Android applications : Data leaks via advertising libraries

Recent studies have determined that many Android applications in both official and non-official online markets expose details of the users' smartphones without user consent. In this paper, we explain why such applications leak, how they leak and where the data is leaked to. In order to achieve this, we combine static and dynamic analysis to examine Java classes and application behaviour for a set of popular, clean applications from the Finance and Games categories. We observed that all the applications in our data set which leaked information (10%) had third-party advertising libraries embedded in their respective Java packages.

Fisheries and cage culture of three reservoirs in west Java, Indonesia; a case study of ambitious development and resulting interactions

The interactions between cage culture and wild fishery activities in three Indonesian reservoirs, Saguling, Cirata and Jatiluhur, of the greater Ciratum watershed, West Java, were evaluated using historical data and interviews with cage culture operators. In all three reservoirs, cage culture of common carp, Cyprinus carpio L., and later of common carp and Nile tilapia, Oreochromis niloticus (L.), were encouraged as an alternative livelihood for persons displaced by the impoundment. Currently, a two-net culture system, locally known as 'lapis dua', in which in the inner cage (7 × 7 × 3 m) is used for common carp culture and the outer cage (7 × 7 × 5/7 m) is stocked with Nile tilapia, is practised. On average each cage is stocked with  approximately 100 kg fingerlings each of common carp and Nile tilapia. The numbers of cages and production of cultured fish has increased in the reservoirs, but total and per cage production began to decline from about 1995 in Saguling from 2200 kg cage−1 in 1989 to <500 kg cage−1 in 2002, and in Cirata from a peak of approximately 2300 kg cage−1 in 1995 to approximately 400 kg cage−1 in 2002. In Jatiluhur, which has a considerably lower cage density, total fish production and production per cage has increased since 2000, and currently is approximately 4000 kg cage−1, close to production in the early years of cage culture activities. The cage culture operations also resulted in substantial nutrient loading, estimated at 3.2, 15.2 and 3.1 t of nitrogen and 134, 636 and 128 kg of phosphorous per year in the maximum years of production for Saguling, Cirata and Jatiluhur reservoirs, respectively. In later years, when cage culture production was high, fish kills occurred in the cages, and in Jatiluhur reservoir coincided with a dramatic decline in wild fishery catches. An attempt is made to determine the maximum number of cages for each of the reservoirs that will bring long-term sustainability of cage culture operations and the wild fisheries in the three reservoirs.

Realizing the dream of R.A. Kartini : her sisters' letters from colonial Java

1. List of Illustrations -- 2. Notes on Text -- 3. Introduction -- 4. ONE Letters from Rockmini -- 5. TWO Letters from Kardinah -- 6. THREE Letters from Kardinah --7. FOUR Letters from Soematri -- 8. Appendix Documents Relating to the Establishment of the Wismo Pranowo School

Experiences in porting a virtual reality system to Java

Practical experience in porting a large virtual reality system from C/C++ to Java indicates that porting this type of real-time application is both feasible, and has several merits. The ability to transfer objects in space and time allows useful facilities such as distributed agent support and persistence to be added. Reflection and type comparisons allow flexible manipulations of objects of different types at run-time. Native calls and native code compilation reduce or remove the overhead of interpreting code.Problems encountered include difficulty in achieving cross-platform code portability, limitations of the networking libraries in Java, and clumsy coding practices forced by the language.

Analysis of malicious and benign Android applications

Since its establishment, the Android applications market has been infected by a proliferation of malicious applications. Recent studies show that rogue developers are injecting malware into legitimate market applications which are then installed on open source sites for consumer uptake. Often, applications are infected several times. In this paper, we investigate the behavior of malicious Android applications, we present a simple and effective way to safely execute and analyze them. As part of this analysis, we use the Android application sandbox Droidbox to generate behavioral graphs for each sample and these provide the basis of the development of patterns to aid in identifying it. As a result, we are able to determine if family names have been correctly assigned by current anti-virus vendors. Our results indicate that the traditional anti-virus mechanisms are not able to correctly identify malicious Android applications.

Zero permission android applications - attacks and defenses

Google advertises the Android permission framework as one of the core security features present on its innovative and flexible mobile platform. The permissions are a means to control access to restricted AP/s and system resources. However, there are Android applications which do not request permissions at all.In this paper, we analyze the repercussions of installing an Android application that does not include any permission and the types of sensitive information that can be accessed by such an application. We found that even app/icaaons with no permissions are able to access sensitive information (such the device ID) and transmit it to third-parties.

Detecting SMS-based control commands in a Botnet from infected android devices

An increasing number of Android devices are being infected and at risk of becoming part of a botnet. Among all types of botnets, control and cornmand based botnets are very popular. In this paper we introduce an effective and efficient method to ddect SMS-based control commands ftvm infected Android devices. Specifically, we rely on the important radio activities recorded in Android log files. These radio activities are currently overlooked by researchers. We show the effectiveness of our rnethod by using the examples frorn published literature. Our method requires much less user knowledge but is more generic than traditional approaches.

Towards an understanding of the impact of advertising on data leaks

Recent investigations have determined that many Android applications in both official and non-official online markets expose details of the user's mobile phone without user consent. In this paper, for the first time in the research literature, we provide a full investigation of why such applications leak, how they leak and where the data is leaked to. In order to achieve this, we employ a combination of static and dynamic analysis based on examination of Java classes and application behaviour for a data set of 123 samples, all pre-determined as being free from malicious software. Despite the fact that anti-virus vendor software did not flag any of these samples as malware, approximately 10% of them are shown to leak data about the mobile phone to a third-party; applications from the official market appear to be just as susceptible to such leaks as applications from the non-official markets.