Auflistung nach Schlagwort "Android"
1 - 10 von 13
Treffer pro Seite
Sortieroptionen
- KonferenzbeitragApp-generated digital identities extracted through Android permission-based data access - a survey of app privacy(SICHERHEIT 2020, 2020) Momen, Nurul; Fritsch, LotharSmartphone apps that run on Android devices can access many types of personal information. Such information can be used to identify, profile and track the device users when mapped into digital identity attributes. This article presents a model of identifiability through access to personal data protected by the Android access control mechanism called permissions. We present an abstraction of partial identity attributes related to such personal data, and then show how apps accumulate such attributes in a longitudinal study that was carried out over several months. We found that apps' successive access to permissions accumulates such identity attributes, where different apps show different interest in such attributes.
- TextdokumentConcept, Implementation and Evaluation of a Virtual Learning Environment for Acquiring Competences in Android App Development(INFORMATIK 2022, 2022) Neumann,Frank; Rodríguez-del-Pino,Juan Carlos; Homer,SebastianThe presented project provides a virtual learning environment for university courses teaching app development using Android and Kotlin. It features both self-guided lessons and associated tests as well as practical app development tasks and associated self-assessed programming exercises. The well-known Moodle plug-in Virtual Programming Lab (VPL) serves as a starting point for the latter part. VPL gets extended by means for the usage of the Gradle build tool, the Android SDK tools and AndroidX tests for unit tests at the level of Android activities and fragments. In particular, the rather excessive resource requirements of the Gradle tool created numerous problems in the sandboxes used by VPL. These issues were addressed by configuring suitable VPL settings. In addition, problems associated with the proper usage of these settings had to be addressed in VPL. In order to evaluate whether the virtual learning environment suits the student’s need for learning app development, a questionnaire was designed that contains questions about the course in general and about the design, handling and the benefits of the exercises The answers of the students to this questionnaire confirm that the proposed virtual learning environment provides a suitable means for learning in the described field.
- ZeitschriftenartikelAn Energy Abstraction Layer for Mobile Computing Devices(Softwaretechnik-Trends: Vol. 33, No. 2, 2013) Josefiok, Mirco; Schröder, Marcel; Winter, AndreasOFFIS e.V., Oldenburg
- ZeitschriftenartikelEnergy-Efficient Code by Refactoring(Softwaretechnik-Trends: Vol. 33, No. 2, 2013) Gottschalk, Marion; Jelschen, Jan; Winter, AndreasMarion Gottschalk, Jan Jelschen, Andreas Winter Carl von Ossietzky Universit¨ at, Oldenburg, Germany
- ConferencePaperHeaps'n Leaks: How Heap Snapshots Improve Android Taint Analysis(Software Engineering 2021, 2021) Benz, Manuel; Kristensen, Erik Krogh; Luo, Linghui; Borges Jr., Nataniel P.; Bodden, Eric; Zeller, AndreasThe assessment of information flows is an essential part of analyzing Android apps, and is frequently supported by static taint analysis. Its precision, however, can suffer from the analysis not being able to precisely determine what elements a pointer can (and cannot) point to. Recent advances in static analysis suggest that incorporating dynamic heap snapshots, taken at one point at runtime, can significantly improve general static analysis. In this paper, we investigate to what extent this also holds for taint analysis, and how various design decisions, such as when and how many snapshots are collected during execution, and how exactly they are used, impact soundness and precision. We have extended FlowDroid to incorporate heap snapshots, yielding our prototype Heapster, and evaluated it on DroidMacroBench, a novel benchmark comprising real-world Android apps that we also make available as an artifact. The results show (1) the use of heap snapshots lowers analysis time and memory consumption while increasing precision; (2) a very good trade-off between precision and recall is achieved by a mixed mode in which the analysis falls back to static points-to relations for objects for which no dynamic data was recorded; and (3) while a single heap snapshot (ideally taken at the end of the execution) suffices to improve performance and precision, a better trade-off can be obtained by using multiple snapshots.
- ZeitschriftenartikelIn pursuit of a secure UI: The cycle of breaking and fixing Android’s UI(it - Information Technology: Vol. 61, No. 2-3, 2019) Bove, Davide; Kalysch, AnatoliHijacking user clicks and touch gestures has become a common attack vector and offers a stealthy approach at escalating the privileges of a process without raising red flags among users or AV software. Exploits falling into this category are categorized as clickjacking attacks and have gained increased popularity on mobile devices, Android being the recent victim of a series of UI vulnerabilities. Focusing on the Android OS this paper highlights previous and current UI-based attack vectors and finishes with an overview of security mechanisms, covering both system-wide as well as app-level protection measures.
- KonferenzbeitragJicer: Slicing Android Apps for Cooperative Analysis(Software Engineering 2023, 2023) Pauck, Felix; Wehrheim, HeikeSlicing allows to identify which program parts influence or are influenced by a certain statement of a program. Hence, if we know which statement is potentially causing an issue we can slice accordingly to only inspect the slice while debugging. With Jicer, we proposed a slicer that can be used in a different context, namely cooperative Android app analysis. In combination with taint analysis tools, we employed Jicer to get more accurate results.
- WorkshopbeitragM3I: A Framework for Mobile Multimodal Interaction(Mensch & Computer 2014 - Tagungsband, 2014) Möller, Andreas; Diewald, Stefan; Roalter, Luis; Kranz, MatthiasWe present M3I, an extensive multimodal interaction framework for mobile devices, which simplifies and accelerates the creation of multimodal applications for prototyping and research. It provides an abstraction of information representations in different communication channels, unifies access to implicit and explicit information, and wires together the logic behind context-sensitive modality switches by a rule-based approach. In this paper, we present the structure and major features of our framework, and show exemplary implementations of interaction modalities with help of M3I.
- KonferenzbeitragMake my Phone Secure! Using Gamification for Mobile Security Settings(Mensch und Computer 2019 - Tagungsband, 2019) Bahrini, Mehrdad; Volkmar, Georg; Schmutte, Jonas; Wenig, Nina; Sohr, Karsten; Malaka, RainerGranting permissions in different contexts to applications on mobile devices might pose a direct threat to the users' security and privacy by granting access to sensitive information. Although, Android permission dialogues already provide information about possible dangerous permissions, users might still not be aware of the consequences. Therefore, appropriate solutions for empowering users and raising awareness should be examined. As gamified applications can motivate players to learn more about rather uninteresting areas, we investigate the potential in the context of mobile security. We developed the gameful application Make my phone secure! for learning how to grant and change permissions. The game presents the Android menu in a playful and explanatory environment. To analyze possible learning effects of the application, we conducted an empirical study, comparing the game and two more basic variants (one with a simple Android menu and one menu enriched with hints concerning the permissions). The lab study (n=18) showed that all three variants could increase the participants' awareness significantly. However, the game was perceived as the most fun variant and provided more informative content than the common menu structures.
- KonferenzbeitragSchrittweise Hilfestellung bei der App-Installation für technikferne Erwachsene direkt am Gerät(DeLFI 2018 - Die 16. E-Learning Fachtagung Informatik, 2018) Noichl, Svenja; Röpke, René; Schroeder, UlrikDie Smartphone- und Tabletnutzung steigt auch unter den älteren und technikfernen Erwachsenen. Die Fähigkeit Apps auf den Geräten zu installieren stellt eine wichtige Kompetenz im Hinblick auf individuellen Einsatzmöglichkeiten durch die Nutzerinnen und Nutzer dar. Neben zahlreichen Möglichkeiten zur App-Installation auf Android-Geräten stellt die Installation von Apps aus dem Google PlayStore eine weit verbreitete Möglichkeit dar. Selbst für Neulinge ist der Google PlayStore ein Begriff und es ist ihnen bekannt, dass es Apps für diverse Lebensbereiche und Situationen gibt. Der Vorgang des Installationsprozesses bereitet gerade Einsteigerinnen und Einsteigern größere Probleme. Zwar existieren zahlreiche „Papier“-Tutorials, jedoch keine Möglichkeiten diesen Vorgang direkt am Gerät zu erlernen. In diesem Beitrag wird eine entwickelte Installationshilfe vorgestellt. Mithilfe eines Display-Overlays werden Hinweise und Hilfestellungen zur App Installation unmittelbar während der Nutzung des Google PlayStore bereitgestellt. Die Installationshilfe wurde dabei insbesondere für den Einsatz in Workshops konzipiert und evaluiert.