulted in less secure applications. This is due to what is called the “rush to release” as defined by Ponemon Institute. Security testing—which is considered one of the main phases of the development life cycle—is either not performed or given minimal time; hence, there is a need for security testing automation. One of the techniques used is Automated Vulnerability Detection. Vulnerability detection is one of the security tests that aims at pinpointing potential security leaks. Fixing those leaks results in protecting smart-phones and tablet mobile device users against attacks. This paper focuses on building a hybrid approach of static and dynamic analysis for detecting the vulnerabilities of Android applications. This approach is capsuled in a usable platform (web application) to make it easy to use for both public users and professional developers. Static analysis, on one hand, performs code analysis. It does not require running the application to detect vulnerabilities. Dynamic analysis, on the other hand, detects the vulnerabilities that are dependent on the run-time behaviour of the application and cannot be detected using static analysis. The model is evaluated against different applications with different security vulnerabilities. Compared with other detection platforms, our model detects information leaks as well as insecure network requests alongside other commonly detected flaws that harm users’ privacy. The code is available through a GitHub repository for public contribution

Overcoming Language Dichotomies: Toward Effective Program Comprehension for Mobile App Development

Mobile devices and platforms have become an established target for modern software developers due to performant hardware and a large and growing user base numbering in the billions. Despite their popularity, the software development process for mobile apps comes with a set of unique, domain-specific challenges rooted in program comprehension. Many of these challenges stem from developer difficulties in reasoning about different representations of a program, a phenomenon we define as a "language dichotomy". In this paper, we reflect upon the various language dichotomies that contribute to open problems in program comprehension and development for mobile apps. Furthermore, to help guide the research community towards effective solutions for these problems, we provide a roadmap of directions for future work.Comment: Invited Keynote Paper for the 26th IEEE/ACM International Conference on Program Comprehension (ICPC'18