28,085 research outputs found
StoryDroid: Automated Generation of Storyboard for Android Apps
Mobile apps are now ubiquitous. Before developing a new app, the development
team usually endeavors painstaking efforts to review many existing apps with
similar purposes. The review process is crucial in the sense that it reduces
market risks and provides inspiration for app development. However, manual
exploration of hundreds of existing apps by different roles (e.g., product
manager, UI/UX designer, developer) in a development team can be ineffective.
For example, it is difficult to completely explore all the functionalities of
the app in a short period of time. Inspired by the conception of storyboard in
movie production, we propose a system, StoryDroid, to automatically generate
the storyboard for Android apps, and assist different roles to review apps
efficiently. Specifically, StoryDroid extracts the activity transition graph
and leverages static analysis techniques to render UI pages to visualize the
storyboard with the rendered pages. The mapping relations between UI pages and
the corresponding implementation code (e.g., layout code, activity code, and
method hierarchy) are also provided to users. Our comprehensive experiments
unveil that StoryDroid is effective and indeed useful to assist app
development. The outputs of StoryDroid enable several potential applications,
such as the recommendation of UI design and layout code
Eight years of rider measurement in the Android malware ecosystem: evolution and lessons learned
Despite the growing threat posed by Android malware,
the research community is still lacking a comprehensive
view of common behaviors and trends exposed by malware families
active on the platform. Without such view, the researchers
incur the risk of developing systems that only detect outdated
threats, missing the most recent ones. In this paper, we conduct
the largest measurement of Android malware behavior to date,
analyzing over 1.2 million malware samples that belong to 1.2K
families over a period of eight years (from 2010 to 2017). We
aim at understanding how the behavior of Android malware
has evolved over time, focusing on repackaging malware. In
this type of threats different innocuous apps are piggybacked
with a malicious payload (rider), allowing inexpensive malware
manufacturing.
One of the main challenges posed when studying repackaged
malware is slicing the app to split benign components apart from
the malicious ones. To address this problem, we use differential
analysis to isolate software components that are irrelevant to the
campaign and study the behavior of malicious riders alone. Our
analysis framework relies on collective repositories and recent
advances on the systematization of intelligence extracted from
multiple anti-virus vendors. We find that since its infancy in
2010, the Android malware ecosystem has changed significantly,
both in the type of malicious activity performed by the malicious
samples and in the level of obfuscation used by malware to avoid
detection. We then show that our framework can aid analysts
who attempt to study unknown malware families. Finally, we
discuss what our findings mean for Android malware detection
research, highlighting areas that need further attention by the
research community.Accepted manuscrip
Kevoree Modeling Framework (KMF): Efficient modeling techniques for runtime use
The creation of Domain Specific Languages(DSL) counts as one of the main
goals in the field of Model-Driven Software Engineering (MDSE). The main
purpose of these DSLs is to facilitate the manipulation of domain specific
concepts, by providing developers with specific tools for their domain of
expertise. A natural approach to create DSLs is to reuse existing modeling
standards and tools. In this area, the Eclipse Modeling Framework (EMF) has
rapidly become the defacto standard in the MDSE for building Domain Specific
Languages (DSL) and tools based on generative techniques. However, the use of
EMF generated tools in domains like Internet of Things (IoT), Cloud Computing
or Models@Runtime reaches several limitations. In this paper, we identify
several properties the generated tools must comply with to be usable in other
domains than desktop-based software systems. We then challenge EMF on these
properties and describe our approach to overcome the limitations. Our approach,
implemented in the Kevoree Modeling Framework (KMF), is finally evaluated
according to the identified properties and compared to EMF.Comment: ISBN 978-2-87971-131-7; N° TR-SnT-2014-11 (2014
- …