Analysis of malicious and benign Android applications

Since its establishment, the Android applications market has been infected by a proliferation of malicious applications. Recent studies show that rogue developers are injecting malware into legitimate market applications which are then installed on open source sites for consumer uptake. Often, applications are infected several times. In this paper, we investigate the behavior of malicious Android applications, we present a simple and effective way to safely execute and analyze them. As part of this analysis, we use the Android application sandbox Droidbox to generate behavioral graphs for each sample and these provide the basis of the development of patterns to aid in identifying it. As a result, we are able to determine if family names have been correctly assigned by current anti-virus vendors. Our results indicate that the traditional anti-virus mechanisms are not able to correctly identify malicious Android applications.

Organised crime in ports and the isps code: where to now?

In a previous Strategic Insights article [issue no.31, March 2011]  there was a focus on increasing use of maritime shipping containers by drug traffickers pointing to their use as a transport method. This raised the quetion of the extent to which counterterrorism efforts that have raised security levels in ports, as part of a general heightening of security levels. This article questions whether current counterterrorism arrangements on the landside of ports can be effective tools against the presence of organised crime.

Zero permission android applications - attacks and defenses

Google advertises the Android permission framework as one of the core security features present on its innovative and flexible mobile platform. The permissions are a means to control access to restricted AP/s and system resources. However, there are Android applications which do not request permissions at all.In this paper, we analyze the repercussions of installing an Android application that does not include any permission and the types of sensitive information that can be accessed by such an application. We found that even app/icaaons with no permissions are able to access sensitive information (such the device ID) and transmit it to third-parties.

Detecting SMS-based control commands in a Botnet from infected android devices

An increasing number of Android devices are being infected and at risk of becoming part of a botnet. Among all types of botnets, control and cornmand based botnets are very popular. In this paper we introduce an effective and efficient method to ddect SMS-based control commands ftvm infected Android devices. Specifically, we rely on the important radio activities recorded in Android log files. These radio activities are currently overlooked by researchers. We show the effectiveness of our rnethod by using the examples frorn published literature. Our method requires much less user knowledge but is more generic than traditional approaches.

Making decisions about fertility : three facts GPs need to communicate to women

Background Average annual fertility rates in industrialised countries have been below two children per woman for the past 3 decades. The reasons behind women’s childbearing behaviour are complex. However, a lack of awareness regarding the consequences of delayed childbearing and the inability of reproductive technologies to overcome the ‘biological clock’ may be contributory factors.

Objective A narrative review guided by the research question: What do women need to know about the consequences of delayed childbearing in order to make informed decisions about their fertility?

Discussion There are three facts that women need to know in order to make informed decisions around their fertility: Some women want to have more children than they are able to have because they postpone childbearing; there can be medical consequences to delaying childbearing and; some women’s ideas about their fertility don’t match the ‘the scientific facts’. General practitioners are well placed to play a strategic role in the provision of timely, relevant information to help women make informed decisions about their fertility. Further research is needed to identify the most appropriate ways for GPs to communicate this information.

Code-switching and teaching Chinese as a second language

This book aims to explore the nature of code-switching. The purpose is to find out how this works and thereby inform language-teaching strategies. It focuses on Chinese / English bilinguals with special emphasis on younger students living in two linguistic worlds (Chinese and English). The book examines code-switching in relation to several aspects: grammatical structures, tonal facilitation, contextual factors, speakers' social background aspects and their participation in school language programs.

A new urban planning code's impact on walking: The residential environments project

Objectives. We examined whether people moving into a housing development designed according to a state government livable neighborhoods subdivision code engage in more walking than do people who move to other types of developments.

Methods. In a natural experiment of 1813 people building homes in 73 new housing developments in Perth, Western Australia, we surveyed participants before and then 12 and 36 months after moving. We measured self-reported walking using the Neighborhood Physical Activity Questionnaire and collected perceptions of the environment and self-selection factors. We calculated objective measures of the built environment using a Geographic Information System.

Results. After relocation, participants in livable versus conventional developments had greater street connectivity, residential density, land use mix, and access to destinations and more positive perceptions of their neighborhood (all P < .05). However, there were no significant differences in walking over time by type of development (P > .05).

Conclusions. Implementation of the Livable Neighborhoods Guidelines produced more supportive environments; however, the level of intervention was insufficient to encourage more walking. Evaluations of new urban planning policies need to incorporate longer term follow-up to allow time for new neighborhoods to develop.

Contrasting permission patterns between clean and malicious android applications

The Android platform uses a permission system model to allow users and developers to regulate access to private information and system resources required by applications. Permissions have been proved to be useful for inferring behaviors and characteristics of an application. In this paper, a novel method to extract contrasting permission patterns for clean and malicious applications is proposed. Contrary to existing work, both required and used permissions were considered when discovering the patterns. We evaluated our methodology on a clean and a malware dataset, each comprising of 1227 applications. Our empirical results suggest that our permission patterns can capture key differences between clean and malicious applications, which can assist in characterizing these two types of applications.