Today’s smartphone operating systems frequently fail to provide users with visibility into how third-party applications collect and share their private data. We address these shortcomings with TaintDroid, an efficient, system-wide dynamic taint tracking and analysis system capable of simultaneously tracking multiple sources of sensitive data. TaintDroid enables realtime analysis by leveraging Android’s virtualized execution environment. TaintDroid incurs only 32p performance overhead on a CPU-bound microbenchmark and imposes negligible overhead on interactive third-party applications. Using TaintDroid to monitor the behavior of 30 popular third-party Android applications, in our 2010 study we found 20 applications potentially misused users’ private information; so did a similar fraction of the tested applications in our 2012 study. Monitoring the flow of privacy-sensitive data with TaintDroid provides valuable input for smartphone users and security service firms seeking to identify misbehaving applications.

/pdf/taintdroid-an-information-flow-tracking-system-for-realtime-5d8smsr0iy.pdf

TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones

Today's smartphone operating systems frequently fail to provide users with adequate control over and visibility into how third-party applications use their private data. We address these shortcomings with TaintDroid, an efficient, system-wide dynamic taint tracking and analysis system capable of simultaneously tracking multiple sources of sensitive data. TaintDroid provides realtime analysis by leveraging Android's virtualized execution environment. TaintDroid incurs only 14% performance overhead on a CPU-bound micro-benchmark and imposes negligible overhead on interactive third-party applications. Using TaintDroid to monitor the behavior of 30 popular third-party Android applications, we found 68 instances of potential misuse of users' private information across 20 applications. Monitoring sensitive data with TaintDroid provides informed use of third-party applications for phone users and valuable input for smartphone security service firms seeking to identify misbehaving applications.

/pdf/taintdroid-an-information-flow-tracking-system-for-realtime-3fnz9lwdso.pdf

TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones

Towards sustainable smart cities: A review of trends, architectures, components, and open challenges in smart cities

Modern smartphone operating systems support the development of third-party applications with open system APIs. In addition to an open API, the Android operating system also provides a rich inter-application message passing system. This encourages inter-application collaboration and reduces developer burden by facilitating component reuse. Unfortunately, message passing is also an application attack surface. The content of messages can be sniffed, modified, stolen, or replaced, which can compromise user privacy. Also, a malicious application can inject forged or otherwise malicious messages, which can lead to breaches of user data and violate application security policies.We examine Android application interaction and identify security risks in application components. We provide a tool, ComDroid, that detects application communication vulnerabilities. ComDroid can be used by developers to analyze their own applications before release, by application reviewers to analyze applications in the Android Market, and by end users. We analyzed 20 applications with the help of ComDroid and found 34 exploitable vulnerabilities; 12 of the 20 applications have at least one vulnerability.

/pdf/analyzing-inter-application-communication-in-android-ugwi6nj0xw.pdf

Analyzing inter-application communication in Android

Anti-virus vendors are confronted with a multitude of potentially malicious samples today. Receiving thousands of new samples every day is not uncommon. The signatures that detect confirmed malicious threats are mainly still created manually, so it is important to discriminate between samples that pose a new unknown threat and those that are mere variants of known malware.This survey article provides an overview of techniques based on dynamic analysis that are used to analyze potentially malicious samples. It also covers analysis programs that leverage these It also covers analysis programs that employ these techniques to assist human analysts in assessing, in a timely and appropriate manner, whether a given sample deserves closer manual inspection due to its unknown malicious behavior.

/pdf/a-survey-on-automated-dynamic-malware-analysis-techniques-2b10kp3xz0.pdf

A survey on automated dynamic malware-analysis techniques and tools

The Web has become an indispensable part of our lives. Unfortunately, as our dependency on the Web increases, so does the interest of attackers in exploiting Web applications and Web-based information systems. Previous work in the field of Web application security has mainly focused on the mitigation of cross site scripting (XSS) and SQL injection attacks. In contrast, cross site request forgery (XSRF) attacks have not received much attention. In an XSRF attack, the trust of a Web application in its authenticated users is exploited by letting the attacker make arbitrary HTTP requests on behalf of a victim user. The problem is that Web applications typically act upon such requests without verifying that the performed actions are indeed intentional. Because XSRF is a relatively new security problem, it is largely unknown by Web application developers. As a result, there exist many Web applications that are vulnerable to XSRF. Unfortunately, existing mitigation approaches are time-consuming and error-prone, as they require manual effort to integrate defense techniques into existing systems. In this paper, we present a solution that provides a completely automatic protection from XSRF attacks. More precisely, our approach is based on a server-side proxy that detects and prevents XSRF attacks in a way that is transparent to users as well as to the Web application itself. We provide experimental results that demonstrate that we can use our prototype to secure a number of popular open-source Web applications, without negatively affecting their behavior

Preventing Cross Site Request Forgery Attacks

The number and the importance of web applications have increased rapidly over the last years. At the same time, the quantity and impact of security vulnerabilities in such applications have grown as well. Since manual code reviews are time-consuming, error-prone and costly, the need for automated solutions has become evident. In this paper, we address the problem of vulnerable web applications by means of static source code analysis. To this end, we present a novel, precise alias analysis targeted at the unique reference semantics commonly found in scripting languages. Moreover, we enhance the quality and quantity of the generated vulnerability reports by employing a novel, iterative two-phase algorithm for fast and precise resolution of file inclusions.We integrated the presented concepts into Pixy~\cite{jovanovic06:pixy_short}, a high-precision static analysis tool aimed at detecting cross-site scripting vulnerabilities in PHP scripts. To demonstrate the effectiveness of our techniques, we analyzed three web applications and discovered 106 vulnerabilities. Both the high analysis speed as well as the low number of generated false positives show that our techniques can be used for conducting effective security audits.

/pdf/precise-alias-analysis-for-static-detection-of-web-4me208fap1.pdf

Precise alias analysis for static detection of web application vulnerabilities

Client-side cross-site scripting protection

The number and the importance of web applications have increased rapidly over the last years. At the same time, the quantity and impact of security vulnerabilities in such applications have grown as well. Since manual code reviews are time-consuming, error-prone and costly, the need for automated solutions has become evident.

In this paper, we address the problem of vulnerable web applications by means of static source code analysis. More precisely, we use flow-sensitive, interprocedural and context-sensitive data flow analysis to discover vulnerable points in a program. In addition to the taint analysis at the core of our engine, we employ a precise alias analysis targeted at the unique reference semantics commonly found in scripting languages. Moreover, we enhance the quality and quantity of the generated vulnerability reports by employing an iterative two-phase algorithm for fast and precise resolution of file inclusions. The presented concepts are targeted at the general class of taint-style vulnerabilities and can be easily applied to the detection of vulnerability types such as SQL injection, cross-site scripting (XSS), and command injection.

We implemented the presented concepts in Pixy, a high-precision static analysis tool aimed at detecting cross-site scripting and SQL injection vulnerabilities in PHP programs. To demonstrate the effectiveness of our techniques, we analyzed a number of popular, open-source web applications and discovered hundreds of previously unknown vulnerabilities. Both the high analysis speed as well as the low number of generated false positives show that our techniques can be used for conducting effective security audits.

/pdf/static-analysis-for-detecting-taint-style-vulnerabilities-in-1um5cljvao.pdf

Static analysis for detecting taint-style vulnerabilities in web applications

Artificial neural networks are an integral part of the curriculum in many undergraduate computer science programs. This paper introduces NNeduca, a simulation software system designed to teach undergraduate students the fundamental concepts of artificial neural networks. The system is written in Java and aims to provide an intuitive user interface, support for research and learning activities, and the ability to expand. This tool allows students to design and train a neural network with any architecture they desire and visualize some artificial neural network theoretical concepts such as definitions, topologies, training methods, and structure. An overview of educational software systems to aid in learning the fundamental concepts of neural networks was created based on a systematic literature review. A comparison of existing simulation systems and the developed NNeduca tool was performed in this paper. The evaluation was carried out using a newly developed model for assessing the quality of selected systems using established criteria formed as a result of a thorough examination of relevant methods of evaluating educational software. The usability evaluation results show that the NNeduca tool received the highest ratings, indicating that it can significantly improve the teaching process in artificial neural network courses. 

Nenad Jovanovic

Papers

Preventing Cross Site Request Forgery Attacks

Precise alias analysis for static detection of web application vulnerabilities

Client-side cross-site scripting protection

Static analysis for detecting taint-style vulnerabilities in web applications

NNeduca: A software environment to teach artificial neural networks