89,939 research outputs found
ACMiner: Extraction and Analysis of Authorization Checks in Android's Middleware
Billions of users rely on the security of the Android platform to protect
phones, tablets, and many different types of consumer electronics. While
Android's permission model is well studied, the enforcement of the protection
policy has received relatively little attention. Much of this enforcement is
spread across system services, taking the form of hard-coded checks within
their implementations. In this paper, we propose Authorization Check Miner
(ACMiner), a framework for evaluating the correctness of Android's access
control enforcement through consistency analysis of authorization checks.
ACMiner combines program and text analysis techniques to generate a rich set of
authorization checks, mines the corresponding protection policy for each
service entry point, and uses association rule mining at a service granularity
to identify inconsistencies that may correspond to vulnerabilities. We used
ACMiner to study the AOSP version of Android 7.1.1 to identify 28
vulnerabilities relating to missing authorization checks. In doing so, we
demonstrate ACMiner's ability to help domain experts process thousands of
authorization checks scattered across millions of lines of code
Analytical solutions for the flow of Carreau and Cross fluids in circular pipes and thin slits
In this paper, analytical expressions correlating the volumetric flow rate to
the pressure drop are derived for the flow of Carreau and Cross fluids through
straight rigid circular uniform pipes and long thin slits. The derivation is
based on the application of Weissenberg-Rabinowitsch-Mooney-Schofield method to
obtain flow solutions for generalized Newtonian fluids through pipes and our
adaptation of this method to the flow through slits. The derived expressions
are validated by comparing their solutions to the solutions obtained from
direct numerical integration. They are also validated by comparison to the
solutions obtained from the variational method which we proposed previously. In
all the investigated cases, the three methods agree very well. The agreement
with the variational method also lends more support to this method and to the
variational principle which the method is based upon.Comment: 27 pages, 6 figure
Recommended from our members
Integrating explanation-based and empirical learning methods in OCCAM
This paper discusses an approach to integrating empirical and explanation based learning techniques. The paper focuses on OCCAM, a program that has the capability to acquire via empirical means the knowledge needed for analytical learning. Two examples of this capability are discussed:The ability to use empirical techniques to acquire a domain theory for explanation based learning.The ability to use empirical learning techniques to find common patterns for causal relationships. These patterns encode a theory of causality (i.e., a set of general principles for recognizing causal relationships). Once acquired, a theory of causality can facilitate later learning by focusing on hypotheses which are consistent with the theory
- …