Seminari di Informatica

Martedì 19 Febbraio 2019, ore 16:00 - Aula 1C150 - Aleksandr Pilgun, Olga Gadyatskaya, Stanislav Dashevskyi


Martedì 19 Febbraio 2019 dalle ore 16:00 in Aula 1C150 si terranno i seguenti seminari:

Aleksandr Pilgun “ACVTool: A tool to measure fine-grained code coverage in black-box Android application testing and analysis”.

The deluge of Android apps from third-party developers calls for sophisticated security testing and analysis techniques to inspect suspicious apps without accessing their source code. Code coverage is an important metric used in these techniques to evaluate their effectiveness, and even as a fitness function to help achieving better results in evolutionary and fuzzy approaches. Yet, so far there were no reliable tools for measuring fine-grained bytecode coverage of Android apps. In this talk we present ACVTool that instruments Android apps and measures the smali code coverage at the level of classes, methods, and instructions. Tool repository:

Aleksandr Pilgun is a doctoral student at the University of Luxembourg, where he studies Android security under the supervision of Prof. Sjouke Mauw and Dr. Olga Gadyatskaya. Before starting his PhD studies he received his Master’s Degree in Information Security at Belarusian State University and worked as a software engineer in ITRex Group (Minsk, Belarus). His PhD research, in particular, focuses on measurement the code coverage of Android applications in the black box setting.

Olga Gadyatskaya “How code coverage granularity impacts fault detection in Android apps: A case study with Sapienz and ACVTool”.

Code coverage is an important metric that is used by automated Android testing and security analysis tools to guide the exploration of applications and to assess efficacy. Yet, there are many different variants of this metric and there is no agreement within the Android community on which are the best to work with. In this talk, we will present our case study in automated bug detection with the state-of-the-art automated test design tool Sapienz. This tool relies on code coverage as a part of the test selection fitness function. Our results show that different coverage metrics uncover different bug population, with the fine-grained instruction coverage being slightly more successful than others. The findings suggest a viable hypothesis that combining different granularities of code coverage metrics can be beneficial for achieving better results in automated testing of Android applications.

Olga Gadyatskaya holds PhD in Mathematics from Novosibirsk State University. She is research associate at SnT/University of Luxembourg. Prior to this, Olga has worked as postdoctoral researcher at the University of Trento. Her research interests focus on IT security, spanning from security risk management with attack trees to Android application security and reliability.

Stanislav Dashevskyi “Detection and dissection of Android cryptominers”.

Cryptojacking apps pose a serious threat to mobile devices. Due to the extensive computations, they deplete device's battery fast, and can damage it, or even harm its owner due to overheating. In this work, we make a step towards combating this threat: we collected and manually verified a large set of Android mining apps. We have carefully analyzed these miners and identified how they work, what are the most popular libraries or APIs used to facilitate their development, and what static features are typical for this class of applications. As a part of our analysis, we uploaded each sample from our dataset to VirusTotal. From our dataset of miners, at least 5 were not seen previously by the platform. The majority of our mining samples is considered malicious by at least one VirusTotal scanner, but 14 apks are not detected by any antivirus engine. Through our journey, we realized that due to their peculiarities miners are better detected dynamically, as there many mining-ecosystem related applications that actually do not mine, and we have encountered mining scam. To evaluate this hypothesis, we collected a dataset of dynamic metrics both for miners and unrelated benign apps, and built a machine learning-based tool called BrenntDroid that is capable to detect miners with 96% of accuracy on our dataset. We also aim to share our labelled dataset with the community.

Stanislav received his Master's degree in Automation and Control Systems from the National Mining University of Ukraine (Dnipro), and his Ph.D. from the International Doctorate School in Information and Communication Technologies (ICT) at the University of Trento (Italy) under the supervision of Prof. Fabio Massacci. Before starting his Ph.D. studies, Stanislav worked as a software quality assurance engineer at Sitecore (Ukrainian office). He is currently working as a Research Associate at the SaToSS Research Group at the University of Luxembourg under the supervision of Prof. Sjouke Mauw. Stanislav's main research interests include software security, vulnerability analysis, and security certification of software components.