970 resultados para android apps
Resumo:
The present work aims to allow developers to implement small features on a certain Android application in a fast and easy manner, as well as provide their users to install them ondemand, i.e., they can install the ones they are interested in. These small packages of features are called plugins, and the chosen development language to develop these in was JavaScript. In order to achieve that, an Android framework was developed that enables the host application to install, manage and run these plugins at runtime. This framework was designed to have a very clean and almost readable API, which allowed for better code organization and maintainability. The implementation used the Google’s engine “V8” to interpret the JavaScript code and through a set of JNI calls made that code call certain Android methods previously registered in the runtime. In order to test the framework, it was integrated with the client’s communication application RCS+ using two plugins developed alongside the framework. Although these plugins had only the more common requirements, they were proven to work successfully as intended. Concluding, the framework although successful made it clear that this kind of development through a non-native API has its set of difficulties especially regarding the implementation of complex features.
Resumo:
És objectiu d'aquest projecte dotar la comunitat UOC d'una aplicació per a dispositius Android que proporcioni als usuaris de la comunitat UOC un eina, àgil, còmode i intuïtiva d'accés al Campus Virtual i als recursos formatius que conté.
Resumo:
App collusion refers to two or more apps working together to achieve a malicious goal that they otherwise would not be able to achieve individually. The permissions based security model (PBSM) for Android does not address this threat, as it is rather limited to mitigating risks due to individual apps. This paper presents a technique for assessing the threat of collusion for apps, which is a first step towards quantifying collusion risk, and allows us to narrow down to candidate apps for collusion, which is critical given the high volume of Android apps available. We present our empirical analysis using a classified corpus of over 29000 Android apps provided by Intel Security.
Resumo:
Reverse engineering is usually the stepping stone of a variety of at-tacks aiming at identifying sensitive information (keys, credentials, data, algo-rithms) or vulnerabilities and flaws for broader exploitation. Software applica-tions are usually deployed as identical binary code installed on millions of com-puters, enabling an adversary to develop a generic reverse-engineering strategy that, if working on one code instance, could be applied to crack all the other in-stances. A solution to mitigate this problem is represented by Software Diversity, which aims at creating several structurally different (but functionally equivalent) binary code versions out of the same source code, so that even if a successful attack can be elaborated for one version, it should not work on a diversified ver-sion. In this paper, we address the problem of maximizing software diversity from a search-based optimization point of view. The program to protect is subject to a catalogue of transformations to generate many candidate versions. The problem of selecting the subset of most diversified versions to be deployed is formulated as an optimisation problem, that we tackle with different search heuristics. We show the applicability of this approach on some popular Android apps.
Resumo:
Symbolic execution is a powerful program analysis technique, but it is very challenging to apply to programs built using event-driven frameworks, such as Android. The main reason is that the framework code itself is too complex to symbolically execute. The standard solution is to manually create a framework model that is simpler and more amenable to symbolic execution. However, developing and maintaining such a model by hand is difficult and error-prone. We claim that we can leverage program synthesis to introduce a high-degree of automation to the process of framework modeling. To support this thesis, we present three pieces of work. First, we introduced SymDroid, a symbolic executor for Android. While Android apps are written in Java, they are compiled to Dalvik bytecode format. Instead of analyzing an app’s Java source, which may not be available, or decompiling from Dalvik back to Java, which requires significant engineering effort and introduces yet another source of potential bugs in an analysis, SymDroid works directly on Dalvik bytecode. Second, we introduced Pasket, a new system that takes a first step toward automatically generating Java framework models to support symbolic execution. Pasket takes as input the framework API and tutorial programs that exercise the framework. From these artifacts and Pasket's internal knowledge of design patterns, Pasket synthesizes an executable framework model by instantiating design patterns, such that the behavior of a synthesized model on the tutorial programs matches that of the original framework. Lastly, in order to scale program synthesis to framework models, we devised adaptive concretization, a novel program synthesis algorithm that combines the best of the two major synthesis strategies: symbolic search, i.e., using SAT or SMT solvers, and explicit search, e.g., stochastic enumeration of possible solutions. Adaptive concretization parallelizes multiple sub-synthesis problems by partially concretizing highly influential unknowns in the original synthesis problem. Thanks to adaptive concretization, Pasket can generate a large-scale model, e.g., thousands lines of code. In addition, we have used an Android model synthesized by Pasket and found that the model is sufficient to allow SymDroid to execute a range of apps.
Resumo:
Nos últimos anos, a nossa sociedade sofreu alterações significativas ao nível tecnológico que têm vindo a modificar o quotidiano do cidadão e transportaram para a palma da mão um conjunto significativo de tarefas até há poucos anos impensáveis. Atualmente, torna-se possível realizar as mais simples tarefas como, a título de exemplo, efetuar um cálculo matemático, tirar fotografias ou registar numa agenda um compromisso, ou tarefas mais complexas, como por exemplo, escrever ou editar um documento, trabalhar numa folha de cálculo ou enviar um e-mail com um anexo, isto tudo com o recurso a um simples dispositivo móvel, conhecido como smartphone ou tablet. Apesar de existirem diversos tipos de apps que seriam um bom auxílio para o aumento da produtividade dos utilizadores de dispositivos móveis Android, nem todos têm conhecimento das mesmas, pelo que é importante que os utilizadores tenham conhecimentos das vantagens da utilização destes recursos e de tudo o que podem realizar com os seus dispositivos com o objetivo de aumentar a sua produtividade profissional ou pessoal. O presente estudo pretende contribuir para uma análise sobre a potencial utilização das novas tecnologias, mais propriamente estudando e recomendando apps de produtividade. Com este intuito foi criada uma app de recomendação de aplicações de produtividade com recurso a um método de sistemas de recomendação. São apresentados os resultados e as conclusões, com recurso a opiniões de potenciais utilizadores.
Resumo:
Nos últimos anos tem-se verificado um acentuado aumento na utilização de dispositivos moveis a nível internacional, pelo que as aplicações desenvolvidas para este tipo específico de dispositivos, conhecidas por apps, tem vindo a ganhar uma enorme popularidade. São cada vez mais as empresas que procuram estar presentes nos mais diversos sistemas operativos móveis, com o objectivo de suportar e desenvolver o seu negócio, alargando o seu leque de possíveis consumidores. Neste sentido surgiram diversas ferramentas com a função de facilitar o desenvolvimento de aplicações móveis, denominadas frameworks multi-plataforma. Estas frameworks conduziram ao aparecimento de plataformas web, que permitem criar aplicações multi-plataforma sem ser obrigatório ter conhecimentos em programação. Assim, e a partir da análise de vários criadores online de aplicações móveis identificados e das diferentes estratégias de desenvolvimento de aplicações móveis existentes, foi proposta a implementação de uma plataforma web capaz de criar aplicações nativas Android e iOS, dois dos sistemas operativos mais utilizados na actualidade. Apos desenvolvida a plataforma web, designada MobileAppBuilder, foi avaliada a sua Qualidade e as aplicações criadas pela mesma, através do preenchimento de um questionário por parte de 10 indivíduos com formação em Engenharia Informática, resultando numa classificação geral de ”excelente”. De modo a analisar o desempenho das aplicações produzidas pela plataforma desenvolvida, foram realizados testes comparativos entre uma aplicação da MobileAppBuilder e duas homologas de dois dos criadores online estudados, nomeadamente Andromo e Como. Os resultados destes testes revelaram que a MobileAppBuilder gera aplicações menos pesadas, mais rápidas e mais eficientes em alguns aspetos, nomeadamente no arranque.
Resumo:
Application development for mobile devices has evolved substantially in recent years. Creating apps for mobile systems is becoming a standard in order to create better solutions to meet the market demand. Currently, half of the US population own Smartphones. This market comprises 150 million people, and 28% of these people consider mobiles their primary way of accessing the Web (Hales, 2013). A common feature of most websites tailored for mobile devices is that they are reduced versions of the desktop site. Several factors that must be considered when making this transition from desktop sites to mobile devices are: identifying elements from the desktop website that should be displayed on the mobile device screen; the amount of information the institution (BSU in this case) wishes to provide and designing an interface that will please the users;
Resumo:
The Web of Data currently comprises ? 62 billion triples from more than 2,000 different datasets covering many fields of knowledge3. This volume of structured Linked Data can be seen as a particular case of Big Data, referred to as Big Semantic Data [4]. Obviously, powerful computational configurations are tradi- tionally required to deal with the scalability problems arising to Big Semantic Data. It is not surprising that this ?data revolution? has competed in parallel with the growth of mobile computing. Smartphones and tablets are massively used at the expense of traditional computers but, to date, mobile devices have more limited computation resources. Therefore, one question that we may ask ourselves would be: can (potentially large) semantic datasets be consumed natively on mobile devices? Currently, only a few mobile apps (e.g., [1, 9, 2, 8]) make use of semantic data that they store in the mobile devices, while many others access existing SPARQL endpoints or Linked Data directly. Two main reasons can be considered for this fact. On the one hand, in spite of some initial approaches [6, 3], there are no well-established triplestores for mobile devices. This is an important limitation because any po- tential app must assume both RDF storage and SPARQL resolution. On the other hand, the particular features of these devices (little storage space, less computational power or more limited bandwidths) limit the adoption of seman- tic data for different uses and purposes. This paper introduces our HDTourist mobile application prototype. It con- sumes urban data from DBpedia4 to help tourists visiting a foreign city. Although it is a simple app, its functionality allows illustrating how semantic data can be stored and queried with limited resources. Our prototype is implemented for An- droid, but its foundations, explained in Section 2, can be deployed in any other platform. The app is described in Section 3, and Section 4 concludes about our current achievements and devises the future work.
Resumo:
Android OS supports multiple communication methods between apps. This opens the possibility to carry out threats in a collaborative fashion, c.f. the Soundcomber example from 2011. In this paper we provide a concise definition of collusion and report on a number of automated detection approaches, developed in co-operation with Intel Security.
Resumo:
Android is becoming ubiquitous and currently has the largest share of the mobile OS market with billions of application downloads from the official app market. It has also become the platform most targeted by mobile malware that are becoming more sophisticated to evade state-of-the-art detection approaches. Many Android malware families employ obfuscation techniques in order to avoid detection and this may defeat static analysis based approaches. Dynamic analysis on the other hand may be used to overcome this limitation. Hence in this paper we propose DynaLog, a dynamic analysis based framework for characterizing Android applications. The framework provides the capability to analyse the behaviour of applications based on an extensive number of dynamic features. It provides an automated platform for mass analysis and characterization of apps that is useful for quickly identifying and isolating malicious applications. The DynaLog framework leverages existing open source tools to extract and log high level behaviours, API calls, and critical events that can be used to explore the characteristics of an application, thus providing an extensible dynamic analysis platform for detecting Android malware. DynaLog is evaluated using real malware samples and clean applications demonstrating its capabilities for effective analysis and detection of malicious applications.
Resumo:
Nowadays, a lot of interesting and useful and imaginative applications are springing to Android software market. And for guitar fans, some related apps bring great connivence to them, like a guitar tuner can save people from carrying a entity tuner all the time, some apps can simulate a real guitar, and some apps provide some simple lessons allowing people to learn some basic things. But these apps which can teach people, they can't really “monitor ” people, that is, they just give some instructions and hope people would follow them. So my project is to design an app which can detect if users are playing wrong and right real-timely. Guitar chords are always the first for new guitar beginners to learn, and a chord is a set of notes combined together in a regulated way ( get from the music theory having millions of developing ), and 'pitch' is the term for determining if the note different from other notes or noise, so the problem here is to manage the multi-pitch analysis in real time. And it's necessary to know some basics of digital signal processing ( DSP ) because digital signals are always more convenient for computers to analyze compared to analog signals. Then I found an audio processing Java library – TarsosDSP, and try to apply it to my Android project.
Resumo:
Nowadays there is almost no crime committed without a trace of digital evidence, and since the advanced functionality of mobile devices today can be exploited to assist in crime, the need for mobile forensics is imperative. Many of the mobile applications available today, including internet browsers, will request the user’s permission to access their current location when in use. This geolocation data is subsequently stored and managed by that application's underlying database files. If recovered from a device during a forensic investigation, such GPS evidence and track points could hold major evidentiary value for a case. The aim of this paper is to examine and compare to what extent geolocation data is available from the iOS and Android operating systems. We focus particularly on geolocation data recovered from internet browsing applications, comparing the native Safari and Browser apps with Google Chrome, downloaded on to both platforms. All browsers were used over a period of several days at various locations to generate comparable test data for analysis. Results show considerable differences not only in the storage locations and formats, but also in the amount of geolocation data stored by different browsers and on different operating systems.
Resumo:
Trabalho Final de Mestrado para a obtenção do grau de Mestre em Engenharia Informática e de Computadores
Resumo:
Projeto para obtenção do grau de Mestre em Engenharia Informática e de Computadores
