211 research outputs found

    Digital Platform Strategy - A Systematic Critical Review

    Get PDF
    While the transformative effect of digital platforms is broadly recognized, digital platform-related research evolved in largely disconnected streams focusing on technical platform architecture, network effects, and specific tactical decisions, without offering a holistic view of digital platform strategy. With the goal of advancing digital platform strategy research, we conduct a systematic critical review of research published in the leading Information Systems journals through a pragmatic business strategy lens that argues that markets, partnerships, differentiators, staging, and profit logic form the core elements of a holistic business strategy. We outline the core insights in extant research and we identify a number of promising opportunities for expanding the scope of digital platform strategy research in Information Systems

    Analyzing the Unanalyzable: an Application to Android Apps

    Get PDF
    In general, software is unreliable. Its behavior can deviate from users’ expectations because of bugs, vulnerabilities, or even malicious code. Manually vetting software is a challenging, tedious, and highly-costly task that does not scale. To alleviate excessive costs and analysts’ burdens, automated static analysis techniques have been proposed by both the research and practitioner communities making static analysis a central topic in software engineering. In the meantime, mobile apps have considerably grown in importance. Today, most humans carry software in their pockets, with the Android operating system leading the market. Millions of apps have been proposed to the public so far, targeting a wide range of activities such as games, health, banking, GPS, etc. Hence, Android apps collect and manipulate a considerable amount of sensitive information, which puts users’ security and privacy at risk. Consequently, it is paramount to ensure that apps distributed through public channels (e.g., the Google Play) are free from malicious code. Hence, the research and practitioner communities have put much effort into devising new automated techniques to vet Android apps against malicious activities over the last decade. Analyzing Android apps is, however, challenging. On the one hand, the Android framework proposes constructs that can be used to evade dynamic analysis by triggering the malicious code only under certain circumstances, e.g., if the device is not an emulator and is currently connected to power. Hence, dynamic analyses can -easily- be fooled by malicious developers by making some code fragments difficult to reach. On the other hand, static analyses are challenged by Android-specific constructs that limit the coverage of off-the-shell static analyzers. The research community has already addressed some of these constructs, including inter-component communication or lifecycle methods. However, other constructs, such as implicit calls (i.e., when the Android framework asynchronously triggers a method in the app code), make some app code fragments unreachable to the static analyzers, while these fragments are executed when the app is run. Altogether, many apps’ code parts are unanalyzable: they are either not reachable by dynamic analyses or not covered by static analyzers. In this manuscript, we describe our contributions to the research effort from two angles: ① statically detecting malicious code that is difficult to access to dynamic analyzers because they are triggered under specific circumstances; and ② statically analyzing code not accessible to existing static analyzers to improve the comprehensiveness of app analyses. More precisely, in Part I, we first present a replication study of a state-of-the-art static logic bomb detector to better show its limitations. We then introduce a novel hybrid approach for detecting suspicious hidden sensitive operations towards triaging logic bombs. We finally detail the construction of a dataset of Android apps automatically infected with logic bombs. In Part II, we present our work to improve the comprehensiveness of Android apps’ static analysis. More specifically, we first show how we contributed to account for atypical inter-component communication in Android apps. Then, we present a novel approach to unify both the bytecode and native in Android apps to account for the multi-language trend in app development. Finally, we present our work to resolve conditional implicit calls in Android apps to improve static and dynamic analyzers

    Manipulating, Lying, and Engineering the Future

    Get PDF
    Decision-making should reflect personal autonomy. Yet, it is not entirely an autonomous process. Influencing individuals’ decision-making is not new. It is and always has been the engine that drives markets, politics, and debates. However, in the digital marketplace of ideas the nature of influence is different in scale, scope, and depth. The asymmetry of information shapes a new model of surveillance capitalism. This model promises profits gained by behavioral information collected from consumers and personal targeting. The Internet of Things, Big Data and Artificial Intelligence open a new dimension for manipulation. In the age of Metaverse that would be mediated through virtual spaces and augmented reality manipulation is expected to get stronger. Such manipulation could be performed by either commercial corporations or governments, though this Article primarily focuses on the former, rather than the latter. Surveillance capitalism must depend on technology but also on marketing, as commercial entities push their goods and agendas unto their consumers. This new economic order presents benefits in the form of improved services, but it also has negative consequences: it treats individuals as instruments; it may infringe on individuals’ autonomy and future development; and it manipulates consumers to make commercial choices that could potentially harm their own welfare. Moreover, it may also hinder individuals’ free speech and erode some of the privileges enshrined in a democracy. What can be done to limit the negative consequences of hyper-manipulation in digital markets? Should the law impose limitations on digital influence? If so, how and when? This Article aims to answer these questions in the following manner: First, this Article demonstrates how companies influence decisions by collecting, analyzing, and manipulating information. Understanding the tools of the new economic order is the first step in developing legal policy that mitigates harm. Second, this Article analyzes the concept of manipulation. It explains how digital manipulation differs from traditional commercial influences in scope, scale, and depth. Since there are many forms of manipulation, an outright ban on manipulation is not possible, nor is it encouraged since it could undermine the very basis of free markets and even free speech. As a result, this Article proposes a limiting principle on entities identified in literature as “powerful commercial speakers,” focusing on regulating lies and misrepresentations of these entities. This Article outlines disclosure obligations of contextual elements of advertisements and imposes a duty of avoiding false information. In addition to administrative enforcement of commercial lies and misrepresentations, this Article advocates for a new remedy of compensation for autonomy infringement when a powerful speaker lies or disobeys mandated disclosure on products. Third, this Article proposes a complementary solution for long-term effects of manipulation. This solution does not focus on the manipulation itself, but rather offers limitations on data retention for commercial purposes. Such limitations can mitigate the depth of manipulation and may prevent commercial entities from shackling individuals to their past decisions. Fourth, this Article addresses possible objections to the proposed solutions, by demonstrating that they are not in conflict with the First Amendment, but rather promote freedom of expression

    "My Perfect PlatformWould Be Telepathy" - Reimagining the Design of Social Media with Autistic Adults

    Get PDF
    https://doi.org/10.1145/3544548.3580673https://doi.org/10.1145/3544548.3580673https://doi.org/10.1145/3544548.3580673https://doi.org/10.1145/3544548.3580673https://doi.org/10.1145/3544548.358067

    XMD: An Expansive Hardware-telemetry based Mobile Malware Detector to enhance Endpoint Detection

    Full text link
    Hardware-based Malware Detectors (HMDs) have shown promise in detecting malicious workloads. However, the current HMDs focus solely on the CPU core of a System-on-Chip (SoC) and, therefore, do not exploit the full potential of the hardware telemetry. In this paper, we propose XMD, an HMD that uses an expansive set of telemetry channels extracted from the different subsystems of SoC. XMD exploits the thread-level profiling power of the CPU-core telemetry, and the global profiling power of non-core telemetry channels, to achieve significantly better detection performance than currently used Hardware Performance Counter (HPC) based detectors. We leverage the concept of manifold hypothesis to analytically prove that adding non-core telemetry channels improves the separability of the benign and malware classes, resulting in performance gains. We train and evaluate XMD using hardware telemetries collected from 723 benign applications and 1033 malware samples on a commodity Android Operating System (OS)-based mobile device. XMD improves over currently used HPC-based detectors by 32.91% for the in-distribution test data. XMD achieves the best detection performance of 86.54% with a false positive rate of 2.9%, compared to the detection rate of 80%, offered by the best performing signature-based Anti-Virus(AV) on VirusTotal, on the same set of malware samples.Comment: Revised version based on peer review feedback. Manuscript to appear in IEEE Transactions on Information Forensics and Securit

    An Empirical Study of Malicious Code In PyPI Ecosystem

    Full text link
    PyPI provides a convenient and accessible package management platform to developers, enabling them to quickly implement specific functions and improve work efficiency. However, the rapid development of the PyPI ecosystem has led to a severe problem of malicious package propagation. Malicious developers disguise malicious packages as normal, posing a significant security risk to end-users. To this end, we conducted an empirical study to understand the characteristics and current state of the malicious code lifecycle in the PyPI ecosystem. We first built an automated data collection framework and collated a multi-source malicious code dataset containing 4,669 malicious package files. We preliminarily classified these malicious code into five categories based on malicious behaviour characteristics. Our research found that over 50% of malicious code exhibits multiple malicious behaviours, with information stealing and command execution being particularly prevalent. In addition, we observed several novel attack vectors and anti-detection techniques. Our analysis revealed that 74.81% of all malicious packages successfully entered end-user projects through source code installation, thereby increasing security risks. A real-world investigation showed that many reported malicious packages persist in PyPI mirror servers globally, with over 72% remaining for an extended period after being discovered. Finally, we sketched a portrait of the malicious code lifecycle in the PyPI ecosystem, effectively reflecting the characteristics of malicious code at different stages. We also present some suggested mitigations to improve the security of the Python open-source ecosystem.Comment: Accepted by the 38th IEEE/ACM International Conference on Automated Software Engineering (ASE2023

    Demystifying security and compatibility issues in Android Apps

    Full text link
    Never before has any OS been so popular as Android. Existing mobile phones are not simply devices for making phone calls and receiving SMS messages, but powerful communication and entertainment platforms for web surfing, social networking, etc. Even though the Android OS offers powerful communication and application execution capabilities, it is riddled with defects (e.g., security risks, and compatibility issues), new vulnerabilities come to light daily, and bugs cost the economy tens of billions of dollars annually. For example, malicious apps (e.g., back-doors, fraud apps, ransomware, spyware, etc.) are reported [Google, 2022] to exhibit malicious behaviours, including privacy stealing, unwanted programs installed, etc. To counteract these threats, many works have been proposed that rely on static analysis techniques to detect such issues. However, static techniques are not sufficient on their own to detect such defects precisely. This will likely yield false positive results as static analysis has to make some trade-offs when handling complicated cases (e.g., object-sensitive vs. object-insensitive). In addition, static analysis techniques will also likely suffer from soundness issues because some complicated features (e.g., reflection, obfuscation, and hardening) are difficult to be handled [Sun et al., 2021b, Samhi et al., 2022].Comment: Thesi
    • 

    corecore