An Empirical Study on Android-related Vulnerabilities

Mobile devices are used more and more in everyday life. They are our cameras, wallets, and keys. Basically, they embed most of our private information in our pocket. For this and other reasons, mobile devices, and in particular the software that runs on them, are considered first-class citizens in the software-vulnerabilities landscape. Several studies investigated the software-vulnerabilities phenomenon in the context of mobile apps and, more in general, mobile devices. Most of these studies focused on vulnerabilities that could affect mobile apps, while just few investigated vulnerabilities affecting the underlying platform on which mobile apps run: the Operating System (OS). Also, these studies have been run on a very limited set of vulnerabilities. In this paper we present the largest study at date investigating Android-related vulnerabilities, with a specific focus on the ones affecting the Android OS. In particular, we (i) define a detailed taxonomy of the types of Android-related vulnerability; (ii) investigate the layers and subsystems from the Android OS affected by vulnerabilities; and (iii) study the survivability of vulnerabilities (i.e., the number of days between the vulnerability introduction and its fixing). Our findings could help OS and apps developers in focusing their verification & validation activities, and researchers in building vulnerability detection tools tailored for the mobile world

Supporting Evolution and Maintenance of android Apps

Mobile developers and testers face a number of emerging challenges. These include rapid platform evolution and API instability; issues in bug reporting and reproduction involving complex multitouch gestures; platform fragmentation; the impact of reviews and ratings on the success of their apps; management of crowd-sourced requirements; continuous pressure from the market for frequent releases; lack of effective and usable testing tools; and limited computational resources for handheld devices. Traditional and contemporary methods in software evolution and maintenance were not designed for these types of challenges; therefore, a set of studies and a new toolbox of techniques for mobile development are required to analyze current challenges and propose new solutions. This dissertation presents a set of empirical studies, as well as solutions for some of the key challenges when evolving and maintaining android apps. In particular, we analyzed key challenges experienced by practitioners and open issues in the mobile development community such as (i) android API instability, (ii) performance optimizations, (iii) automatic GUI testing, and (iv) energy consumption. When carrying out the studies, we relied on qualitative and quantitative analyses to understand the phenomena on a large scale by considering evidence extracted from software repositories and the opinions of open-source mobile developers. From the empirical studies, we identified that dynamic analysis is a relevant method for several evolution and maintenance tasks, in particular, because of the need of practitioners to execute/validate the apps on a diverse set of platforms (i.e., device and OS) and under pressure for continuous delivery. Therefore, we designed and implemented an extensible infrastructure that enables large-scale automatic execution of android apps to support different evolution and maintenance tasks (e.g., testing and energy optimization). In addition to the infrastructure we present a taxonomy of issues, single solutions to the issues, and guidelines to enable large execution of android apps. Finally, we devised novel approaches aimed at supporting testing and energy optimization of mobile apps (two key challenges in evolution and maintenance of android apps). First, we propose a novel hybrid approach for automatic GUI-based testing of apps that is able to generate (un)natural test sequences by mining real applications usages and learning statistical models that represent the GUI interactions. In addition, we propose a multi-objective approach for optimizing the energy consumption of GUIs in android apps that is able to generate visually appealing color compositions, while reducing the energy consumption and keeping a design concept close to the original

Physicians\u27 Assistants: Can They Augment the Navy Medical Service?

The adequacy of health care by naval medical facilities is being seriously threatened by a chronic shortage of doctors—a situation that is projected to further deteriorate in the civilian as well as the Navy community

Influencia de la calidad del heno suplementario y la localización de la pastura sobre el rendimiento de bovinos de carne a pastoreo sobre avena

Heifers grazing oat pasture (OP) at two locations in Argentina, Argerich (ARG) and Pasman (PAS), were subjected to one of three different dietary supplement treatments: (1) control (CON, no supplement), (2) sorghum hay (SH), or (3) alfalfa-grass hay (AGH), all provided ad libitum in individual pens. The variables measured were: dry matter (DM) yield and composition of OP, hay intake, average daily weight gain (ADG), rumen pH and NH3-N, and blood mineral levels. DM availability did not limit OP intake. OP crude protein (CP) content ranged from 11.3 to 13% at ARG, and 10.7 to 13.3% at PAS. OP-minerals varied with location; the mean K/(Ca + Mg) ratios were 5.68 meq (ARG) and 4.82 meq (PAS). Heifers ate more AGH (785 g) than SH (684 g; P = 0.08). Hay consumption was 2.88 times greater at PAS than at ARG (P < 0.05). ADG was larger with SH (558 g) and AGH 594 g than with CON treatment (454 g); the average for ARG animals was 571 g compared to 500 g for PAS animals (P <0.05). Rumen pH was lower at 14:30 h (pH 6.7) than at 10:00 h (pH 7.5; P < 0.05). NH3-N values were higher at 14:30 h (19.59 mg dl-1) than at 10:00 h (4.69 mg dl-1; P < 0.05). Plasma Ca (15.50 mg dl–1) and Mg (2.84 mg dl–1) levels were higher in PAS cattle (P < 0.05). Animal performance improved with hay supplementation, but location affected response intensity.Se realizaron tres tratamientos con novillas pastoreando verdeos de avena (VA) en dos localidades de Argentina, Argerich (ARG) y Pasman (PAS): (1) Control (CON, sin suplemento), (2) heno de sorgo (HS), y (3) heno de alfalfa y gramíneas (HAG), suplementados ad libitum en corrales individuales. Evaluamos rendimiento de materia seca (MS) y composición en VA; y en los animales consumo del heno, ganancia diaria de peso (GDP), pH y N-NH3 en rumen, y minerales en sangre. La disponibilidad de MS no limitó el consumo de VA; su proteína bruta (PB) osciló entre 11,3 y 13% (ARG), 10,7 y 13.3% (PAS). Los minerales en VA variaron entre localidades, la relación K/(Ca + Mg) promedió 5,68 meq (ARG) y 4,82 meq (PAS). Las novillas consumieron diariamente más HAG (785 g) que HS (684 g; P = 0.08), y 2,88 veces más heno en PAS que en ARG (P < 0,05). En GDP, HS (558 g) y HAG (594 g) superaron al CON (454 g), y la media de ARG (571 g) a PAS (500 g; P < 0,05). En el rumen el pH decreció a las 14:30 h (6,7) vs. 10:00 h (7,5; P < 0,05), y el N-NH3 (mg dl-1) aumentó a las 14:30 h (19,59) vs. 10:00 h (4,69; P < 0,05). Ca (15.50 mg dl–1) y Mg (2.84 mg dl–1) en plasma fue mayor en PAS (P < 0,05). El rendimiento animal mejoró con la suplementación, pero la magnitud de respuesta estuvo afectada por la localidad.Fil: Arelovich, Hugo Mario. Provincia de Buenos Aires. Gobernación. Comisión de Investigaciones Científicas; Argentina. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Bahía Blanca. Centro de Recursos Naturales Renovables de la Zona Semiárida. Universidad Nacional del Sur. Centro de Recursos Naturales Renovables de la Zona Semiárida; ArgentinaFil: Laborde, Hugo Eduardo. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Bahía Blanca. Centro de Recursos Naturales Renovables de la Zona Semiárida. Universidad Nacional del Sur. Centro de Recursos Naturales Renovables de la Zona Semiárida; ArgentinaFil: Arzadún, M. J.. Provincia de Buenos Aires. Ministerio de la Producción. Chacra Experimental Coronel Suarez; ArgentinaFil: Vasquez, Maria Gabriela. Universidad Nacional del Sur. Departamento de Agronomía; Argentina. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Bahía Blanca. Centro de Recursos Naturales Renovables de la Zona Semiárida. Universidad Nacional del Sur. Centro de Recursos Naturales Renovables de la Zona Semiárida; Argentin

Continuous, Evolutionary and Large-Scale: A New Perspective for Automated Mobile App Testing

Mobile app development involves a unique set of challenges including device fragmentation and rapidly evolving platforms, making testing a difficult task. The design space for a comprehensive mobile testing strategy includes features, inputs, potential contextual app states, and large combinations of devices and underlying platforms. Therefore, automated testing is an essential activity of the development process. However, current state of the art of automated testing tools for mobile apps poses limitations that has driven a preference for manual testing in practice. As of today, there is no comprehensive automated solution for mobile testing that overcomes fundamental issues such as automated oracles, history awareness in test cases, or automated evolution of test cases. In this perspective paper we survey the current state of the art in terms of the frameworks, tools, and services available to developers to aid in mobile testing, highlighting present shortcomings. Next, we provide commentary on current key challenges that restrict the possibility of a comprehensive, effective, and practical automated testing solution. Finally, we offer our vision of a comprehensive mobile app testing framework, complete with research agenda, that is succinctly summarized along three principles: Continuous, Evolutionary and Large-scale (CEL).Comment: 12 pages, accepted to the Proceedings of 33rd IEEE International Conference on Software Maintenance and Evolution (ICSME'17

Emisión de acciones como una estrategia de financiamiento para las empresas que operan en el mercado ecuatoriano caso: empresa agrotropical

Unos de los principales problemas que tienen las empresas que operan en el mercado ecuatoriano, es la dificultad de obtener recursos financieros del sector bancario; pues, el costo en que estas incurren para obtener capital por medio de la banca es muy alto; esto ocasiona un estancamiento en el emprendimiento de nuevos proyectos, los mismos que ayudarían a fortalecer el aparato productivo del país. Esto se debe en gran parte a la falta de conocimiento de las diversas formas de financiamiento que existen en el país. El mercado de valores es un medio de captar capitales, interviniendo en este mercado se puede obtener varios beneficios como costos de captación menores a otras maneras de financiarse. Este fue el caso de la empresa a estudio Agrotropical, una compañía que se dedica al cultivo de cacao y teca, que pensado en expandir sus tierras necesitaba financiarse de la manera más eficiente. Luego de los análisis realizados en diferentes escenarios, se comprobó que la forma óptima de obtener recursos financieros es por medio de emitir acciones por medio del mercado de valores

FUSION: A Tool for Facilitating and Augmenting Android Bug Reporting

As the popularity of mobile smart devices continues to climb the complexity of apps continues to increase, making the development and maintenance process challenging. Current bug tracking systems lack key features to effectively support construction of reports with actionable information that directly lead to a bug\u27s resolution. In this demo we present the implementation of a novel bug reporting system, called FUSION, that facilitates users including reproduction steps in bug reports for mobile apps. FUSION links user-provided information to program artifacts extracted through static and dynamic analysis performed before testing or release. Results of preliminary studies demonstrate that FUSION both effectively facilitates reporting and allows for more reliable reproduction of bugs from reports compared to traditional issue tracking systems by presenting more detailed contextual app information. Tool website: www.fusion-android.com Video url: https://youtu.be/AND9h0E1xR

Aspectos socio jurídicos de gestión victimológica. Estudio de una unidad de asistencia a víctimas en el Distrito fiscal de Arequipa - 2018

Social management in the victimological field is relatively recent and part of the reconfiguration of the victim's position as a central actor in the social recovery of the offense of the crime and in the functioning of the judicial apparatus that finds in it the leitmotif or ultimate reason for to be. In this process, different strategies have been designed and implemented aimed at recovering the victim and reintegrating her into the social order from which the crime tried to outlaw her. Thus, the victimological social management emerges that tries to help those who were aggrieved by the crime to be re-linked with social classes such as education, health, housing, economy, work, among others, in a context concomitant to the search for justice as full recognition of the criminal act, its impact and the corrective actions that the state is called upon to take to prevent its recurrence and thus contribute to the social peace of the population. In this research work, the social management and the socio-legal elements inserted in it are described and surveyed, as a set of functional strategies from offices and support and support programs for the victims and as an initiative of the State itself found in the Unit Victims and Witnesses Assistance a body that, in addition to contributing to the well-being of the aggrieved, ensures that they assume an active role in the tax investigation and judicial proceedings, helping with the justice syste

How do Developers Test Android Applications?

Enabling fully automated testing of mobile applications has recently become an important topic of study for both researchers and practitioners. A plethora of tools and approaches have been proposed to aid mobile developers both by augmenting manual testing practices and by automating various parts of the testing process. However, current approaches for automated testing fall short in convincing developers about their benefits, leading to a majority of mobile testing being performed manually. With the goal of helping researchers and practitioners - who design approaches supporting mobile testing - to understand developer's needs, we analyzed survey responses from 102 open source contributors to Android projects about their practices when performing testing. The survey focused on questions regarding practices and preferences of developers/testers in-the-wild for (i) designing and generating test cases, (ii) automated testing practices, and (iii) perceptions of quality metrics such as code coverage for determining test quality. Analyzing the information gleaned from this survey, we compile a body of knowledge to help guide researchers and professionals toward tailoring new automated testing approaches to the need of a diverse set of open source developers.Comment: 11 pages, accepted to the Proceedings of the 33rd IEEE International Conference on Software Maintenance and Evolution (ICSME'17