Android applications have pervaded the digital landscape, making static analysis an indispensable tool for vetting app security. While existing static models offer valuable insights, they are fraught with a high degree of unsoundness. This keynote discusses our recent work aimed at enhancing the soundness of static analysis in the Android ecosystem. We not only explore innovative solutions to current limitations but also propose future research directions to address open challenges in this domain.
Android Malware Detection Literature ReviewAhmed Sabbah
This document provides an overview of Android malware detection approaches based on a literature review. It discusses static, dynamic, and hybrid analysis methods. Static methods examine app components and code without execution. Dynamic methods monitor running apps to log behaviors like API calls and network traffic. Hybrid approaches combine static and dynamic analysis. The document also outlines limitations like evasion techniques, lack of real device testing, and privacy concerns. It recommends future work in areas like improving machine learning models, detecting zero-day attacks, and preserving user privacy during dynamic analysis.
IRJET- Android Malware Detection using Machine LearningIRJET Journal
This document discusses using machine learning algorithms to detect Android malware. It aims to extract features from Android applications (APKs) and train machine learning models to classify APKs as malware or benign. The proposed approach extracts features from an APK's manifest file and decompiled code to identify permissions, URLs, API calls, and other indicators. Random forest classifiers are trained on a dataset of benign and malicious APKs to detect known malware families. The models can classify new APKs as either malware or benign, and if malware, identify the specific malware family. The approach aims to detect malware with high accuracy while reducing analysis time by processing multiple APKs in parallel.
The aim of the paper is to embed UAVs with A.I and explore possible application of the same. Face Recognition is needed and applicable in various fields like Defense, Health Care, Search and Rescue, Surveillance and Delivery System. Dataset creation, training and recognizer are the basis of Face recognition system. Face recognition systems developed are acceptably effective with detection and identification of the objects. We aim to create an artificial intelligence which is integrated in an UAV for face recognition and surveillance. We also intend to introduce anti collision system on the A.I to help the drone be safer and prevent damages to itself and the surround. The same is based on sonar sensors which would measure the distance the between the drone and object. Once detected the drone will maneuver itself out of the trajectory of collision. A path finding algorithm is part of the A.I to help the drone navigate 2 dimensional maps on its own. by integration of both object detection and path finding we aim to create an automated drone capable of functioning without human intervention of any kind. Shweta Kumar | Hasan Phudinawala | Chinmay Parab | Nidhi Parmar "Object Detection in UAVs" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-6 | Issue-3 , April 2022, URL: https://www.ijtsrd.com/papers/ijtsrd49724.pdf Paper URL: https://www.ijtsrd.com/other-scientific-research-area/other/49724/object-detection-in-uavs/shweta-kumar
Open Source Insight: Who Owns Linux? TRITON Attack, App Security Testing, Fut...Black Duck by Synopsys
We look at the three reasons you must attend the FLIGHT Amsterdam conference; how to build outstanding projects in the open source community; and why isn’t every app being security tested? Plus, in-depth into the TRITON attack; why 2018 is the year of open source; how open source is driving both IoT and AI and a webinar on the 2018 Open Source Rookies of the Year.
Open Source Insight is your weekly news resource for open source security and cybersecurity news!
1. The document describes a proposed object detection bot that uses a Raspberry Pi, camera modules, and cloud services from AWS to accurately detect objects like plastic bottles, metal cans, and abandoned baggage.
2. The system uses a hybrid approach with both edge computing on the Raspberry Pi using SSD object detection models, as well as AWS cloud services for storage, analytics, and notifications. Video feeds are ingested into AWS Kinesis and objects detected on the edge are sent to AWS SNS for notifications.
3. An evaluation showed the system could reliably detect objects and send notifications within seconds, demonstrating the feasibility of combining local edge computing and cloud services for object detection on resource-constrained devices.
A Survey on Vehicle Tracking System using IoTIRJET Journal
This document summarizes a survey on vehicle tracking systems using IoT. It discusses various approaches taken in previous research projects that implemented vehicle tracking using technologies like Arduino, Raspberry Pi, GPS, GSM, and databases. The survey compares using Arduino vs Raspberry Pi as the embedded platform and on-chip vs server-side data storage. It is concluded that Raspberry Pi provides faster processing and more RAM compared to Arduino, and server-side storage offers more security and flexibility than on-chip storage.
This document presents a proposed machine learning-based Android malware detection system. It discusses how Android devices are increasingly being targeted by malware due to the open nature of the Android app marketplace. The proposed system would use machine learning classifiers to analyze permission-based features and events from Android apps to classify them as goodware or malware. It would monitor apps and detect malware to enhance security and privacy for smartphone users. The system design uses k-means clustering and naive Bayes classification on XML and DEX file features to detect malware in two layers if needed.
Web Development in Advanced Threat PreventionIRJET Journal
This document discusses the development of a web application user interface (UI) for a security operations console and integrating it with real-time data using APIs and React technologies. It describes adding backend security features like preventing access from protected IP addresses and networks and preventing cross-site scripting attacks. The methodology used React, Redux, TypeScript, Ant Design and other frameworks to develop the UI according to a FIGMA design. It also details code to sanitize input fields to protect against XSS attacks and check IP addresses against protected networks and subnets. The pipeline results showed the build passing with all unit tests passing.
Android Malware Detection Literature ReviewAhmed Sabbah
This document provides an overview of Android malware detection approaches based on a literature review. It discusses static, dynamic, and hybrid analysis methods. Static methods examine app components and code without execution. Dynamic methods monitor running apps to log behaviors like API calls and network traffic. Hybrid approaches combine static and dynamic analysis. The document also outlines limitations like evasion techniques, lack of real device testing, and privacy concerns. It recommends future work in areas like improving machine learning models, detecting zero-day attacks, and preserving user privacy during dynamic analysis.
IRJET- Android Malware Detection using Machine LearningIRJET Journal
This document discusses using machine learning algorithms to detect Android malware. It aims to extract features from Android applications (APKs) and train machine learning models to classify APKs as malware or benign. The proposed approach extracts features from an APK's manifest file and decompiled code to identify permissions, URLs, API calls, and other indicators. Random forest classifiers are trained on a dataset of benign and malicious APKs to detect known malware families. The models can classify new APKs as either malware or benign, and if malware, identify the specific malware family. The approach aims to detect malware with high accuracy while reducing analysis time by processing multiple APKs in parallel.
The aim of the paper is to embed UAVs with A.I and explore possible application of the same. Face Recognition is needed and applicable in various fields like Defense, Health Care, Search and Rescue, Surveillance and Delivery System. Dataset creation, training and recognizer are the basis of Face recognition system. Face recognition systems developed are acceptably effective with detection and identification of the objects. We aim to create an artificial intelligence which is integrated in an UAV for face recognition and surveillance. We also intend to introduce anti collision system on the A.I to help the drone be safer and prevent damages to itself and the surround. The same is based on sonar sensors which would measure the distance the between the drone and object. Once detected the drone will maneuver itself out of the trajectory of collision. A path finding algorithm is part of the A.I to help the drone navigate 2 dimensional maps on its own. by integration of both object detection and path finding we aim to create an automated drone capable of functioning without human intervention of any kind. Shweta Kumar | Hasan Phudinawala | Chinmay Parab | Nidhi Parmar "Object Detection in UAVs" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-6 | Issue-3 , April 2022, URL: https://www.ijtsrd.com/papers/ijtsrd49724.pdf Paper URL: https://www.ijtsrd.com/other-scientific-research-area/other/49724/object-detection-in-uavs/shweta-kumar
Open Source Insight: Who Owns Linux? TRITON Attack, App Security Testing, Fut...Black Duck by Synopsys
We look at the three reasons you must attend the FLIGHT Amsterdam conference; how to build outstanding projects in the open source community; and why isn’t every app being security tested? Plus, in-depth into the TRITON attack; why 2018 is the year of open source; how open source is driving both IoT and AI and a webinar on the 2018 Open Source Rookies of the Year.
Open Source Insight is your weekly news resource for open source security and cybersecurity news!
1. The document describes a proposed object detection bot that uses a Raspberry Pi, camera modules, and cloud services from AWS to accurately detect objects like plastic bottles, metal cans, and abandoned baggage.
2. The system uses a hybrid approach with both edge computing on the Raspberry Pi using SSD object detection models, as well as AWS cloud services for storage, analytics, and notifications. Video feeds are ingested into AWS Kinesis and objects detected on the edge are sent to AWS SNS for notifications.
3. An evaluation showed the system could reliably detect objects and send notifications within seconds, demonstrating the feasibility of combining local edge computing and cloud services for object detection on resource-constrained devices.
A Survey on Vehicle Tracking System using IoTIRJET Journal
This document summarizes a survey on vehicle tracking systems using IoT. It discusses various approaches taken in previous research projects that implemented vehicle tracking using technologies like Arduino, Raspberry Pi, GPS, GSM, and databases. The survey compares using Arduino vs Raspberry Pi as the embedded platform and on-chip vs server-side data storage. It is concluded that Raspberry Pi provides faster processing and more RAM compared to Arduino, and server-side storage offers more security and flexibility than on-chip storage.
This document presents a proposed machine learning-based Android malware detection system. It discusses how Android devices are increasingly being targeted by malware due to the open nature of the Android app marketplace. The proposed system would use machine learning classifiers to analyze permission-based features and events from Android apps to classify them as goodware or malware. It would monitor apps and detect malware to enhance security and privacy for smartphone users. The system design uses k-means clustering and naive Bayes classification on XML and DEX file features to detect malware in two layers if needed.
Web Development in Advanced Threat PreventionIRJET Journal
This document discusses the development of a web application user interface (UI) for a security operations console and integrating it with real-time data using APIs and React technologies. It describes adding backend security features like preventing access from protected IP addresses and networks and preventing cross-site scripting attacks. The methodology used React, Redux, TypeScript, Ant Design and other frameworks to develop the UI according to a FIGMA design. It also details code to sanitize input fields to protect against XSS attacks and check IP addresses against protected networks and subnets. The pipeline results showed the build passing with all unit tests passing.
SYSTEM CALL DEPENDENCE GRAPH BASED BEHAVIOR DECOMPOSITION OF ANDROID APPLICAT...IJNSA Journal
This document discusses a proposed approach to map system-level behaviors of Android applications to Android APIs. The approach involves three steps: 1) obtaining an application's behavior through system-level tracking and symbolic execution, represented as System Call Dependence Graphs, 2) concurrently obtaining all Android APIs called by the application, and 3) mapping the System Call Dependence Graphs to the Android APIs based on system call entries and timestamps. This mapping could help identify potentially malicious applications trying to evade detection by avoiding direct use of Android APIs. The study shows this approach can effectively identify potential permission abuse with negligible performance impact.
ANDROINSPECTOR: A SYSTEM FOR COMPREHENSIVE ANALYSIS OF ANDROID APPLICATIONSIJNSA Journal
Android is an extensively used mobile platform and with evolution it has also witnessed an increased influx of malicious applications in its market place. The availability of multiple sources for downloading applications has also contributed to users falling prey to malicious applications. A major hindrance in blocking the entry of malicious applications into the Android market place is scarcity of effective mechanisms to identify malicious applications. This paper presents AndroInspector, a system for comprehensive analysis of an Android application using both static and dynamic analysis techniques. AndroInspector derives, extracts and analyses crucial features of Android applications using static analysis and subsequently classifies the application using machine learning techniques. Dynamic analysis includes automated execution of Android application to identify a set of pre-defined malicious actions performed by application at run-time.
Android is an extensively used mobile platform and with evolution it has also witnessed an increased influx of malicious applications in its market place. The availability of multiple sources for downloading applications has also contributed to users falling prey to malicious applications. A major hindrance in blocking the entry of malicious applications into the Android market place is scarcity of effective mechanisms to identify malicious applications. This paper presents AndroInspector, a system for comprehensive analysis of an Android application using both static and dynamic analysis techniques. And roInspector derives, extracts and analyses crucial features of Android applications using static analysis and subsequently classifies the application using machine learning techniques. Dynamic analysis includes automated execution of Android application to identify a set of pre-defined malicious actions performed by application at run-time.
IRJET - NETRA: Android Application for Visually Challenged People to Dete...IRJET Journal
This document summarizes an Android application called NETRA that was developed to help visually impaired users detect and recognize objects, people, and text using their mobile device. The application uses modules for object recognition, face recognition, and text recognition. Object recognition is implemented using TensorFlow and feature extraction algorithms. Face recognition uses the Dlib library and machine learning algorithms. Text recognition detects and segments text using a text recognizer. The application was created to help visually impaired users better navigate the world around them and interact with others by identifying objects, people, and reading text aloud to them through voice output.
Security and Authentication of Internet of Things (IoT) DevicesSanjayKumarYadav58
The proposed scheme deals with an authentication and security model for IoT applications. It is based on protecting the network from the intruders, decrease the authentication complexity and increase the communication efficiency of network devices. A signature based authentication scheme proposed for mutual authentication among users and devices in the network. The output of proposed scheme gives the better output compare to existing solutions in terms of End-To-End (E2E), Throughput, and Packet Delivery ratio. The proposed scheme implemented on Network Simulator (NS2).
Virtual Contact Discovery using Facial RecognitionIRJET Journal
The document describes a project that aims to use facial recognition as a means of contact discovery and metadata retrieval. The project seeks to optimize machine learning models for facial detection and verification in order to provide fast and accurate contact matching based on facial encodings. It outlines the objectives, scope, literature review, proposed system architecture and implementation details. The system would take facial landmarks and encodings to compare and rank the top 10 most similar encodings to identify matches from a database. The optimized model aims to reduce latency and improve accuracy for contact matching based on facial scans.
This document discusses construction startups and open source technology. It covers topics like Industry 4.0 with open source, open source movements, open source service markets, open source licenses, autonomous vehicles, deep learning, IoT, drones, 3D printing, cloud platforms, smart cities, BIM, VR/AR, robotics, blockchains, open data, and construction startups using open source technologies. The document provides references on these topics as well.
Bank Locker System Using Fingerprint Authentication & Image ProcessingIRJET Journal
This document proposes a bank locker system using fingerprint authentication and image processing. It begins with an abstract that describes increasing bank and locker theft as motivation for improving security. The current system of using two keys (one for the user and one for the bank) is described as having drawbacks like lost keys enabling unauthorized access.
The proposed system introduces a locker security system based on face recognition and fingerprint technology for banks, security offices, and homes. It would only allow authorized persons to access valuables from the locker. Face recognition would be done using active appearance model algorithm with CNN prediction on a Raspberry Pi processor. Fingerprint authentication would also be used to securely access the locker. When an authorized person tries to access the locker, the
This document describes a proposed 3M secure transportation system that provides security for people (drivers), vehicles, and cargo. The system uses several technologies including face recognition, fingerprint verification, vehicle tracking via GPS and GSM, and QR scanning of cargo. An Android application would be developed to integrate these security features and monitor them. The system is intended for mid-sized transportation businesses to help prevent theft of vehicles and cargo.
This document provides an overview of methodology and tools for testing the security of Android applications. It discusses static testing tools like MobSF, AndroBugs, QARK and VCG scanner that can analyze Android app code without executing the app. It also covers dynamic testing tools like BurpSuite, Inspeckage, LogCat, MobSF and Drozer that allow analyzing an app's behavior while it is executing. The document provides descriptions and links for each tool to help understand their capabilities and how they can be used for Android pentesting.
4 th International Conference on Signal Processing and Machine Learning (SIGM...ijscai
4
th International Conference on Signal Processing and Machine Learning (SIGML
2023) will provide an excellent international forum for sharing knowledge and results in
theory, methodology and applications of on Signal Processing and Machine Learning.
The aim of the conference is to provide a platform to the researchers and practitioners
from both academia as well as industry to meet and share cutting-edge development in
the field.
Authors are solicited to contribute to the conference by submitting articles that illustrate
research results, projects, surveying works and industrial experiences that describe
significant advances in the areas of Signal Processing and Machine Learning.
4 th International Conference on Signal Processing and Machine Learning (SIGM...ijesajournal
The 4th International Conference on Signal Processing and Machine Learning (SIGML 2023) will take place February 18-19, 2023 in Dubai, UAE. The conference aims to provide a forum for researchers and practitioners to share knowledge and results in signal processing and machine learning. Authors are invited to submit original research papers by December 17, 2022 on topics including digital signal processing, image processing, computer vision, machine learning applications, and deep learning. Selected papers will be published in the conference proceedings and special issues of related journals.
IJWMN -Malware Detection in IoT Systems using Machine Learning Techniquesijwmn
Malware detection in IoT environments necessitates robust methodologies. This study introduces a CNN-LSTM hybrid model for IoT malware identification and evaluates its performance against established methods. Leveraging K-fold cross-validation, the proposed approach achieved 95.5% accuracy, surpassing existing methods. The CNN algorithm enabled superior learning model construction, and the LSTM classifier exhibited heightened accuracy in classification. Comparative analysis against prevalent techniques demonstrated the efficacy of the proposed model, highlighting its potential for enhancing IoT security. The study advocates for future exploration of SVMs as alternatives, emphasizes the need for distributed detection strategies, and underscores the importance of predictive analyses for a more powerful IOT security. This research serves as a platform for developing more resilient security measures in IoT ecosystems.
MALWARE DETECTION IN IOT SYSTEMS USING MACHINE LEARNING TECHNIQUESijwmn
Malware detection in IoT environments necessitates robust methodologies. This study introduces
a CNN-LSTM hybrid model for IoT malware identification and evaluates its performance against
established methods. Leveraging K-fold cross-validation, the proposed approach achieved 95.5%
accuracy, surpassing existing methods. The CNN algorithm enabled superior learning model
construction, and the LSTM classifier exhibited heightened accuracy in classification.
Comparative analysis against prevalent techniques demonstrated the efficacy of the proposed
model, highlighting its potential for enhancing IoT security. The study advocates for future
exploration of SVMs as alternatives, emphasizes the need for distributed detection strategies, and
underscores the importance of predictive analyses for a more powerful IOT security. This
research serves as a platform for developing more resilient security measures in IoT ecosystems.
Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...Amélie Gyrard
Keynote “Trends on Data Graphs & Security for the Internet of Things”
(Extended Version) #WF-IoT World Forum Internet of Things
Workshop on #Security and #Privacy for #InternetofThings and Cyber-Physical Systems #CPS
#Security #Toolbox #Attacks and #Countermeasures #STAC
#Security #KnowledgeGraphs #Ontologies
Speaker: Dr. Ghislain Atemezing(Research & Development Director, MONDECA, Paris, France) @gatemezing
Credits: Dr. Amelie Gyrard (Kno.e.sis, Wright State University, Ohio, USA)
Proposed Workable Process Flow with Analysis Framework for Android Forensics ...theijes
Nowadays, android smartphones are becoming more popular and the greatest platform for mobile devices which has capability to run millions of mobile phones in about more than 200 countries. It may bring not only convenience for people but also crimes or security issues. Some people are committed the crimes by using the technology and mobile devices. So, android forensics is very important and necessary in cyber-crime investigation. With no doubt, this proposed process flow and framework will definitely support for android forensics in developing countries’ cyber-crime investigation. Because it provides to solve the crimes with applicable guidelines and includes Open Source Tools, Linux command-line utility, Android Debug Bridge (ADB) commands, Freeware tools and Proposed tools. Although forensics tools are non-commercial in this framework, they can cover and support for android forensics process.
With the development of autonomous development
technology, the need for additional applications to be used
inside and outside the vehicle is increasing. As a result of the
literature review, many applications have been developed to
display vehicle data directly on the monitor, with reflections
on glass, and on hardware devices. These applications have
been developed only for a defined problem and for a
particular autonomous system. In this study, a basic
autonomous vehicle software infrastructure and mobile
Augmented Reality application that can work on Android
devices have been developed. The Mobile Augmented Reality
app serves inside and outside the vehicle. In addition, this
application has been shown to support multiple autonomous
system infrastructures.
The document discusses using artificial intelligence and machine learning for lower-cost motion capture animation. It proposes a system that uses OpenCV and Unity to extract coordinates from uploaded video frames and generate animated character models without expensive motion capture suits. A Python script would detect 33 body points from a video and save the coordinates to a text file. Unity software would then use those coordinates to create animated spheres representing the body points and linking them to form a moving skeleton. The goal is to use AI and external software to enable affordable and innovative motion capture for the general public.
Immersive Learning That Works: Research Grounding and Paths ForwardLeonel Morgado
We will metaverse into the essence of immersive learning, into its three dimensions and conceptual models. This approach encompasses elements from teaching methodologies to social involvement, through organizational concerns and technologies. Challenging the perception of learning as knowledge transfer, we introduce a 'Uses, Practices & Strategies' model operationalized by the 'Immersive Learning Brain' and ‘Immersion Cube’ frameworks. This approach offers a comprehensive guide through the intricacies of immersive educational experiences and spotlighting research frontiers, along the immersion dimensions of system, narrative, and agency. Our discourse extends to stakeholders beyond the academic sphere, addressing the interests of technologists, instructional designers, and policymakers. We span various contexts, from formal education to organizational transformation to the new horizon of an AI-pervasive society. This keynote aims to unite the iLRN community in a collaborative journey towards a future where immersive learning research and practice coalesce, paving the way for innovative educational research and practice landscapes.
SYSTEM CALL DEPENDENCE GRAPH BASED BEHAVIOR DECOMPOSITION OF ANDROID APPLICAT...IJNSA Journal
This document discusses a proposed approach to map system-level behaviors of Android applications to Android APIs. The approach involves three steps: 1) obtaining an application's behavior through system-level tracking and symbolic execution, represented as System Call Dependence Graphs, 2) concurrently obtaining all Android APIs called by the application, and 3) mapping the System Call Dependence Graphs to the Android APIs based on system call entries and timestamps. This mapping could help identify potentially malicious applications trying to evade detection by avoiding direct use of Android APIs. The study shows this approach can effectively identify potential permission abuse with negligible performance impact.
ANDROINSPECTOR: A SYSTEM FOR COMPREHENSIVE ANALYSIS OF ANDROID APPLICATIONSIJNSA Journal
Android is an extensively used mobile platform and with evolution it has also witnessed an increased influx of malicious applications in its market place. The availability of multiple sources for downloading applications has also contributed to users falling prey to malicious applications. A major hindrance in blocking the entry of malicious applications into the Android market place is scarcity of effective mechanisms to identify malicious applications. This paper presents AndroInspector, a system for comprehensive analysis of an Android application using both static and dynamic analysis techniques. AndroInspector derives, extracts and analyses crucial features of Android applications using static analysis and subsequently classifies the application using machine learning techniques. Dynamic analysis includes automated execution of Android application to identify a set of pre-defined malicious actions performed by application at run-time.
Android is an extensively used mobile platform and with evolution it has also witnessed an increased influx of malicious applications in its market place. The availability of multiple sources for downloading applications has also contributed to users falling prey to malicious applications. A major hindrance in blocking the entry of malicious applications into the Android market place is scarcity of effective mechanisms to identify malicious applications. This paper presents AndroInspector, a system for comprehensive analysis of an Android application using both static and dynamic analysis techniques. And roInspector derives, extracts and analyses crucial features of Android applications using static analysis and subsequently classifies the application using machine learning techniques. Dynamic analysis includes automated execution of Android application to identify a set of pre-defined malicious actions performed by application at run-time.
IRJET - NETRA: Android Application for Visually Challenged People to Dete...IRJET Journal
This document summarizes an Android application called NETRA that was developed to help visually impaired users detect and recognize objects, people, and text using their mobile device. The application uses modules for object recognition, face recognition, and text recognition. Object recognition is implemented using TensorFlow and feature extraction algorithms. Face recognition uses the Dlib library and machine learning algorithms. Text recognition detects and segments text using a text recognizer. The application was created to help visually impaired users better navigate the world around them and interact with others by identifying objects, people, and reading text aloud to them through voice output.
Security and Authentication of Internet of Things (IoT) DevicesSanjayKumarYadav58
The proposed scheme deals with an authentication and security model for IoT applications. It is based on protecting the network from the intruders, decrease the authentication complexity and increase the communication efficiency of network devices. A signature based authentication scheme proposed for mutual authentication among users and devices in the network. The output of proposed scheme gives the better output compare to existing solutions in terms of End-To-End (E2E), Throughput, and Packet Delivery ratio. The proposed scheme implemented on Network Simulator (NS2).
Virtual Contact Discovery using Facial RecognitionIRJET Journal
The document describes a project that aims to use facial recognition as a means of contact discovery and metadata retrieval. The project seeks to optimize machine learning models for facial detection and verification in order to provide fast and accurate contact matching based on facial encodings. It outlines the objectives, scope, literature review, proposed system architecture and implementation details. The system would take facial landmarks and encodings to compare and rank the top 10 most similar encodings to identify matches from a database. The optimized model aims to reduce latency and improve accuracy for contact matching based on facial scans.
This document discusses construction startups and open source technology. It covers topics like Industry 4.0 with open source, open source movements, open source service markets, open source licenses, autonomous vehicles, deep learning, IoT, drones, 3D printing, cloud platforms, smart cities, BIM, VR/AR, robotics, blockchains, open data, and construction startups using open source technologies. The document provides references on these topics as well.
Bank Locker System Using Fingerprint Authentication & Image ProcessingIRJET Journal
This document proposes a bank locker system using fingerprint authentication and image processing. It begins with an abstract that describes increasing bank and locker theft as motivation for improving security. The current system of using two keys (one for the user and one for the bank) is described as having drawbacks like lost keys enabling unauthorized access.
The proposed system introduces a locker security system based on face recognition and fingerprint technology for banks, security offices, and homes. It would only allow authorized persons to access valuables from the locker. Face recognition would be done using active appearance model algorithm with CNN prediction on a Raspberry Pi processor. Fingerprint authentication would also be used to securely access the locker. When an authorized person tries to access the locker, the
This document describes a proposed 3M secure transportation system that provides security for people (drivers), vehicles, and cargo. The system uses several technologies including face recognition, fingerprint verification, vehicle tracking via GPS and GSM, and QR scanning of cargo. An Android application would be developed to integrate these security features and monitor them. The system is intended for mid-sized transportation businesses to help prevent theft of vehicles and cargo.
This document provides an overview of methodology and tools for testing the security of Android applications. It discusses static testing tools like MobSF, AndroBugs, QARK and VCG scanner that can analyze Android app code without executing the app. It also covers dynamic testing tools like BurpSuite, Inspeckage, LogCat, MobSF and Drozer that allow analyzing an app's behavior while it is executing. The document provides descriptions and links for each tool to help understand their capabilities and how they can be used for Android pentesting.
4 th International Conference on Signal Processing and Machine Learning (SIGM...ijscai
4
th International Conference on Signal Processing and Machine Learning (SIGML
2023) will provide an excellent international forum for sharing knowledge and results in
theory, methodology and applications of on Signal Processing and Machine Learning.
The aim of the conference is to provide a platform to the researchers and practitioners
from both academia as well as industry to meet and share cutting-edge development in
the field.
Authors are solicited to contribute to the conference by submitting articles that illustrate
research results, projects, surveying works and industrial experiences that describe
significant advances in the areas of Signal Processing and Machine Learning.
4 th International Conference on Signal Processing and Machine Learning (SIGM...ijesajournal
The 4th International Conference on Signal Processing and Machine Learning (SIGML 2023) will take place February 18-19, 2023 in Dubai, UAE. The conference aims to provide a forum for researchers and practitioners to share knowledge and results in signal processing and machine learning. Authors are invited to submit original research papers by December 17, 2022 on topics including digital signal processing, image processing, computer vision, machine learning applications, and deep learning. Selected papers will be published in the conference proceedings and special issues of related journals.
IJWMN -Malware Detection in IoT Systems using Machine Learning Techniquesijwmn
Malware detection in IoT environments necessitates robust methodologies. This study introduces a CNN-LSTM hybrid model for IoT malware identification and evaluates its performance against established methods. Leveraging K-fold cross-validation, the proposed approach achieved 95.5% accuracy, surpassing existing methods. The CNN algorithm enabled superior learning model construction, and the LSTM classifier exhibited heightened accuracy in classification. Comparative analysis against prevalent techniques demonstrated the efficacy of the proposed model, highlighting its potential for enhancing IoT security. The study advocates for future exploration of SVMs as alternatives, emphasizes the need for distributed detection strategies, and underscores the importance of predictive analyses for a more powerful IOT security. This research serves as a platform for developing more resilient security measures in IoT ecosystems.
MALWARE DETECTION IN IOT SYSTEMS USING MACHINE LEARNING TECHNIQUESijwmn
Malware detection in IoT environments necessitates robust methodologies. This study introduces
a CNN-LSTM hybrid model for IoT malware identification and evaluates its performance against
established methods. Leveraging K-fold cross-validation, the proposed approach achieved 95.5%
accuracy, surpassing existing methods. The CNN algorithm enabled superior learning model
construction, and the LSTM classifier exhibited heightened accuracy in classification.
Comparative analysis against prevalent techniques demonstrated the efficacy of the proposed
model, highlighting its potential for enhancing IoT security. The study advocates for future
exploration of SVMs as alternatives, emphasizes the need for distributed detection strategies, and
underscores the importance of predictive analyses for a more powerful IOT security. This
research serves as a platform for developing more resilient security measures in IoT ecosystems.
Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...Amélie Gyrard
Keynote “Trends on Data Graphs & Security for the Internet of Things”
(Extended Version) #WF-IoT World Forum Internet of Things
Workshop on #Security and #Privacy for #InternetofThings and Cyber-Physical Systems #CPS
#Security #Toolbox #Attacks and #Countermeasures #STAC
#Security #KnowledgeGraphs #Ontologies
Speaker: Dr. Ghislain Atemezing(Research & Development Director, MONDECA, Paris, France) @gatemezing
Credits: Dr. Amelie Gyrard (Kno.e.sis, Wright State University, Ohio, USA)
Proposed Workable Process Flow with Analysis Framework for Android Forensics ...theijes
Nowadays, android smartphones are becoming more popular and the greatest platform for mobile devices which has capability to run millions of mobile phones in about more than 200 countries. It may bring not only convenience for people but also crimes or security issues. Some people are committed the crimes by using the technology and mobile devices. So, android forensics is very important and necessary in cyber-crime investigation. With no doubt, this proposed process flow and framework will definitely support for android forensics in developing countries’ cyber-crime investigation. Because it provides to solve the crimes with applicable guidelines and includes Open Source Tools, Linux command-line utility, Android Debug Bridge (ADB) commands, Freeware tools and Proposed tools. Although forensics tools are non-commercial in this framework, they can cover and support for android forensics process.
With the development of autonomous development
technology, the need for additional applications to be used
inside and outside the vehicle is increasing. As a result of the
literature review, many applications have been developed to
display vehicle data directly on the monitor, with reflections
on glass, and on hardware devices. These applications have
been developed only for a defined problem and for a
particular autonomous system. In this study, a basic
autonomous vehicle software infrastructure and mobile
Augmented Reality application that can work on Android
devices have been developed. The Mobile Augmented Reality
app serves inside and outside the vehicle. In addition, this
application has been shown to support multiple autonomous
system infrastructures.
The document discusses using artificial intelligence and machine learning for lower-cost motion capture animation. It proposes a system that uses OpenCV and Unity to extract coordinates from uploaded video frames and generate animated character models without expensive motion capture suits. A Python script would detect 33 body points from a video and save the coordinates to a text file. Unity software would then use those coordinates to create animated spheres representing the body points and linking them to form a moving skeleton. The goal is to use AI and external software to enable affordable and innovative motion capture for the general public.
Similar to On the Soundness of Android Static Analysis (20)
Immersive Learning That Works: Research Grounding and Paths ForwardLeonel Morgado
We will metaverse into the essence of immersive learning, into its three dimensions and conceptual models. This approach encompasses elements from teaching methodologies to social involvement, through organizational concerns and technologies. Challenging the perception of learning as knowledge transfer, we introduce a 'Uses, Practices & Strategies' model operationalized by the 'Immersive Learning Brain' and ‘Immersion Cube’ frameworks. This approach offers a comprehensive guide through the intricacies of immersive educational experiences and spotlighting research frontiers, along the immersion dimensions of system, narrative, and agency. Our discourse extends to stakeholders beyond the academic sphere, addressing the interests of technologists, instructional designers, and policymakers. We span various contexts, from formal education to organizational transformation to the new horizon of an AI-pervasive society. This keynote aims to unite the iLRN community in a collaborative journey towards a future where immersive learning research and practice coalesce, paving the way for innovative educational research and practice landscapes.
Current Ms word generated power point presentation covers major details about the micronuclei test. It's significance and assays to conduct it. It is used to detect the micronuclei formation inside the cells of nearly every multicellular organism. It's formation takes place during chromosomal sepration at metaphase.
Travis Hills of MN is Making Clean Water Accessible to All Through High Flux ...Travis Hills MN
By harnessing the power of High Flux Vacuum Membrane Distillation, Travis Hills from MN envisions a future where clean and safe drinking water is accessible to all, regardless of geographical location or economic status.
Mending Clothing to Support Sustainable Fashion_CIMaR 2024.pdfSelcen Ozturkcan
Ozturkcan, S., Berndt, A., & Angelakis, A. (2024). Mending clothing to support sustainable fashion. Presented at the 31st Annual Conference by the Consortium for International Marketing Research (CIMaR), 10-13 Jun 2024, University of Gävle, Sweden.
Sexuality - Issues, Attitude and Behaviour - Applied Social Psychology - Psyc...PsychoTech Services
A proprietary approach developed by bringing together the best of learning theories from Psychology, design principles from the world of visualization, and pedagogical methods from over a decade of training experience, that enables you to: Learn better, faster!
The binding of cosmological structures by massless topological defectsSérgio Sacani
Assuming spherical symmetry and weak field, it is shown that if one solves the Poisson equation or the Einstein field
equations sourced by a topological defect, i.e. a singularity of a very specific form, the result is a localized gravitational
field capable of driving flat rotation (i.e. Keplerian circular orbits at a constant speed for all radii) of test masses on a thin
spherical shell without any underlying mass. Moreover, a large-scale structure which exploits this solution by assembling
concentrically a number of such topological defects can establish a flat stellar or galactic rotation curve, and can also deflect
light in the same manner as an equipotential (isothermal) sphere. Thus, the need for dark matter or modified gravity theory is
mitigated, at least in part.
ESA/ACT Science Coffee: Diego Blas - Gravitational wave detection with orbita...Advanced-Concepts-Team
Presentation in the Science Coffee of the Advanced Concepts Team of the European Space Agency on the 07.06.2024.
Speaker: Diego Blas (IFAE/ICREA)
Title: Gravitational wave detection with orbital motion of Moon and artificial
Abstract:
In this talk I will describe some recent ideas to find gravitational waves from supermassive black holes or of primordial origin by studying their secular effect on the orbital motion of the Moon or satellites that are laser ranged.
The cost of acquiring information by natural selectionCarl Bergstrom
This is a short talk that I gave at the Banff International Research Station workshop on Modeling and Theory in Population Biology. The idea is to try to understand how the burden of natural selection relates to the amount of information that selection puts into the genome.
It's based on the first part of this research paper:
The cost of information acquisition by natural selection
Ryan Seamus McGee, Olivia Kosterlitz, Artem Kaznatcheev, Benjamin Kerr, Carl T. Bergstrom
bioRxiv 2022.07.02.498577; doi: https://doi.org/10.1101/2022.07.02.498577
ESR spectroscopy in liquid food and beverages.pptxPRIYANKA PATEL
With increasing population, people need to rely on packaged food stuffs. Packaging of food materials requires the preservation of food. There are various methods for the treatment of food to preserve them and irradiation treatment of food is one of them. It is the most common and the most harmless method for the food preservation as it does not alter the necessary micronutrients of food materials. Although irradiated food doesn’t cause any harm to the human health but still the quality assessment of food is required to provide consumers with necessary information about the food. ESR spectroscopy is the most sophisticated way to investigate the quality of the food and the free radicals induced during the processing of the food. ESR spin trapping technique is useful for the detection of highly unstable radicals in the food. The antioxidant capability of liquid food and beverages in mainly performed by spin trapping technique.
The debris of the ‘last major merger’ is dynamically youngSérgio Sacani
The Milky Way’s (MW) inner stellar halo contains an [Fe/H]-rich component with highly eccentric orbits, often referred to as the
‘last major merger.’ Hypotheses for the origin of this component include Gaia-Sausage/Enceladus (GSE), where the progenitor
collided with the MW proto-disc 8–11 Gyr ago, and the Virgo Radial Merger (VRM), where the progenitor collided with the
MW disc within the last 3 Gyr. These two scenarios make different predictions about observable structure in local phase space,
because the morphology of debris depends on how long it has had to phase mix. The recently identified phase-space folds in Gaia
DR3 have positive caustic velocities, making them fundamentally different than the phase-mixed chevrons found in simulations
at late times. Roughly 20 per cent of the stars in the prograde local stellar halo are associated with the observed caustics. Based
on a simple phase-mixing model, the observed number of caustics are consistent with a merger that occurred 1–2 Gyr ago.
We also compare the observed phase-space distribution to FIRE-2 Latte simulations of GSE-like mergers, using a quantitative
measurement of phase mixing (2D causticality). The observed local phase-space distribution best matches the simulated data
1–2 Gyr after collision, and certainly not later than 3 Gyr. This is further evidence that the progenitor of the ‘last major merger’
did not collide with the MW proto-disc at early times, as is thought for the GSE, but instead collided with the MW disc within
the last few Gyr, consistent with the body of work surrounding the VRM.
11.1 Role of physical biological in deterioration of grains.pdf
On the Soundness of Android Static Analysis
1. On the Soundness of
Android Static Analysis
15th September
2023
Dr. Jordan Samhi
The 6th International Workshop on
Advances in Mobile App Analysis
Luxembourg
CISPA – Helmholtz Center for Information Security
2. Who Am I?
Dr. Jordan Samhi
Post-doc at CISPA – Helmholtz Center for Information
Security
Research group: Software Research
jordan.samhi@cispa.de
https://www.jordansamhi.com
15th September 2023 - Jordan Samhi
2
3. On the Soundness of Android Static Analysis
Solutions and open challenges
15th September 2023 - Jordan Samhi
3
4. “
> 6 billion people own a
smartphone
> 71% are Android-based
> Sensitive data
15th September 2023 - Jordan Samhi
4
13. // Main Activity
protected void onCreate(Bundle b) {
Intent i = new Intent(this,TargetActivity.class);
i.putExtra("test", "value");
startActivity(i);
}
// Target Activity
protected void onCreate(Bundle b) {
Intent i = getIntent();
String msg = i.getStringExtra("test");
Log.i(“Test”, msg);
}
● sendBroadcast
● sendBroadcastAsUser
● sendOrderedBroadcast
● sendOrderedBroadcastAsUser
● sendStickyBroadcast
● sendStickyBroadcastAsUser
● sendStickyOrderedBroadcast
● sendStickyOrderedBroadcastAsUser
● startActivities
● startActivity
● startActivityForResult
● startActivityFromChild
● startActivityFromFragment
● startActivityIfNeeded
● startService
● bindService
15th September 2023 - Jordan Samhi
13
14. // Main Activity
protected void onCreate(Bundle b) {
Intent i = new Intent(this,TargetActivity.class);
i.putExtra("test", "value");
PendingIntent pi = PendingIntent.getActivity(this, 0, i, 0);
SmsManager sm = SmsManager.getDefault();
sm.sendTextMessage(“0”, null, “0”, pi, null);
} // Target Activity
protected void onCreate(Bundle b) {
Intent i = getIntent();
String msg = i.getStringExtra("test");
Log.i(“Test”, msg);
}
Atypical Inter-Component Communication (AICC)
15th September 2023 - Jordan Samhi
14
15. What are the
problems?
• What are AICC methods?
• How to reveal AICC
methods to existing
analyzers?
15th September 2023 - Jordan Samhi
15
16. ● setRepeating
● requestLocationUpdates
● registerNetworkCallback
● setCancelButtonIntent
● sendMultimediaMessage
● setOnClickPendingIntent
● onSuccess
● installExistingPackage
● startDownloadServiceIfRequired
● sendTextMessage
● addAction
● setExact
● setFullScreenIntent
● setDeleteIntent
● setPendingIntentTemplate
● setLatestEventInfo
● setInexactRepeating
● etc.
Systematic study of the Android
Framework
15th September 2023 - Jordan Samhi
16
17. Revealing Atypical Inter-Component Communication
STEP 1
STEP 2
STEP 3
STEP 4
RAICC leverages the IFDS framework to propagate Intents to
PendingIntent objects
RAICC leverages the IFDS framework to propagate target
component type to PendingIntent objects
App instrumentation to add typical ICC method depending on
Intent targets
App is repackaged
Main idea: add typical ICC calls for existing analyzers
15th September 2023 - Jordan Samhi
17
18. Revealing Atypical Inter-Component Communication
STEP 1
What Intents are “linked” to this PendingIntent?
PendingIntentx {Intenta, …, Intentn}
↦
15th September 2023 - Jordan Samhi
18
19. Revealing Atypical Inter-Component Communication
STEP 2
What is the type of the target component that the
PendingIntent refers to?
PendingIntentx {“activity”, “service”}
↦
15th September 2023 - Jordan Samhi
19
20. Revealing Atypical Inter-Component Communication
STEP 3
// Main Activity
protected void onCreate(Bundle b) {
Intent i = new Intent(this,TargetActivity.class);
i.putExtra("test", "value");
PendingIntent pi = PendingIntent.getActivity(this, 0, i, 0);
SmsManager sm = SmsManager.getDefault();
sm.sendTextMessage(“0”, null, “0”, pi, null);
pi
i
↦ { }
pi
↦ { }
Activity
} startActivity(i);
15th September 2023 - Jordan Samhi
20
21. Revealing Atypical Inter-Component Communication
STEP 4
15th September 2023 - Jordan Samhi
21
// Main Activity
protected void onCreate(Bundle b) {
Intent i = new Intent(this,TargetActivity.class);
i.putExtra("test", "value");
PendingIntent pi = PendingIntent.getActivity(this, 0, i, 0);
SmsManager sm = SmsManager.getDefault();
sm.sendTextMessage(“0”, null, “0”, pi, null);
startActivity(i);
}
23. Main Results
Number of ICC links found by IC3
5 000 goodware 5 000 malware
Before RAICC 20 300 16 222
After RAICC 25 708 26 223
Improvement
+ 5408
(+26.2%)
+10 001
(+61.6%)
15th September 2023 - Jordan Samhi
23
25. Reflection
Callback
ICC
?
?
J. Samhi et al., “RAICC: Revealing
Atypical Inter-Component Communication
in Android apps”, ICSE 2021.
● RAICC improves ICC modeling
● It is is already used by
collaborators
● It is maintained
● Improvable on-demand
● RAICC and artifacts are available
at:
https://github.com/JordanSamhi/RAICC
15th September 2023 - Jordan Samhi
25
33. First part: NativeDiscloser
Extracting native methods information
Method call in the bytecode – native function
Static registration:
nativeGetImei – Java_com_example_app_MainActivity_nativeGetImei
Dynamic registration:
nativeGetImei – some_native_function
15th September 2023 - Jordan Samhi
33
43. Main results
Number of nodes and edges computed by Soot with
and without JuCify
43
15th September 2023 - Jordan Samhi
44. Reflection
Callback
ICC
?
?
J. Samhi et al., “RAICC: Revealing
Atypical Inter-Component Communication
in Android apps”, ICSE 2021.
15th September 2023 - Jordan Samhi
44
45. Reflection
Callback
ICC
?
J. Samhi et al., “RAICC: Revealing
Atypical Inter-Component Communication
in Android apps”, ICSE 2021.
J. Samhi et al., “JuCify: A Step Towards
Android Code Unification for Enhanced
Static Analysis”, ICSE 2022.
https://github.com/JordanSamhi/JuCify
● We proposed a new approach to
unify the bytecode and native code
representations
● We demonstrated how JuCify is a
step toward code unification
● JuCify and artifacts are available at:
15th September 2023 - Jordan Samhi
45
46. Logic Bomb detection
If (…)
[ ]
[ ]
Normal
Abnormal
Check out: J. Samhi, et al. "Difuzer: Uncovering suspicious hidden
sensitive operations in android apps." ICSE 2022.
15th September 2023 - Jordan Samhi
46
47. Reflection
Callback
ICC
J. Samhi et al., “RAICC: Revealing
Atypical Inter-Component Communication
in Android apps”, ICSE 2021.
J. Samhi et al., ”Implicit calls triggered
under certain circumstances”
15th September 2023 - Jordan Samhi
47
J. Samhi et al., “JuCify: A Step Towards
Android Code Unification for Enhanced
Static Analysis”, ICSE 2022.
55. What is currently covered by static
analyzers?
How can frameworks be effectively
represented through static modeling?
How can multi-language software be
effectively represented through static
modeling?
15th September 2023 - Jordan Samhi
55
59. How can frameworks be effectively
represented through static
modeling?
Software are systems, they interact with
components
15th September 2023 - Jordan Samhi
59
60. How can frameworks be effectively
represented through static
modeling?
15th September 2023 - Jordan Samhi
60
61. 1 – Identify development frameworks
How can frameworks be effectively
represented through static
modeling?
15th September 2023 - Jordan Samhi
61
2 – Statically find entry and exit points to and from
frameworks
3 – Propose a static model that connects the dots
62. How can multi-language software be
effectively represented through static
modeling?
15th September 2023 - Jordan Samhi
62
63. WebView wv = new WebView(context);
setContentView(wv);
webView.loadUrl("www.example.com");
WebSettings settings = wv.getSettings();
settings.setJavaScriptEnabled(true);
How can multi-language software be
effectively represented through static
modeling?
15th September 2023 - Jordan Samhi
63
64. 1 – Study the static analysis ecosystem of different languages
2 –To what extent existing tools can be bridged with existing
frameworks
3 – Investigate how to provide unified static model
How can multi-language software be
effectively represented through static
modeling?
15th September 2023 - Jordan Samhi
64
65. Implications for Security
Better Static Code Modeling
=
Better Code Coverage
15th September 2023 - Jordan Samhi
65
Data leak detection
Aggressive Ads
Trojan horses
Logic vulnerabilities
SQL injection detection
Sensitive operations
detection
Bug detection
Type state misuse detection
Crypto API misuse
Type confusion detection
Hijacking
Spyware
Vulnerability detection
Privacy policy compliance
Logic bombs
GDPR compliance
66. 15th September 2023 - Jordan Samhi
66
Real Behavior
m()
n()
Soundness of Program Analysis
15th September 2023 - Jordan Samhi
9
Reflection
Callback
ICC
Native Code
Conditional implicit calls
AICC
?
?
?
?
?
?
?
?
Analyzing the Unanalyzable
My Dream in Program Analysis
Find the Ultimate
Abstractions
What is currently covered by static analyzers?
How can frameworks be effectively represented
through static modeling?
How can multi-language software be effectively
represented through static modeling?
7th February 2023 - Jordan Samhi