Dynalog: an automated dynamic analysis framework for characterizing android applications

Android is becoming ubiquitous and currently has the largest share of the mobile OS market with billions of application downloads from the official app market. It has also become the platform most targeted by mobile malware that are becoming more sophisticated to evade state-of-the-art detection approaches. Many Android malware families employ obfuscation techniques in order to avoid detection and this may defeat static analysis based approaches. Dynamic analysis on the other hand may be used to overcome this limitation. Hence in this paper we propose DynaLog, a dynamic analysis based framework for characterizing Android applications. The framework provides the capability to analyse the behaviour of applications based on an extensive number of dynamic features. It provides an automated platform for mass analysis and characterization of apps that is useful for quickly identifying and isolating malicious applications. The DynaLog framework leverages existing open source tools to extract and log high level behaviours, API calls, and critical events that can be used to explore the characteristics of an application, thus providing an extensible dynamic analysis platform for detecting Android malware. DynaLog is evaluated using real malware samples and clean applications demonstrating its capabilities for effective analysis and detection of malicious applications.

Evaluation of Machine Learning Classifiers for Mobile Network Intrusion Detection Systems

Mobile malwares are increasing with the growing number of Mobile users. Mobile malwares can perform several operations which lead to cybersecurity threats such as, stealing financial or personal information, installing malicious applications, sending premium SMS, creating backdoors, keylogging and crypto-ransomware attacks. Knowing the fact that there are many illegitimate Applications available on the App stores, most of the mobile users remain careless about the security of their Mobile devices and become the potential victim of these threats. Previous studies have shown that not every antivirus is capable of detecting all the threats; due to the fact that Mobile malwares use advance techniques to avoid detection. A Network-based IDS at the operator side will bring an extra layer of security to the subscribers and can detect many advanced threats by analyzing their traffic patterns. Machine Learning(ML) will provide the ability to these systems to detect unknown threats for which signatures are not yet known. This research is focused on the evaluation of Machine Learning classifiers in Network-based Intrusion detection systems for Mobile Networks. In this study, different techniques of Network-based intrusion detection with their advantages, disadvantages and state of the art in Hybrid solutions are discussed. Finally, a ML based NIDS is proposed which will work as a subsystem, to Network-based IDS deployed by Mobile Operators, that can help in detecting unknown threats and reducing false positives. In this research, several ML classifiers were implemented and evaluated. This study is focused on Android-based malwares, as Android is the most popular OS among users, hence most targeted by cyber criminals. Supervised ML algorithms based classifiers were built using the dataset which contained the labeled instances of relevant features. These features were extracted from the traffic generated by samples of several malware families and benign applications. These classifiers were able to detect malicious traffic patterns with the TPR upto 99.6% during Cross-validation test. Also, several experiments were conducted to detect unknown malware traffic and to detect false positives. These classifiers were able to detect unknown threats with the Accuracy of 97.5%. These classifiers could be integrated with current NIDS', which use signatures, statistical or knowledge-based techniques to detect malicious traffic. Technique to integrate the output from ML classifier with traditional NIDS is discussed and proposed for future work.

N-opcode analysis for android malware classification and categorization

Malware detection is a growing problem particularly on the Android mobile platform due to its increasing popularity and accessibility to numerous third party app markets. This has also been made worse by the increasingly sophisticated detection avoidance techniques employed by emerging malware families. This calls for more effective techniques for detection and classification of Android malware. Hence, in this paper we present an n-opcode analysis based approach that utilizes machine learning to classify and categorize Android malware. This approach enables automated feature discovery that eliminates the need for applying expert or domain knowledge to define the needed features. Our experiments on 2520 samples that were performed using up to 10-gram opcode features showed that an f-measure of 98% is achievable using this approach.

ricerca di vulnerabilità in applicazioni apple su dispositivi mobile

Le app mobile sono sempre più pervasive nella vita quotidiana delle persone: gli smartphone hanno rivoluzionato il modo di interagire degli utenti con le varie organizzazioni. Che sia per l'accesso al proprio conto corrente, per la visualizzazione delle notizie quotidiane o per il semplice svago, gli utenti usano sempre più il mondo mobile come canale privilegiato per la fruizione dei contenuti digitali. Il sempre maggior successo delle applicazioni mobile ha sempre più spostato l'attenzione dei malintenzionati sugli smartphone, che sono diventati così uno degli obiettivi più popolari per i cyberattacchi: ciò comporta nuove sfide per le organizzazioni al fine di garantire la sicurezza di dati e sistemi. Risulta fondamentale per un organizzazione in particolare mantenere un controllo sulle proprie applicazioni mobile: configurazioni errate, errori di programmazione, inclusione di librerie software vulnerabili o malevoli e la presenza di credenziali cablate nel codice o nelle configurazioni rappresentano un notevole rischio per la confidenzialità, l'integrità e disponibilità di dati e sistemi. Se risulta fondamentale nello sviluppo un approccio che utilizzi i principi della Security by Design, risulta ancora più importante un presidio costante sulle applicazioni e la costruzione di un ciclo di vita del software sicuro (SSDLC). A tal fine la proposta del progetto di tesi riguarda l'analisi delle principali minacce e vulnerabilità delle applicazioni mobile e lo sviluppo di uno strumento di analisi dei pacchetti mobile (su piattaforma Android o iOS) al fine di identificare possibili rischi prima della pubblicazione dei pacchetti sugli store ufficiali.

Quantification and source identification of atmospheric particulate polycyclic aromatic hydrocarbons and their dry deposition fluxes at three sites in Salvador Basin, Brazil, impacted by mobile and stationary sources

The present work has aimed to determine the 16 US EPA priority PAH atmospheric particulate matter levels present in three sites around Salvador, Bahia: (i) Lapa bus station, strongly impacted by heavy-duty diesel vehicles; (ii) Aratu harbor, impacted by an intense movement of goods, and (iii) Bananeira village on Maré Island, a non vehicle-influenced site with activities such as handcraft work and fisheries. Results indicated that BbF (0.130-6.85 ng m-3) is the PAH with highest concentration in samples from Aratu harbor and Bananeira and CRY (0.075-6.85 ng m-3) presented higher concentrations at Lapa station. PAH sources from studied sites were mainly of anthropogenic origin such as gasoline-fueled light-duty vehicles and diesel-fueled heavy-duty vehicles, discharges in the port, diesel burning from ships, dust ressuspension, indoor soot from cooking, and coal and wood combustion for energy production.

Experimental results on the nonlinear H(infinity) control via quasi-LPV representation and game theory for wheeled mobile robots

In this paper, nonlinear dynamic equations of a wheeled mobile robot are described in the state-space form where the parameters are part of the state (angular velocities of the wheels). This representation, known as quasi-linear parameter varying, is useful for control designs based on nonlinear H(infinity) approaches. Two nonlinear H(infinity) controllers that guarantee induced L(2)-norm, between input (disturbances) and output signals, bounded by an attenuation level gamma, are used to control a wheeled mobile robot. These controllers are solved via linear matrix inequalities and algebraic Riccati equation. Experimental results are presented, with a comparative study among these robust control strategies and the standard computed torque, plus proportional-derivative, controller.

The role of mobile belts for the longevity of deep cratonic lithosphere: The crumple zone model

Many Archean cratons are surrounded by Proterozoic mobile belts that have experienced episodes of tectonic re-activation over their lifetimes. This suggests that mobile belt lithosphere may be associated with long lived, inherited weakness. It is proposed that the proximity of this weakness can increase the longevity of deep Archean lithosphere by buffering Archean cratons from mantle derived stresses. The physical plausibility of this idea is explored through numerical simulations of mantle convection that include continents and allow for material rheologies that model the combined brittle and ductile behavior of the lithosphere. Within the simulations, the longevity of deep cratonic lithosphere does increase if it is buffered by mobile belts that can fail at relatively low stress levels.

The generation of H-1-NMR-detectable mobile lipid in stimulated lymphocytes: Relationship ts cellular activation, the cell cycle, and phosphatidylcholine-specific phospholipase C

Mobile Lipids detected using H-1-NMR in stimulated lymphocytes were correlated with cell cycle phase, expression of the interleukin-2 receptor alpha and proliferation to assess the activation status of the lymphocytes. Mobile lipid levels, IL-2R alpha expression and proliferation increased after treatment with PMA and ionomycin. PMA or ionomycin stimulation alone induced increased IL-2R alpha expressiom but not proliferation, PMA- but not ionomycin-stimulation generated mobile lipid, Treatment with anti-CD3 antibody did not increase IL-2R alpha expression or proliferation but did generate increased amounts of mobile lipid, The cell cycle status of thymocytes treated with anti-CD3, PMA or ionomycin alone indicated an. accumulation of the cells in the G(1) phase of the cell cycle, The generation of mobile lipid was abrogated in anti-CD3 antibody-stimulated thymic lymphocytes but not in splenic lymphocytes, using a phosphatidylcholine-specific phospholipase C (PC-PLC) inhibitor which blocked cells in the G(1)/S phase of the cell cycle, This suggests that the H-1-NMR-detectable mobile Lipid may be generated in anti-CD3 antibody-stimulated thymic lymphocytes by the action of PC-PLC activity via the catabolism of PC, in the absence of classical signs of activation. (C) 1997 Academic Press.

Can Mobile Units Improve the Strategies for Cervical Cancer Prevention?

Cervical cancer is a serious public health problem in women in developing countries because of absence or ineffectiveness of screening programs. Several biases to access medical care and inequity of public health system in a continental country like Brazil limit the implementation of adequate programs to appropriately prevent the cervical cancer. Therefore, the aim of this study was to evaluate the results of applying the mobile unit (MU) for cervical cancer screening. From May 2003 to May 2004, a cervical cancer screening was offered to women aged 20-69 years, residing in 19 municipal districts of the Barretos county region, in Sao Paulo. Out of the 9,560 examination available, 2,964 (31%) women underwent screening. The medium distance traveled by the MU was 45 km. The medium time spent by women in the MU for completion of the questionnaire and doing the exam was 20 minutes. It was observed that 17.0% of women screened had never had the test or had not had it repeated within the last 3 years. The negative response was more common among women aged 20 to 29 years and 60 to 69 years and among women with less schooling and lower socio-economic income (P < 0.05). MU can significantly overcome the chronic deficiency of public health system accessibility offering opportunity to these women to participate in screening programs. Diagn. Cytopathol. 2010;38:727-730. (C) 2009 Wiley-Liss, Inc.

Program for Prostate Cancer Screening Using a Mobile Unit: Results From Brazil

OBJECTIVES To evaluate the initial results of a prostate cancer screening program using mobile units in Brazil. METHODS Since 2004, we have conducted a program of prostate cancer screening using mobile units across 231 municipalities from 6 Brazilian states. RESULTS A total of 17 571 men were evaluated by clinical history, digital rectal examination (DRE), and serum free and total prostate-specific antigen (PSA) levels. The recommendations for biopsy were a PSA level of >= 4.0 ng/mL, DRE findings suspicious for cancer, or a PSA level of 2.5-4.0 ng/mL with a percent-free PSA level <15%. The biopsy protocol included 12 biopsy cores from the peripheral zone, 2 from the transition zone, and additional sampling of suspicious areas. The cumulative cancer detection rate was 3.7%. The main indication for biopsy was a PSA level of >= 4.0 ng/mL (51.2%), with a positive predictive value (PPV) of 44.1%. Another 19.7% of biopsied men had suspicious DRE findings with a normal PSA level (PPV 23.5%). A percent-free PSA level of <15% in men with a PSA level of 2.5-4.0 ng/mL and normal DRE findings yielded a PPV of 31.1%. The PPV was greater (70.9%) for the 7.1% of men with both suspicious DRE findings and a PSA level of >4.0 ng/mL. Most cancers were Stage T1-T2 (93.4%), and the percentage of Gleason score of >= 7 was 32.5%. The proportion of insignificant cancers according to Epstein`s criteria was 13.5%. CONCLUSIONS A mobile prostate cancer screening unit enabled an underserved population to gain access to specialized care through the public healthcare system. The cancer detection rate in this population was similar to those from international studies. UROLOGY 76: 1052-1057, 2010. (C) 2010 Published by Elsevier Inc.