111 |
Graphical Representations of Security Settings in AndroidJanuary 2015 (has links)
abstract: On Android, existing security procedures require apps to request permissions for access to sensitive resources.
Only when the user approves the requested permissions will the app be installed.
However, permissions are an incomplete security mechanism.
In addition to a user's limited understanding of permissions, the mechanism does not account for the possibility that different permissions used together have the ability to be more dangerous than any single permission alone.
Even if users did understand the nature of an app's requested permissions, this mechanism is still not enough to guarantee that a user's information is protected.
Applications can potentially send or receive sensitive information from other applications without the required permissions by using intents.
In other words, applications can potentially collaborate in ways unforeseen by the user, even if the user understands the permissions of each app independently.
In this thesis, we present several graph-based approaches to address these issues.
We determine the permissions of an app and generate scores based on our assigned value of certain resources.
We analyze these scores overall, as well as in the context of the app's category as determined by Google Play.
We show that these scores can be used to identify overzealous apps, as well as apps that do not properly fit within their category.
We analyze potential interactions between different applications using intents, and identify several promiscuous apps with low permission scores, showing that permissions alone are not sufficient to evaluate the security risks of an app.
Our analyses can form the basis of a system to assist users in identifying apps that can potentially compromise user privacy. / Dissertation/Thesis / Permission Scores and List of Apps considered for each category. / Masters Thesis Computer Science 2015
|
112 |
Toward Monitoring, Assessing, and Confining Mobile Applications in Modern Mobile PlatformsJanuary 2015 (has links)
abstract: Smartphones are pervasive nowadays. They are supported by mobile platforms that allow users to download and run feature-rich mobile applications (apps). While mobile apps help users conveniently process personal data on mobile devices, they also pose security and privacy threats and put user's data at risk. Even though modern mobile platforms such as Android have integrated security mechanisms to protect users, most mechanisms do not easily adapt to user's security requirements and rapidly evolving threats. They either fail to provide sufficient intelligence for a user to make informed security decisions, or require great sophistication to configure the mechanisms for enforcing security decisions. These limitations lead to a situation where users are disadvantageous against emerging malware on modern mobile platforms. To remedy this situation, I propose automated and systematic approaches to address three security management tasks: monitoring, assessment, and confinement of mobile apps. In particular, monitoring apps helps a user observe and record apps' runtime behaviors as controlled under security mechanisms. Automated assessment distills intelligence from the observed behaviors and the security configurations of security mechanisms. The distilled intelligence further fuels enhanced confinement mechanisms that flexibly and accurately shape apps' behaviors. To demonstrate the feasibility of my approaches, I design and implement a suite of proof-of-concept prototypes that support the three tasks respectively. / Dissertation/Thesis / Doctoral Dissertation Computer Science 2015
|
113 |
Proposta de método para análise pericial em smartphone com sistema operacional android / Proposed method for forensic analisys in smartphone with android operating systemSimão, André Morum de Lima 27 September 2011 (has links)
Dissertação (mestrado)—Universidade de Brasília, Departamento de Engenharia Elétrica, 2011. / Submitted by Albânia Cézar de Melo (albania@bce.unb.br) on 2012-01-26T14:48:40Z
No. of bitstreams: 1
2011_AndreMorumLimaSimao.pdf: 4005211 bytes, checksum: 1bf9adc84d824a32112c1f1fb2286e8c (MD5) / Approved for entry into archive by Elzi Bittencourt(elzi@bce.unb.br) on 2012-02-07T09:57:03Z (GMT) No. of bitstreams: 1
2011_AndreMorumLimaSimao.pdf: 4005211 bytes, checksum: 1bf9adc84d824a32112c1f1fb2286e8c (MD5) / Made available in DSpace on 2012-02-07T09:57:03Z (GMT). No. of bitstreams: 1
2011_AndreMorumLimaSimao.pdf: 4005211 bytes, checksum: 1bf9adc84d824a32112c1f1fb2286e8c (MD5) / Existem abordagens periciais bem difundidas e documentadas para exames em aparelhos celulares e computadores, mas não são suficientemente detalhadas para atender as especificidades de um celular com o sistema operacional Android. O objetivo deste trabalho é, a partir das abordagens atuais de análise forense em telefones celulares, propor um método específico para aqueles com o sistema operacional Android, dadas as peculiaridades da plataforma e as situações encontradas pelo analista pericial. Com a crescente adoção do sistema operacional Android nos dispositivos móveis e a própria evolução da plataforma, há uma tendência natural de estes equipamentos conterem cada vez mais informações que podem ser úteis ao processo investigativo. A partir do método proposto foram mapeadas, por meio da diagramação, as situações reais com que os peritos se deparam durante as etapas de apreensão, aquisição dos dados, exame e documentação, fornecendo os subsídios necessários para realizar os procedimentos forenses da forma correta. Foram propostos estudos de caso com base em três cenários distintos. Os cenários foram criados a partir de smartphones utilizados rotineiramente por usuários com perfis de utilização distintos. Assim, foi possível verificar o trabalho desenvolvido nesta dissertação a partir da aplicação do método em diferentes situações em que o analista pode se deparar. ______________________________________________________________________________ ABSTRACT / Although there are well documented and widespread approaches about forensic exam on mobile devices and computers, they are not detailed enough to meet all the specificities of an Android phone. The goal this work is, based on the actual guidelines of cell phones forensic analysis, create a specific method for the ones with the Android operating system, given the peculiarities of the platform and the situations that the forensic analyst will face. With the increasing adoption of the Android operating system in mobile devices and the evolution of the platform itself, there is a natural tendency of these devices increasingly contain information that may be useful to the investigation process.
With this method, it was possible to map, through a workflow, real situations that forensic analysts could face in the phases of cell phone seizure, data acquisition, exam and report, giving the necessary knowledge to execute the forensic procedures in a correct way. Case studies were proposed based on three different scenarios. The scenarios were created from smartphones used routinely by users with different usage profiles. Thus, it was possible to verify the work in this thesis from the application of the method in different situations in which the analyst may come across.
|
114 |
A framework for communicating with Android apps from the browserLindström, Karl January 2018 (has links)
With the recent growth of the mobile market, companies want to target mobile devices while at the same time keeping product development costs low. One way to do this is to develop web applications, which are accessed from a mobile de- vice’s web browser, instead of native applications. The same web application can then be used on different platforms such as Android and iOS. However, devices such as smart phones and tablets often include cameras and sensors that a web ap- plication may want to access, but which are only accessible from native applica- tions. A framework was developed that enables web applications to communicate with native Android applications. Native applications are launched by clicking a link in the browser, and the result produced is made available to the web applica- tion through a HTTP POST request or a local web server running on the device. Key characteristics of the framework include ease of extension and the ability to enable secure (SSL) communication if desired. The ZXing Barcode Scanner ap- plication was integrated with the framework so that a scanned barcode can be dis- played in the browser. Performance measurements were conducted measuring the time taken from clicking a link to start a test application to the result being avail- able in the browser. The mean times measured were between 323 and 394 mil- liseconds. This indicates that the method used is sufficiently fast to not detract from the user experience. Future work could expand on the measurements or per- form a feature and performance comparison with PhoneGap.
|
115 |
Uma Metodologia de Desenvolvimento de Jogos Educativos em Dispositivos Móveis para Ambientes Virtuais de AprendizagemBARBOSA NETO, José Francisco 17 December 2012 (has links)
Submitted by Daniella Sodre (daniella.sodre@ufpe.br) on 2015-03-09T13:43:22Z
No. of bitstreams: 2
license_rdf: 1232 bytes, checksum: 66e71c371cc565284e70f40736c94386 (MD5)
Dissertacao JFBN.pdf: 5041452 bytes, checksum: abf0f91890177ce9882a83feb5ed8827 (MD5) / Made available in DSpace on 2015-03-09T13:43:22Z (GMT). No. of bitstreams: 2
license_rdf: 1232 bytes, checksum: 66e71c371cc565284e70f40736c94386 (MD5)
Dissertacao JFBN.pdf: 5041452 bytes, checksum: abf0f91890177ce9882a83feb5ed8827 (MD5)
Previous issue date: 2012-12-17 / A indústria dos jogos digitais (games) vem superando o faturamento da indústria do
cinema desde 2007. Atualmente, jogar faz parte da rotina de muitos brasileiros, especialmente dos
jovens. Tal fato também é reflexo do aumento da qualidade dos recursos de tecnologia de
informação e comunicação nos últimos anos. As transformações ocorridas nos meios de
comunicação têm acarretado uma série de mudanças no âmbito da educação, haja vista a utilização
de mídias digitais, as quais se tornaram uma realidade bem comum para a maioria das escolas
brasileiras. . Além disso, dispositivos móveis estão cada vez mais acessíveis à população. Este
trabalho investiga a utilização de jogos educativos digitais na educação. Este trabalho foi iniciado
com uma pesquisa sobre a utilização de jogos na educação. Após estudos, foi desenvolvida
metodologia para desenvolvimento de jogos educativos, a qual também define uma integração
com ambientes virtuais de aprendizagem. Como prova de conceito, foi criado um jogo educacional
desenvolvido para dispositivos móveis na plataforma Android, integrado com ambientes virtuais
de aprendizagem, o qual foi desenvolvido reproduzindo fielmente a metodologia proposta. A
integração foi feita por meio de um componente de comunicação, facilitando a troca de
informações entre jogos e ambientes de aprendizagem, de modo a proporcionar maior
independência do aluno. Ao final do desenvolvimento do protótipo executável foi realizada uma
avaliação em duas partes: testes com especialistas na área pedagógica e uma avaliação em um
contexto real de ensino.
|
116 |
Sistema de aquisição de sinais de EMG e ECG para plataforma AndroidSouza, Pedro Victor Eugenio de 30 January 2015 (has links)
Submitted by Isaac Francisco de Souza Dias (isaac.souzadias@ufpe.br) on 2015-05-21T18:58:22Z
No. of bitstreams: 2
license_rdf: 1232 bytes, checksum: 66e71c371cc565284e70f40736c94386 (MD5)
Dissertação Versão 13.pdf: 3038068 bytes, checksum: d35211f8ce524e4409508e0a61f42c38 (MD5) / Made available in DSpace on 2015-05-21T18:58:22Z (GMT). No. of bitstreams: 2
license_rdf: 1232 bytes, checksum: 66e71c371cc565284e70f40736c94386 (MD5)
Dissertação Versão 13.pdf: 3038068 bytes, checksum: d35211f8ce524e4409508e0a61f42c38 (MD5)
Previous issue date: 2015-01-30 / Este trabalho fala sobre o desenvolvimento de um protótipo de um sistema de aquisição de sinais de ECG e EMG, de baixo custo de fabricação, baixo consumo de energia e que se comunica via wireless, utilizando protocolo de comunicação Bluetooth, com dispositivos AndroidTM. O desenvolvimento desse protótipo teve como finalidade a monitorização, em tempo real, dos sinais de ECG e EMG de um indivíduo, durante a realização de atividades físicas. Neste equipamento procurou-se realizar o projeto dos amplificadores para sinais biológicos (ECG e EMG), que combinasse baixo consumo e portabilidade, ou seja, os componentes escolhidos para este trabalho objetivaram reduzir o tamanho do circuito. Além disso, a transmissão de dados via Bluetooth foi adequada para que esses dados fossem utilizados em um dispositivo AndroidTM (smartphone), gerando a oportunidade para uma nova gama de produtos, os quais possam integrar a tecnologia existente nos celulares modernos à tecnologia de instrumentação biomédica aplicada ao monitoramento remoto de sinais biológicos. Com o intuito de atingir esse objetivo, foram desenvolvidos os sistemas de controle e processamento, baseados na arquitetura RISC, amplificação e filtragem, fonte de alimentação e comunicação Bluetooth, integrados em duas placas de circuito impresso, ambas com dimensão de 3x5cm. O firmware do sistema de aquisição e o software de visualização, controle e armazenamento de sinal foram desenvolvidos com a finalidade de tornar compatível o sistema com a maioria dos dispositivos baseados no sistema operacional AndroidTM. O sistema foi testado, apresentando bom desempenho na transmissão de dados e boa estabilidade em relação ao armazenamento e controle do consumo de energia. Atualmente, este sistema vem sendo utilizado em projetos de pesquisa e dissertações de mestrado com a finalidade de identificar possíveis problemas ou adequações a serem realizadas, tanto ao nível de hardware como de software. Com o sistema validado muitas pessoas podem ser beneficiadas, pois esse equipamento une a praticidade e multifuncionalidade dos telefones AndroidTM com a tecnologia de aquisição e processamento de sinais biológicos.
|
117 |
Säkerhetstänkande hos AndroidanvändareGillström, Niklas January 2012 (has links)
No description available.
|
118 |
Design av en användarvänlig Androidapplikation för trådlös kommunikation med Electronic Control Unit för bil eller testmiljöÖsterberg, Martin January 2016 (has links)
This is a study about software usability and information presen-tation in an Android application. The application is meant topresent the information coming being sent on the CAN buss ofa car or to listen to the messages being sent by just a few ECUconnected via a CAN buss. The study aims to evaluate the usabi-lity of the application based on an exploratory research method.The study was conducted using an iterative processes, where wefirst created a prototype. The prototype was then presented to anumber of users and they were asked to do a number of simpletasks within the application. We then used the feedback from thisexamination to improve the usability of the application. After thiswe did a second presentation of the application and compared itto the results to the results from the previous tests to see if wesucceeded in increasing the usability of the application.The first study tests showed that there were several weaknesses inthe application that we ourselves did not see. It showed that ourbackground was too prominent and that the text became hard toread, along with several other small things that we corrected. Wethen saw in our second tests that most parts of the applicationhad improved. There were still some parts of the application thatcould still use some development, and all people what differentthings in an application. / I vårt examensarbete så har vi gjort en undersökning på hur viska utforma en Android applikation för att få den att presenteradata på ett lätt och användarvänligt sätt. Applikationen är me-nad att presentera den data som skickas mellan ECU:erna i enbil eller testmiljö. Undersökningen som görs kommer testa hurpass användarvänlig, lättförståelig och tilltalande applikationenär, och utifrån det förbättra den.Under utvecklingen och undersökningen så använde vi oss av eniterativ process, med denna process så började vi att skapa enprototyp av applikationen. Denna prototyp användes sedan föratt utföra en användarutvärderingar där vi bad ett antal per-soner att testa applikationen, sedan fick de svara på ett antalfrågor angående applikationen. Data ifrån detta användes sedanför att uppdatera applikationens utseende och funktion. Efterdetta gjorde vi en till utvärdering där vi ställde samma frågorsom tidigare. Vi jämförde därefter de nya svaren med svaren frånden första utvärderingen för att se om vi lyckats förbättra appli-kationen.Den första studien visade att det fans flera svagheter i den ur-sprungliga applikationen. Till exempel så tog bakgrunden förmycket fokus och texten var svårläslig, det var utöver detta mångamindre detaljer som anmärktes på. Vi märkte efter vårt andratest att applikationen hade färre och mindre svagheter. Använ-darnas helhetsintryck av applikationen var bättre och mer posi-tivt.
|
119 |
Närvaroappen : Närvarohantering direkt i din mobil / Närvaroappen : Attendance management directly in your phoneEriksson, Johannes, Andrejenko, Erik January 2016 (has links)
Att dokumentera närvaro är något som är nödvändigt i många olika områden som t.ex. idrott, skola och arbete, men det kan även behövas vid spontana tillfällen där det inte sällan används papper och penna för ändamålet. Denna rapport behandlar skapandet av Närvaroappen, en Android-applikation som utvecklats med syftet att underlätta hantering av närvaro genom ett enkelt och tydligt användargränssnitt, och med möjlighet till att strukturera upp olika scenarion där närvaro behöver dokumenteras. För att mer bekvämt kunna arbeta med skapad data och föra eventuell statistik finns även generösa delningsmöjligheter via både molntjänster och mail. Projektet har resulterat i en fungerande applikation för dokumentering av närvaro. Applikationen har även visats upp samt testats av ett fåtal personer inom relevanta yrkesområden och erhållit positiv kritik. / To document attendance is something that is necessary in many different areas such as sports, school or at work, but it can also be needed at spontaneous occasions where paper and pen often are used. This report discusses the implementation and design of Närvaroappen, an Android application developed with the purpose to ease the management of attendance through a simple and explicit user interface, with the possibility to arrange the different scenarios where documentation of attendance is needed. To provide a more convenient way to work with created data and be able to keep statistics, it is also possible to share the data via different cloud-services and mail. The project has resulted in a working application for managing attendance. The application has also been introduced and tested by a few persons within some of relevant professions and received positive criticism.
|
120 |
Android - OnlinespelutvecklingSedin, Patrik January 2015 (has links)
I dagens samhälle har telefonerna gått ifrån att bara vara ett kommunikationsmedel till så mycket mer. Idag finns miljontals applikationer till telefonerna som gör dom mer lik en nöjesenhet än en telefon. Syftet med projektet har varit att med hjälp av förundersökningar skapa en mobilapplikation till operativsystemet Android. I applikationen är syftet att lägga vikt på användarvänlig design, snabb och effektiv funktionalitet. Målet med projektet är att få kunskap hur syftet ska kunna uppnås. Förundersökningenhar som uppgift att ge svar på hur en applikation blir populär och framgångsrik. Applikationen som har skapats i projektet är en kasinoapplikation som kommer innehålla speciella funktioner baserat på svaren från förundersökningen. Utöverapplikationen har en server skapats som klienten ska kommunicera med vid inloggning och vid lagring av information. I projektet har utvecklingsmetoden Extremprogrammering använts och applikationen har utvecklats i miljön Eclipse med hjälp av verktygen Android SDK och Facebook SDK. För att enklare kunna skriva programkod ritades skisser på applikationen och UML-diagram för de mest komplicerade funktionerna. De mål som sattes upp för projektet har uppfyllts och de problem som fanns innan projektet har lösts. Det finns stora säkerhetsrisker just nu som kommer att behövas fixas i framtiden. Det finns även andra förbättringar att göra i framtiden, t.ex. snyggare design och fler funktioner och spel i applikationen. / In modern day, the cellphones have gone from being a simple communicationunit to something so much more. Today there are millions of appliatins for yourphone which makes them more like an entertainmet unit than just a phone. Thepurpose of this project is, with help of reaearch, make a cellphone application tothe operating system Android. The purpose of the application is to make adesign which is clean and has high usability, fast and effective software and tomake the application able to be successful. The projects goal is to gainknowledge in how to achieve that purpose. The goal with the research is to gainknowledge about what makes an application desirable and popular. The application created in this project is a casino application that will includecertain functions depending on the results of the research. Besides theapplication there was also a server created with the purpose of storing userinformation and communication between server and client. The developmentmethod used in this project is Extremeprogramming and has been developed inthe Eclipse IDE. There has been modules for Android SDK and Facebook SDKadded to the Eclipse IDE. There was scetches and UML-diagrams drawn tomake the programming easier and to gain better understanding of the mostcomplicated functions. The goal overall with the project has ben fullfilled.Although there is a huge problem with the security risks that will have besolved in future work. Besides working on the security there could also be somefixes made on the design and add more functions and games to the applicationin the future.
|
Page generated in 0.0633 seconds