CHEX Lu, Long; Li, Zhichun; Wu, Zhenyu ...
Proceedings of the 2012 ACM conference on Computer and communications security,
10/2012
Conference Proceeding
An enormous number of apps have been developed for Android in recent years, making it one of the most popular mobile operating systems. However, the quality of the booming apps can be a concern 4. ...Poorly engineered apps may contain security vulnerabilities that can severally undermine users' security and privacy. In this paper, we study a general category of vulnerabilities found in Android apps, namely the component hijacking vulnerabilities. Several types of previously reported app vulnerabilities, such as permission leakage, unauthorized data access, intent spoofing, and etc., belong to this category.
We propose CHEX, a static analysis method to automatically vet Android apps for component hijacking vulnerabilities. Modeling these vulnerabilities from a data-flow analysis perspective, CHEX analyzes Android apps and detects possible hijack-enabling flows by conducting low-overhead reachability tests on customized system dependence graphs. To tackle analysis challenges imposed by Android's special programming paradigm, we employ a novel technique to discover component entry points in their completeness and introduce app splitting to model the asynchronous executions of multiple entry points in an app.
We prototyped CHEX based on Dalysis, a generic static analysis framework that we built to support many types of analysis on Android app bytecode. We evaluated CHEX with 5,486 real Android apps and found 254 potential component hijacking vulnerabilities. The median execution time of CHEX on an app is 37.02 seconds, which is fast enough to be used in very high volume app vetting and testing scenarios.
Defect prediction models help software quality assurance teams to allocate their limited resources to the most defect-prone modules. Model validation techniques, such as <inline-formula><tex-math ...notation="LaTeX">k</tex-math> <inline-graphic xlink:href="tantithamthavorn-ieq1-2584050.gif"/> </inline-formula>-fold cross-validation, use historical data to estimate how well a model will perform in the future. However, little is known about how accurate the estimates of model validation techniques tend to be. In this paper, we investigate the bias and variance of model validation techniques in the domain of defect prediction. Analysis of 101 public defect datasets suggests that 77 percent of them are highly susceptible to producing unstable results- - selecting an appropriate model validation technique is a critical experimental design choice. Based on an analysis of 256 studies in the defect prediction literature, we select the 12 most commonly adopted model validation techniques for evaluation. Through a case study of 18 systems, we find that single-repetition holdout validation tends to produce estimates with 46-229 percent more bias and 53-863 percent more variance than the top-ranked model validation techniques. On the other hand, out-of-sample bootstrap validation yields the best balance between the bias and variance of estimates in the context of our study. Therefore, we recommend that future defect prediction studies avoid single-repetition holdout validation, and instead, use out-of-sample bootstrap validation.
Amandroid Wei, Fengguo; Roy, Sankardas; Ou, Xinming ...
Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security,
11/2014
Conference Proceeding
We propose a new approach to conduct static analysis for security vetting of Android apps, and built a general framework, called Amandroid for determining points-to information for all objects in an ...Android app in a flow- and context-sensitive way across Android apps components. We show that: (a) this type of comprehensive analysis is completely feasible in terms of computing resources needed with modern hardware, (b) one can easily leverage the results from this general analysis to build various types of specialized security analyses -- in many cases the amount of additional coding needed is around 100 lines of code, and (c) the result of those specialized analyses leveraging Amandroid is at least on par and often exceeds prior works designed for the specific problems, which we demonstrate by comparing Amandroid's results with those of prior works whenever we can obtain the executable of those tools. Since Amandroid's analysis directly handles inter-component control and data flows, it can be used to address security problems that result from interactions among multiple components from either the same or different apps. Amandroid's analysis is sound in that it can provide assurance of the absence of the specified security problems in an app with well-specified and reasonable assumptions on Android runtime system and its library.
The drastic increase of Android malware has led to a strong interest in developing methods to automate the malware analysis process. Existing automated Android malware detection and classification ...methods fall into two general categories: 1) signature-based and 2) machine learning-based. Signature-based approaches can be easily evaded by bytecode-level transformation attacks. Prior learning-based works extract features from application syntax, rather than program semantics, and are also subject to evasion. In this paper, we propose a novel semantic-based approach that classifies Android malware via dependency graphs. To battle transformation attacks, we extract a weighted contextual API dependency graph as program semantics to construct feature sets. To fight against malware variants and zero-day malware, we introduce graph similarity metrics to uncover homogeneous application behaviors while tolerating minor implementation differences. We implement a prototype system, DroidSIFT, in 23 thousand lines of Java code. We evaluate our system using 2200 malware samples and 13500 benign samples. Experiments show that our signature detection can correctly label 93\% of malware instances; our anomaly detector is capable of detecting zero-day malware with a low false negative rate (2\%) and an acceptable false positive rate (5.15\%) for a vetting purpose.
Static detection of cross-site scripting vulnerabilities Wassermann, Gary; Su, Zhendong
2008 ACM/IEEE 30th International Conference on Software Engineering,
01/2008, Letnik:
2008, Številka:
24
Conference Proceeding, Journal Article
Web applications support many of our daily activities, but they often have security problems, and their accessibility makes them easy to exploit. In cross-site scripting (XSS), an attacker exploits ...the trust a web client (browser) has for a trusted server and executes injected script on the browser with the server's privileges. In 2006, XSS constituted the largest class of newly reported vulnerabilities making it the most prevalent class of attacks today. Web applications have XSS vulnerabilities because the validation they perform on untrusted input does not suffice to prevent that input from invoking a browser's JavaScript interpreter, and this validation is particularly difficult to get right if it must admit some HTML mark-up. Most existing approaches to finding XSS vulnerabilities are taint-based and assume input validation functions to be adequate, so they either miss real vulnerabilities or report many false positives.
This paper presents a static analysis for finding XSS vulnerabilities that directly addresses weak or absent input validation. Our approach combines work on tainted information flow with string analysis. Proper input validation is difficult largely because of the many ways to invoke the JavaScript interpreter; we face the same obstacle checking for vulnerabilities statically, and we address it by formalizing a policy based on the W3C recommendation, the Firefox source code, and online tutorials about closed-source browsers. We provide effective checking algorithms based on our policy. We implement our approach and provide an extensive evaluation that finds both known and unknown vulnerabilities in real-world web applications.
1. Information criteria (ICs) are used widely for data summary and model building in ecology, especially in applied ecology and wildlife management. Although ICs are useful for distinguishing among ...rival candidate models, ICs do not necessarily indicate whether the "best" model (or a model-averaged version) is a good representation of the data or whether the model has useful "explanatory" or "predictive" ability. 2. As editors and reviewers, we have seen many submissions that did not evaluate whether the nominal "best" model(s) found using IC is a useful model in the above sense. 3. We scrutinized six leading ecological journals for papers that used IC to models. More than half of papers using IC for model comparison did not evaluate the adequacy of the best model(s) in either "explaining" or "prdicting" the data. 4. Synthesis and applications. Authors need to evaluate the adequacy of the model identified as the "best" model by using information criteria methods to provide convincing evidence to readers and users that inferences from the best models are useful and reliable.
The validation of the manufacturing process to produce ceftriaxone/ sulbactam with EDTA1.5 g/ vial powder for solution for injection/ infusion. Ceftriaxone works by inhibiting the mucopeptide ...synthesis in the bacterial cell wall. The beta-lactam moiety of Ceftriaxone binds to carboxypeptidases, endopeptidases, and transpeptidases in the bacterial cytoplasmic membrane. These enzymes are involved in cell- wall synthesis and cell division. By binding to these enzymes, Ceftriaxone results in the formation of defective cell walls and cell death. Sulbactam is an irreversible inhibitor of beta-lactamase; it binds the enzyme and does not allow it to interact with the antibiotic. The validation confirms that each stage of the manufacturing process is in control and will consistently produce a product of acceptable quality, as defined by the specifications of product. It is planned that operating variables and control parameters of processes shall be studied and documented. The associated critical product attributes and characteristics shall also be studied. Process validation of ceftriaxone/ sulbactam 1.5g/ vial powder for solution for injection. Process for manufacture of ceftriaxone/ sulbactam 1.5g/ vials powder for solution for injection/ infusion is said to be in state of control. Hence this product can be manufactured by using this process without modifying any parameters