Guoai Xu

An Explorative Study of the Mobile App Ecosystem from App Developers' Perspective

With the prevalence of smartphones, app markets such as Apple App Store and Google Play has become the center stage in the mobile app ecosystem, with millions of apps developed by tens of thousands of app developers in each major market. This paper presents a study of the mobile app ecosystem from the perspective of app developers. Based on over one million Android apps and 320,000 developers from Google Play, we analyzed the Android app ecosystem from different aspects. Our analysis shows that while over half of the developers have released only one app in the market, many of them have released hundreds of apps. We classified developers into different groups based on the number of apps they have released, and compared their characteristics. Specially, we have analyzed the group of aggressive developers who have released more than 50 apps, trying to understand how and why they create so many apps. We also investigated the privacy behaviors of app developers, showing that some developers have a habit of producing apps with low privacy ratings. Our study shows that understanding the behavior of mobile developers can be helpful to not only other app developers, but also to app markets and mobile users.

A Novel Element Detection Method in Audio Sensor Networks

Audio element detection in wireless sensor networks (WSNs) has great significance in our lives (e.g., in detecting traffic jam and accident, gun shots and explosion, and hurricane). It is particularly useful when video cameras cannot be used effectively (e.g., in darkness, with a wide range to cover); audio sensors are also much cheaper. However, most previous works on audio element detection require a large number of training examples to obtain satisfactory results. This becomes even more infeasible for audio sensors in WSNs where small energy consumption is required. In this paper, we propose a novel approach to solve this difficult problem. We first break down audio clips into a collection of simple “audio elements,” and train these audio elements offline using statistical learning. Then, we train a weighted association graph using the trained audio element models online. This greatly reduces the amount of online training without sacrificing accuracy. We deploy our approach in an audio sensor network for traffic monitoring and venue monitoring to evaluate its performance. The experiments demonstrate that our proposed method achieves better results compared to the state-of-the-art methods while using smaller online training sets.

How do Mobile Apps Violate the Behavioral Policy of Advertisement Libraries

Advertisement libraries are used in almost two-thirds of apps in Google Play. To increase economic revenue, some app developers tend to entice mobile users to unexpectedly click ad views during their interaction with the app, resulting in kinds of ad fraud. Despite some popular ad providers have published behavioral policies to prevent inappropriate behaviors/practices, no previous work has studied whether mobile apps comply with those policies. In this paper, we take Google Admob as the starting point to study policy-violation apps. We first analyze the behavioral policies of Admob and create a taxonomy of policy violations. Then we propose an automated approach to detect policy-violation apps, which takes advantage of two key artifacts: an automated model-based Android GUI testing technique and a set of heuristic rules summarized from the behavior policies of Google Admob. We have applied our approach to 3,631 popular apps that have used the Admob library, and we could achieve a precision of 86% in detecting policy-violation apps. The results further show that roughly 2.5% of apps violate the policies, suggesting that behavioral policy violation is indeed a real issue in the Android advertising ecosystem.

Optimized source authentication scheme for multicast based on merkle tree and TESLA

An optimized source authentication scheme for multicast based on merkle tree and TESLA was presented. Message group including independent component was constructed by merkle tree algorithm, the validity of message groups digest value was ensured by delayed disclosure of keys of TESLA algorithm, and furthermore, real-time source authentication with zero-time delay was implemented through improving TESLA algorithm. Compared with the same kind schemes, this scheme not only obviously decreased communication, computation and storage cost, but also could be compatible with complex network environment and treat bursty loss well. According to derivation and verification, source authentication had almost no effect even in communication scenarios with higher packet loss probability and significantly improved reliability.

Why are Android apps removed from Google Play?: a large-scale empirical study

To ensure the quality and trustworthiness of the apps within its app market (i.e., Google Play), Google has released a series of policies to regulate app developers. As a result, policy-violating apps (e.g., malware, low-quality apps, etc.) have been removed by Google Play periodically. In reality, we have found that the number of removed apps are actually much more than what we have expected, as almost half of all the apps have been removed or replaced from Google Play during a two year period from 2015 to 2017. However, despite the significant number of removed apps, there are almost no study on the characterization of these removed apps. To this end, this paper takes the first step to understand why Android apps are removed from Google Play, aiming at observing promising insights for both market maintainers and app developers towards building a better app ecosystem. By leveraging two app sets crawled from Google Play in 2015 (over 1.5 million) and 2017 (over 2.1 million), we have identified a set of over 790K removed apps, which are then thoroughly investigated in various aspects. The experimental results have revealed various interesting findings, as well as insights for future research directions.

Defect Prediction in Android Binary Executables Using Deep Neural Network

Software defect prediction locates defective code to help developers improve the security of software. However, existing studies on software defect prediction are mostly limited to the source code. Defect prediction for Android binary executables (called apks) has never been explored in previous studies. In this paper, we propose an explorative study of defect prediction in Android apks. We first propose smali2vec, a new approach to generate features that capture the characteristics of smali (decompiled files of apks) files in apks. Smali2vec extracts both token and semantic features of the defective files in apks and such comprehensive features are needed for building accurate prediction models. Then we leverage deep neural network (DNN), which is one of the most common architecture of deep learning networks, to train and build the defect prediction model in order to achieve accuracy. We apply our defect prediction model to more than 90,000 smali files from 50 Android apks and the results show that our model could achieve an AUC (the area under the receiver operating characteristic curve) of 85.98% and it is capable of predicting defects in apks. Furthermore, the DNN is proved to have a better performance than the traditional shallow machine learning algorithms (e.g., support vector machine and naive bayes) used in previous studies. The model has been used in our practical work and helped locate many defective files in apks.

An enhanced password authentication scheme for session initiation protocol with perfect forward secrecy

The Session Initiation Protocol (SIP) is an extensive and esteemed communication protocol employed to regulate signaling as well as for controlling multimedia communication sessions. Recently, Kumari et al. proposed an improved smart card based authentication scheme for SIP based on Farash’s scheme. Farash claimed that his protocol is resistant against various known attacks. But, we observe some accountable flaws in Farash’s protocol. We point out that Farash’s protocol is prone to key-compromise impersonation attack and is unable to provide pre-verification in the smart card, efficient password change and perfect forward secrecy. To overcome these limitations, in this paper we present an enhanced authentication mechanism based on Kumari et al.’s scheme. We prove that the proposed protocol not only overcomes the issues in Farash’s scheme, but it can also resist against all known attacks. We also provide the security analysis of the proposed scheme with the help of widespread AVISPA (Automated Validation of Internet Security Protocols and Applications) software. At last, comparing with the earlier proposals in terms of security and efficiency, we conclude that the proposed protocol is efficient and more secure.

CRSPR: PageRank for Android Apps

With the sharp increase in mobile apps, modular design and functional reuse are commonly adopted. The inter-component communication (ICC) mechanism in Android allows apps to exchange data with other apps and components, resulting in large amounts of security issues, such as component hijacking vulnerabilities, privilege escalation and spoofing attacks. Although ICC has been extensively studied in previous work, none of the previous approaches is practically scalable to simultaneously analyze a large number of Android apps, giving the combinational explosion of possible inter-component (and inter-app) communications. In this paper, we first propose an explorative study to analyze the ICC-based interaction for a large amount of Android apps. Then we propose CRSPR, a PageRank-like topic-aware app ranking approach to highlight influential Android apps for ICC analysis. The experimental results show that CRSPR is better than the basic counting approach as well as the traditional PageRank-based approach, which further demonstrate that CRSPR is useful for highlighting influential Android apps.

A Multi-Server Two-Factor Authentication Scheme with Un-Traceability Using Elliptic Curve Cryptography

To provide secure communication, the authentication-and-key-agreement scheme plays a vital role in multi-server environments, Internet of Things (IoT), wireless sensor networks (WSNs), etc. This scheme enables users and servers to negotiate for a common session initiation key. Our proposal first analyzes Amin et al.’s authentication scheme based on RSA and proves that it cannot provide perfect forward secrecy and user un-traceability, and is susceptible to offline password guessing attack and key-compromise user impersonation attack. Secondly, we provide that Srinivas et al.’s multi-server authentication scheme is not secured against offline password guessing attack and key-compromise user impersonation attack, and is unable to ensure user un-traceability. To remedy such limitations and improve computational efficiency, we present a multi-server two-factor authentication scheme using elliptic curve cryptography (ECC). Subsequently, employing heuristic analysis and Burrows–Abadi–Needham logic (BAN-Logic) proof, it is proven that the presented scheme provides security against all known attacks, and in particular provides user un-traceability and perfect forward security. Finally, appropriate comparisons with prevalent works demonstrate the robustness and feasibility of the presented solution in multi-server environments.

Authorship attribution of source code by using back propagation neural network based on particle swarm optimization

Authorship attribution is to identify the most likely author of a given sample among a set of candidate known authors. It can be not only applied to discover the original author of plain text, such as novels, blogs, emails, posts etc., but also used to identify source code programmers. Authorship attribution of source code is required in diverse applications, ranging from malicious code tracking to solving authorship dispute or software plagiarism detection. This paper aims to propose a new method to identify the programmer of Java source code samples with a higher accuracy. To this end, it first introduces back propagation (BP) neural network based on particle swarm optimization (PSO) into authorship attribution of source code. It begins by computing a set of defined feature metrics, including lexical and layout metrics, structure and syntax metrics, totally 19 dimensions. Then these metrics are input to neural network for supervised learning, the weights of which are output by PSO and BP hybrid algorithm. The effectiveness of the proposed method is evaluated on a collected dataset with 3,022 Java files belong to 40 authors. Experiment results show that the proposed method achieves 91.060% accuracy. And a comparison with previous work on authorship attribution of source code for Java language illustrates that this proposed method outperforms others overall, also with an acceptable overhead.