Download Free Automated Testing To Detect Status Data Loss In Android Applications Book in PDF and EPUB Free Download. You can read online Automated Testing To Detect Status Data Loss In Android Applications and write the review.

Mobile applications are increasing in a significant amount, each to address the requirements of many users. However, the quick developments and enhancements are resulting in many underlying defects. When user installs an app, it is expected that the data should be persistent at all states, which requires saving the instance data for all the activities. An app can be paused or sent to the background due to other interruptions or user intervention. It is difficult for the programmer to test this issue for all the activities. This results the issue of data loss, the information/details entered by user in the app are not saved when there is any interruption. This results in degrading the user experience because user should enter the information each time there is an interruption. There are several static analysis tools to test this issue. Thus, the automated testing to detect such data loss is important to improve the user experience. This research proposes a tool, DroidDLP, a Data Loss Preventor in Android, which will detect the information loss from a given android application. We have tested 395 applications and found 12 applications with the issue of data loss. This approach is proved highly accurate and reliable to find the apps with this defect, which can be used by android developers to avoid such errors.
Smart phones have become an important daily companion and often used by users to store various private data such as contacts, photos, messages, various social network accounts etc. Users can furthermore extend the functionality of their phone by downloading applications (or apps) from various developers and online application stores. However, apps may misuse the data stored on the phone or obtained from the sensors and users do not have any direct means to track that. Hence, the need for improved mechanisms to better manage the privacy of user data is very important. There has been a lot of effort to detect and thwart unauthorized access to these private data. However, there is no consensus method which can ensure protection of user sensitive information from mobile devices and at the same time easily deployable at user side. This dissertation aims at developing methods to test Android applications for privacy leakage detection. For this, it presents a new technique: if an application is run twice and all program inputs and environment conditions are kept equal, then it should produce identical outputs. So, if a sensitive input is changed in two separate executions of the target application, and a variance is observed at output, then the output contains information from that sensitive input. Based on this idea we developed two systems namely DroidTest and MirrorDroid to detect leakage of privacy sensitive data. DroidTest instruments the Android framework APIs to insert security monitoring code. The instrumented APIs help to record user interactions and sensitive API values in record phase (first run of application) and restore the recorded information during replay execution (second run of the target application). Program inputs (except sensitive data) and environment conditions are kept equal in both runs and change in corresponding outputs corresponds to leakage of sensitive data. DroidTest does not require costly platform update and can be easily distributed as a modified Android SDK. On the other hand, MirrorDroid places the monitoring code within the Android Runtime (Dalvik Virtual Machine). It does not explicitly run an application twice like DroidTest. Rather, the instrumented Dalvik VM intercepts execution of each instruction and duplicates it before fetching next instructions, essentially running a separate execution (mirror execution) of the target program in parallel. Then the outgoing data in original and mirror execution is compared to find evidences of information leakage. We have evaluated the proposed systems on two data sets. The first data set is taken from the Android Malware Genome Project containing 225 samples from 20 malware families. Using DroidTest and MirrorDroid to monitor information leakage, we could successfully detect leakage already reported in literature. The second data set consists of 50 top free applications from the official Android Market Place (Google Play Store). We found 36 out of this 50 applications leak some kind of information, which is very alarming considering these are very popular and highly downloaded applications. Although, the proposed systems either instruments the application framework APIs or the Dalvik Virtual Machine, they produce low runtime overhead (DroidTest 22% and MirrorDroid 8.2%). The accuracy of the proposed detection mechanisms also proves the effectiveness of our methods. DroidTest produces 22% false positives. If we ignore false warnings generated by different ordering of thread executions in record and replay phase, the false positives rate stands at 10%. MirrorDroid does better than DroidTest and generates only 6% false positives for the applications in test data sets.
This book constitutes the proceedings of the 17th International Conference on Theoretical Aspects of Software Engineering, TASE 2023, held in Bristol, UK, July 4–6, 2023. The 19 full papers and 2 short papers included in this book were carefully reviewed and selected from 49 submissions. They cover the following areas: distributed and concurrent systems; cyber-physical systems; embedded and real-time systems; object-oriented systems; quantum computing; formal verification and program semantics; static analysis; formal methods; verification and testing for AI systems; and AI for formal methods.
"Android Forensics" covers an open source mobile device platform based on the Linux 2.6 kernel and managed by the Open Handset Alliance. This book provides a thorough review of the Android platform including supported hardware devices, the structure of the Android development project, and implementation of core services (wireless communication, data storage, and other low-level functions).
This is book offers in-depth analysis of security vulnerabilities in different mobile operating systems. It provides methodology and solutions for handling Android malware and vulnerabilities and transfers the latest knowledge in machine learning and deep learning models towards this end. Further, it presents a comprehensive analysis of software vulnerabilities based on different technical parameters such as causes, severity, techniques, and software systems’ type. Moreover, the book also presents the current state of the art in the domain of software threats and vulnerabilities. This would help analyze various threats that a system could face, and subsequently, it could guide the securityengineer to take proactive and cost-effective countermeasures. Security threats are escalating exponentially, thus posing a serious challenge to mobile platforms. Android and iOS are prominent due to their enhanced capabilities and popularity among users. Therefore, it is important to compare these two mobile platforms based on security aspects. Android proved to be more vulnerable compared to iOS. The malicious apps can cause severe repercussions such as privacy leaks, app crashes, financial losses (caused by malware triggered premium rate SMSs), arbitrary code installation, etc. Hence, Android security is a major concern amongst researchers as seen in the last few years. This book provides an exhaustive review of all the existing approaches in a structured format. The book also focuses on the detection of malicious applications that compromise users' security and privacy, the detection performance of the different program analysis approach, and the influence of different input generators during static and dynamic analysis on detection performance. This book presents a novel method using an ensemble classifier scheme for detecting malicious applications, which is less susceptible to the evolution of the Android ecosystem and malware compared to previous methods. The book also introduces an ensemble multi-class classifier scheme to classify malware into known families. Furthermore, we propose a novel framework of mapping malware to vulnerabilities exploited using Android malware’s behavior reports leveraging pre-trained language models and deep learning techniques. The mapped vulnerabilities can then be assessed on confidentiality, integrity, and availability on different Android components and sub-systems, and different layers.
This four-volume set LNCS 13701-13704 constitutes contributions of the associated events held at the 11th International Symposium on Leveraging Applications of Formal Methods, ISoLA 2022, which took place in Rhodes, Greece, in October/November 2022. The contributions in the four-volume set are organized according to the following topical sections: specify this - bridging gaps between program specification paradigms; x-by-construction meets runtime verification; verification and validation of concurrent and distributed heterogeneous systems; programming - what is next: the role of documentation; automated software re-engineering; DIME day; rigorous engineering of collective adaptive systems; formal methods meet machine learning; digital twin engineering; digital thread in smart manufacturing; formal methods for distributed computing in future railway systems; industrial day.
Android is an open-source operating system that has been developed by Google. It is the most popular platform for smartphones and tablets, accounting for almost 85% of the market share. The operating system is based on Linux and includes a user-friendly interface that can be customized according to the user's preference. Android has become popular because of its accessibility, customizability, and flexibility. It comes equipped with a range of features, including Google Assistant, Google Play Store, Google Maps, and more. The Android operating system is designed to run on a variety of devices, including smartphones, tablets, and even smart TVs. It allows users to download and install thousands of applications from the Google Play Store. Google also provides regular updates to ensure the operating system is secure and includes new features. Android's key features include multi-tasking, notifications, widgets, and an AI-powered personal assistant in Google Assistant. With Android being an open-source platform, developers can build customized versions for different types of devices and create applications that work seamlessly with the operating system.
Android apps are one of the widespread applications in smart phones. Android apps provide privacy policies to illuminate users about the information processing during application usage. Android apps claim to collect both personal data such as name, email, credit card number etc. and non personal or device related data such as IP address, operating system, MAC address etc. in their privacy policies. Non personal or device related data provide sensitive user information about user’s location, operating system configuration, device identifiers like MAC or IP address and poses a greater threat of privacy violations to users. However, the lack of mechanisms to detect consistencies of app’s device related data collection with respect to the privacy policies makes difficult for app developers to ensure implementation without violation. In this research, a frame work has been developed to aid the developers to detect violations of privacy policies in app’s implementation. The framework is designed as a plugin tool for Intellij IDEA which is the official Integrated Development Environment (IDE) for professional android app development. The plugin is named as “PrivacyPlugin” which bridges the gap between privacy policy and source code implementation from developers perspective. The plugin takes “device related” data collection of a privacy policy as an input and analyzes the data to generate a list of related apis. The plugin also examines source code of an app to generate the list of apis used for static method calls and compares two generated lists to detect unauthorized apis in violations. The plugin also suggests device related phrases or keywords to be included in the privacy policy based on violation results. The developed plugin’s performance is evaluated through unit and function testing with proper test plans and test cases. To summarize, the “PrivacyPlugin” provides an analysis of “device related” data collection violations of android apps to the developers and suggestions to include required “device related” phrases or keywords in privacy policies to avoid violations.
Focusing on the challenges, directions, and future predictions with the role of 5G in smart healthcare monitoring, this book offers the fundamental concepts and analyses on the methods to apply Internet of Things (IoT) in monitoring devices for diagnosing and transferring data. It also discusses self-managing to help providers improve their patients' healthcare experience. Smart Healthcare Monitoring Using IoT with 5G: Challenges, Directions, and Future Predictions illustrates user-focused wearable devices such as Fitbit health monitors and smartwatches by which consumers can self-manage and self-monitor their own health. The book covers new points of security and privacy concerns, with the expectation of IoT devices gaining more popularity within the next ten years. Case studies depicting applications and best practices as well as future predictions of smart healthcare monitoring by way of a 5G network are also included. Interested readers of this book include anyone working or involved in research in the field of smart healthcare, such as healthcare specialists, computer science engineers, electronics engineers, and pharmaceutical practitioners.