Hardware and software fingerprinting of mobile devices

This dissertation presents novel and practical algorithms to identify the software and hardware components on mobile devices. In particular, we make significant contributions in two challenging areas: library fingerprinting, to identify third-party software libraries, and device fingerprinting, to identify individual hardware components. Our work has significant implications for the privacy and security of mobile platforms. Software-based library fingerprinting can be used to detect vulnerable libraries and uncover large-scale data collection activities. We develop a novel Android library finger-printing tool, LibID, to reliably identify specific versions of in-app third-party libraries. LibID is more effective against code obfuscation than prior art. When comparing LibID with other tools in identifying the correct library version using obfuscated F-Droid apps, LibID achieves an F1 score of more than 0.5 in all cases while prior work is below 0.25. We also demonstrate the utility of LibID by detecting the use of a vulnerable version of the OkHttp library in nearly 10% of the 3 958 popular apps on the Google Play Store. Hardware-based device fingerprinting allows apps and websites to invade user privacy by tracking user activity online as the user moves between apps or websites. In particular, we present a new type of device fingerprinting attack, the factory calibration fingerprinting attack, that recovers embedded per-device factory calibration data from motion sensors in a smartphone. We investigate the calibration behaviour of each sensor and show that the calibration fingerprint is fast to generate, does not change over time or after a factory reset, and can be obtained without any special user permissions. We estimate the entropy of the calibration fingerprint and find the fingerprint is very likely to be globally unique for iOS devices (~67 bits of entropy for iPhone 6S) and recent Google Pixel devices (~57 bits of entropy for Pixel 4/4 XL). By comparison, the fingerprint generated by previous work has at most 13 bits of entropy. Following our disclosures, Apple deployed a fix in iOS 12.2 and Google in Android 11. Both code obfuscation and factory calibration help to hide software and hardware idiosyncrasies from third-parties, but this dissertation demonstrates that reliable software and hardware fingerprints can still be generated given sufficient knowledge and a suitable approach. Our work has significant practical implications and can be used to improve platform security and protect user privacy.China Scholarship Council The Boeing Company Microsoft Researc

Sources of variation in false discovery rate estimation include sample size, correlation, and inherent differences between groups

BACKGROUND: High-throughtput technologies enable the testing of tens of thousands of measurements simultaneously. Identification of genes that are differentially expressed or associated with clinical outcomes invokes the multiple testing problem. False Discovery Rate (FDR) control is a statistical method used to correct for multiple comparisons for independent or weakly dependent test statistics. Although FDR control is frequently applied to microarray data analysis, gene expression is usually correlated, which might lead to inaccurate estimates. In this paper, we evaluate the accuracy of FDR estimation. METHODS: Using two real data sets, we resampled subgroups of patients and recalculated statistics of interest to illustrate the imprecision of FDR estimation. Next, we generated many simulated data sets with block correlation structures and realistic noise parameters, using the Ultimate Microarray Prediction, Inference, and Reality Engine (UMPIRE) R package. We estimated FDR using a beta-uniform mixture (BUM) model, and examined the variation in FDR estimation. RESULTS: The three major sources of variation in FDR estimation are the sample size, correlations among genes, and the true proportion of differentially expressed genes (DEGs). The sample size and proportion of DEGs affect both magnitude and precision of FDR estimation, while the correlation structure mainly affects the variation of the estimated parameters. CONCLUSIONS: We have decomposed various factors that affect FDR estimation, and illustrated the direction and extent of the impact. We found that the proportion of DEGs has a significant impact on FDR; this factor might have been overlooked in previous studies and deserves more thought when controlling FDR

Formalizing and verifying software architectures

Master'sMASTER OF SCIENC

Optimization of traffic safety facilities in highway tunnels based on driver’s visual perception

This paper delves into the optimization of traffic safety facilities within highway tunnels by leveraging the inherent visual perception characteristics of drivers. Grounded in the context of Zhejiang Province’s highway construction, the study draws from practical insights provided by highway tunnel projects within the region. Through a meticulous blend of on-site investigations and empirical experimentation, the research assesses the effectiveness of existing safety installations in highway tunnels. The analysis extends to the exploration of optimizing the design and placement of traffic safety facilities, informed by the distinct visual perception tendencies exhibited by drivers. By amalgamating the insights derived from driver perception and real-world highway tunnel dynamics, the paper proposes a refined and contextually attuned approach to enhancing traffic safety measures. This study not only contributes to the field of transportation engineering but also holds the potential to significantly enhance the overall safety of highway tunnel environments

Formalizing and verifying stochastic system architectures using Monterey Phoenix

The analysis of software architecture plays an important role in understanding the system structures and facilitate proper implementation of user requirements. Despite its importance in the software engineering practice, the lack of formal description and verification support in this domain hinders the development of quality architectural models. To tackle this problem, in this work, we develop an approach for modeling and verifying software architectures specified using Monterey Phoenix (MP) architecture description language. MP is capable of modeling system and environment behaviors based on event traces, as well as supporting different architecture composition operations and views. First, we formalize the syntax and operational semantics for MP; therefore, formal verification of MP models is feasible. Second, we extend MP to support shared variables and stochastic characteristics, which not only increases the expressiveness of MP, but also widens the properties MP can check, such as quantitative requirements. Third, a dedicated model checker for MP has been implemented, so that automatic verification of MP models is supported. Finally, several experiments are conducted to evaluate the applicability and efficiency of our approachNo Full Tex

Drug development progress in duchenne muscular dystrophy

Duchenne muscular dystrophy (DMD) is a severe, progressive, and incurable X-linked disorder caused by mutations in the dystrophin gene. Patients with DMD have an absence of functional dystrophin protein, which results in chronic damage of muscle fibers during contraction, thus leading to deterioration of muscle quality and loss of muscle mass over time. Although there is currently no cure for DMD, improvements in treatment care and management could delay disease progression and improve quality of life, thereby prolonging life expectancy for these patients. Furthermore, active research efforts are ongoing to develop therapeutic strategies that target dystrophin deficiency, such as gene replacement therapies, exon skipping, and readthrough therapy, as well as strategies that target secondary pathology of DMD, such as novel anti-inflammatory compounds, myostatin inhibitors, and cardioprotective compounds. Furthermore, longitudinal modeling approaches have been used to characterize the progression of MRI and functional endpoints for predictive purposes to inform Go/No Go decisions in drug development. This review showcases approved drugs or drug candidates along their development paths and also provides information on primary endpoints and enrollment size of Ph2/3 and Ph3 trials in the DMD space

Mechanism, prevention and treatment of cognitive impairment caused by high altitude exposure

Hypobaric hypoxia (HH) characteristics induce impaired cognitive function, reduced concentration, and memory. In recent years, an increasing number of people have migrated to high-altitude areas for work and study. Headache, sleep disturbance, and cognitive impairment from HH, severely challenges the physical and mental health and affects their quality of life and work efficiency. This review summarizes the manifestations, mechanisms, and preventive and therapeutic methods of HH environment affecting cognitive function and provides theoretical references for exploring and treating high altitude-induced cognitive impairment