34,281 research outputs found
Surveying human habit modeling and mining techniques in smart spaces
A smart space is an environment, mainly equipped with Internet-of-Things (IoT) technologies, able to provide services to humans, helping them to perform daily tasks by monitoring the space and autonomously executing actions, giving suggestions and sending alarms. Approaches suggested in the literature may differ in terms of required facilities, possible applications, amount of human intervention required, ability to support multiple users at the same time adapting to changing needs. In this paper, we propose a Systematic Literature Review (SLR) that classifies most influential approaches in the area of smart spaces according to a set of dimensions identified by answering a set of research questions. These dimensions allow to choose a specific method or approach according to available sensors, amount of labeled data, need for visual analysis, requirements in terms of enactment and decision-making on the environment. Additionally, the paper identifies a set of challenges to be addressed by future research in the field
ACMiner: Extraction and Analysis of Authorization Checks in Android's Middleware
Billions of users rely on the security of the Android platform to protect
phones, tablets, and many different types of consumer electronics. While
Android's permission model is well studied, the enforcement of the protection
policy has received relatively little attention. Much of this enforcement is
spread across system services, taking the form of hard-coded checks within
their implementations. In this paper, we propose Authorization Check Miner
(ACMiner), a framework for evaluating the correctness of Android's access
control enforcement through consistency analysis of authorization checks.
ACMiner combines program and text analysis techniques to generate a rich set of
authorization checks, mines the corresponding protection policy for each
service entry point, and uses association rule mining at a service granularity
to identify inconsistencies that may correspond to vulnerabilities. We used
ACMiner to study the AOSP version of Android 7.1.1 to identify 28
vulnerabilities relating to missing authorization checks. In doing so, we
demonstrate ACMiner's ability to help domain experts process thousands of
authorization checks scattered across millions of lines of code
- …