Results 221-240 of 243.
Bookmark and Share    
Full Text
Peer Reviewed
See detailEffective Inter-Component Communication Mapping in Android with Epicc: An Essential Step Towards Holistic Security Analysis
Octeau, Damien; McDaniel, Patrick; Jha, Somesh et al

in Effective Inter-Component Communication Mapping in Android with Epicc: An Essential Step Towards Holistic Security Analysis (2013)

Many threats present in smartphones are the result of interactions between application components, not just artifacts of single components. However, current techniques for identifying inter-application ... [more ▼]

Many threats present in smartphones are the result of interactions between application components, not just artifacts of single components. However, current techniques for identifying inter-application communication are ad hoc and do not scale to large numbers of ap- plications. In this paper, we reduce the discovery of inter-component communication (ICC) in smartphones to an instance of the Interprocedural Distributive Environment (IDE) problem, and develop a sound static analysis technique targeted to the Android platform. We apply this analysis to 1,200 applications selected from the Play store and characterize the locations and substance of their ICC. Experiments show that full specifications for ICC can be identified for over 93% of ICC locations for the applications studied. Further the analysis scales well; analysis of each application took on average 113 seconds to complete. Epicc, the resulting tool, finds ICC vulnerabilities with far fewer false positives than the next best tool. In this way, we develop a scalable vehicle to extend current security analysis to entire collections of applications as well as the interfaces they export. [less ▲]

Detailed reference viewed: 529 (7 UL)
Full Text
Peer Reviewed
See detailSelection of Regression System Tests for Security Policy Evolution
Hwang, JeeHyun; Xie, Tao; El Kateb, Donia UL et al

Scientific Conference (2012, September)

Detailed reference viewed: 133 (2 UL)
Full Text
Peer Reviewed
See detailIntroducing Conviviality as a property of Multi-Context Systems
Bikakis, Antonis; Efthymiou, Vasileios UL; Caire, Patrice UL et al

in The 4th International Workshop on Acquisition, Representation and Reasoning with Contextualized Knowledge ARCOE-12 (2012, August 27)

Detailed reference viewed: 80 (0 UL)
Full Text
Peer Reviewed
See detailIntroducing Conviviality as a New Paradigm for Interactions among IT Objects
Moawad, Assaad UL; Efthymiou, Vasileios UL; Caire, Patrice UL et al

in Proceedings of the Workshop on AI Problems and Approaches for Intelligent Environments (2012, August), 907

The Internet of Things allows people and objects to seamlessly interact, crossing the bridge between real and virtual worlds. Newly created spaces are heterogeneous; social relations naturally extend to ... [more ▼]

The Internet of Things allows people and objects to seamlessly interact, crossing the bridge between real and virtual worlds. Newly created spaces are heterogeneous; social relations naturally extend to smart objects. Conviviality has recently been introduced as a social science concept for ambient intelligent systems to highlight soft qualitative requirements like user friendliness of systems. Roughly, more opportunities to work with other people increase the conviviality. In this paper, we first propose the conviviality concept as a new interaction paradigm for social exchanges between humans and Information Technology (IT) objects, and extend it to IT objects among themselves. Second, we introduce a hierarchy for IT objects social interactions, from low-level one-way interactions to high-level complex interactions. Then, we propose a mapping of our hierarchy levels into dependence networks-based conviviality classes. In particular, low levels without cooperation among objects are mapped to lower conviviality classes, and high levels with complex cooperative IT objects are mapped to higher conviviality classes. Finally, we introduce new conviviality measures for the Internet of Things, and an iterative process to facilitate cooperation among IT objects, thereby the conviviality of the system. We use a smart home as a running example. [less ▲]

Detailed reference viewed: 139 (12 UL)
Full Text
Peer Reviewed
See detailTowards Flexible Evolution of Dynamically Adaptive Systems
Perrouin, Gilles UL; Morin, Brice; Chauvel, Franck et al

in New Ideas & Emerging Results Track of the International Conference of Software Engineering (NIER@ICSE) (2012, June)

Modern software systems need to be continuously available under varying conditions. Their ability adapt to their execution context is thus increasingly seen as a key to their success. Recently, many ... [more ▼]

Modern software systems need to be continuously available under varying conditions. Their ability adapt to their execution context is thus increasingly seen as a key to their success. Recently, many approaches were proposed to design and support the execution of Dynamically Adaptive Systems (DAS). However, the ability of a DAS to evolve is limited to the addition, update or removal of adaptation rules or reconfiguration scripts. These artifacts are very specific to the control loop managing such a DAS and runtime evolution of the DAS requirements may affect other parts of the DAS. In this paper, we argue to evolve all parts of the loop. We suggest leveraging recent advances in model-driven techniques to offer an approach that supports the evolution of both systems and their adaptation capabilities. The basic idea is to consider the control loop itself as an adaptive system. [less ▲]

Detailed reference viewed: 140 (1 UL)
Full Text
Peer Reviewed
See detailAccess Control Enforcement Testing
El Kateb, Donia UL; Elrakaiby, Yehia; Mouelhi, Tejeddine UL et al

in 8th International Workshop on Automation of Software Test (AST), 2013 (2012, May)

A policy-based access control architecture com- prises Policy Enforcement Points (PEPs), which are modules that intercept subjects access requests and enforce the access decision reached by a Policy ... [more ▼]

A policy-based access control architecture com- prises Policy Enforcement Points (PEPs), which are modules that intercept subjects access requests and enforce the access decision reached by a Policy Decision Point (PDP), the module implementing the access decision logic. In applications, PEPs are generally implemented manually, which can introduce errors in policy enforcement and lead to security vulnerabilities. In this paper, we propose an approach to systematically test and validate the correct enforcement of access control policies in a given target application. More specifically, we rely on a two folded approach where a static analysis of the target application is first made to identify the sensitive accesses that could be regulated by the policy. The dynamic analysis of the application is then conducted using mutation to verify for every sensitive access whether the policy is correctly enforced. The dynamic analysis of the application also gives the exact location of the PEP to enable fixing enforcement errors detected by the analysis. The approach has been validated using a case study implementing an access control policy. [less ▲]

Detailed reference viewed: 147 (7 UL)
Full Text
Peer Reviewed
See detailRefactoring access control policies for performance improvement
El Kateb, Donia UL; Mouelhi, Tejeddine UL; Le Traon, Yves UL et al

in Proceedings of the 3rd ACM/SPEC International Conference on Performance Engineering (2012, April)

Detailed reference viewed: 115 (4 UL)
Full Text
Peer Reviewed
See detailUsing Mutants to Locate "Unknown" Faults
Papadakis, Mike UL; Le Traon, Yves UL

in ICST 2012 (2012)

Detailed reference viewed: 210 (5 UL)
Full Text
Peer Reviewed
See detailTesting Obligation Policy Enforcement using Mutation Analysis
El Rakaiby, Yehia UL; Mouelhi, Tejeddine UL; Le Traon, Yves UL

in Proceedings of the 7th International Workshop on Mutation Analysis (associated to the Fifth International Conference on Software Testing, Verification, and Validation, ICST 2012) (2012)

The support of obligations with access control policies allows the expression of more sophisticated requirements such as usage control, availability and privacy. In order to enable the use of these ... [more ▼]

The support of obligations with access control policies allows the expression of more sophisticated requirements such as usage control, availability and privacy. In order to enable the use of these policies, it is crucial to ensure their correct enforcement and management in the system. For this reason, this paper introduces a set of mutation operators for obligation policies. The paper first identifies key elements in obligation policy management, then presents mutation operators which injects minimal errors which affect these aspects. Test cases are qualified w.r.t. their ability in detecting problems, simulated by mutation, in the interactions between policy management and the application code. The use of policy mutants as substitutes for real flaws enables a first investigation of testing obligation policies in a system. We validate our work by providing an implementation of the mutation process: the experiments conducted on a Java program provide insights for improving test selection. [less ▲]

Detailed reference viewed: 117 (0 UL)
Full Text
Peer Reviewed
See detailTesting obligation policy enforcement using mutation analysis
Elrakaiby, Yehia UL; Mouelhi, Tejeddine UL; Le Traon, Yves UL

in Proceedings - IEEE 5th International Conference on Software Testing, Verification and Validation, ICST 2012 (2012)

The support of obligations with access control policies allows the expression of more sophisticated requirements such as usage control, availability and privacy. In order to enable the use of these ... [more ▼]

The support of obligations with access control policies allows the expression of more sophisticated requirements such as usage control, availability and privacy. In order to enable the use of these policies, it is crucial to ensure their correct enforcement and management in the system. For this reason, this paper introduces a set of mutation operators for obligation policies. The paper first identifies key elements in obligation policy management, then presents mutation operators which injects minimal errors which affect these aspects. Test cases are qualified w.r.t. their ability in detecting problems, simulated by mutation, in the interactions between policy management and the application code. The use of policy mutants as substitutes for real flaws enables a first investigation of testing obligation policies in a system. We validate our work by providing an implementation of the mutation process: the experiments conducted on a Java program provide insights for improving test selection. © 2012 IEEE. [less ▲]

Detailed reference viewed: 110 (0 UL)
Full Text
Peer Reviewed
See detailAutomatically Securing Permission-Based Software by Reducing the Attack Surface: An Application to Android
Bartel, Alexandre UL; Klein, Jacques UL; Monperrus, Martin et al

in IEEE/ACM International Conference on Automated Software Engineering (2012)

In the permission-based security model (used e.g. in An- droid and Blackberry), applications can be granted more permissions than they actually need, what we call a permission gap?. Malware can leverage ... [more ▼]

In the permission-based security model (used e.g. in An- droid and Blackberry), applications can be granted more permissions than they actually need, what we call a permission gap?. Malware can leverage the unused permissions for achieving their malicious goals, for instance using code injection. In this paper, we present an approach to detecting permission gaps using static analysis. Using our tool on a dataset of Android applications, we found out that a non negligible part of applications suffers from permission gaps, i.e. does not use all the permissions they declare. [less ▲]

Detailed reference viewed: 176 (5 UL)
Full Text
Peer Reviewed
See detailDexpler: Converting Android Dalvik Bytecode to Jimple for Static Analysis with Soot
Bartel, Alexandre UL; Klein, Jacques UL; Monperrus, Martin et al

in ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2012) (2012)

This paper introduces Dexpler, a software package which converts Dalvik bytecode to Jimple. Dexpler is built on top of Dedexer and Soot. As Jimple is Soot’s main internal rep- resentation of code, the ... [more ▼]

This paper introduces Dexpler, a software package which converts Dalvik bytecode to Jimple. Dexpler is built on top of Dedexer and Soot. As Jimple is Soot’s main internal rep- resentation of code, the Dalvik bytecode can be manipu- lated with any Jimple based tool, for instance for performing point-to or flow analysis. [less ▲]

Detailed reference viewed: 205 (11 UL)
Full Text
See detailImproving Privacy on Android Smartphones Through In-Vivo Bytecode Instrumentation
Bartel, Alexandre UL; Klein, Jacques UL; Monperrus, Martin et al

Report (2012)

In this paper we claim that a widely applicable and efficient means to fight against malicious mobile Android applications is: 1) to perform runtime monitoring 2) by instrumenting the application bytecode ... [more ▼]

In this paper we claim that a widely applicable and efficient means to fight against malicious mobile Android applications is: 1) to perform runtime monitoring 2) by instrumenting the application bytecode and 3) in-vivo, i.e. directly on the smartphone. We present a tool chain to do this and present experimental results showing that this tool chain can run on smartphones in a reasonable amount of time and with a realistic effort. Our findings also identify challenges to be addressed before running powerful runtime monitoring and instrumentations directly on smartphones. We implemented two use-cases leveraging the tool chain: FineGPolicy, a fine-grained user centric permission policy system and AdRemover an advertisement remover. Both prototypes improve the privacy of Android systems thanks to in-vivo bytecode instrumentation. [less ▲]

Detailed reference viewed: 269 (26 UL)
Full Text
Peer Reviewed
See detailA Model-Based Approach to Automated Testing of Access Control Policies
Xu, Dianxiang; Thomas, Lijo UL; Kent, Michael et al

in Proceedings of the 17th ACM Symposium on Access Control Models and Technologies (2012)

Access control policies in software systems can be implemented incorrectly for various reasons. This paper presents a model-based approach for automated testing of access control implementation. To feed ... [more ▼]

Access control policies in software systems can be implemented incorrectly for various reasons. This paper presents a model-based approach for automated testing of access control implementation. To feed the model-based testing process, test models are constructed by integrating declarative access control rules and contracts (preconditions and post-conditions) of the associated activities. The access control tests are generated from the test models to exercise the interactions of access control activities. Test executability is obtained through a mapping of the modeling elements to implementation constructs. The approach has been implemented in an industry-adopted test automation framework that supports the generation of test code in a variety of languages, such as Java, C, C++, C#, and HTML/Selenium IDE. The full model-based testing process has been applied to two systems implemented in Java. The effectiveness is evaluated in terms of access-control fault detection rate using mutation analysis of access control implementation. The experiments show that the model-based tests killed 99.7% of the mutants and the remaining mutants caused no policy violations. [less ▲]

Detailed reference viewed: 141 (0 UL)
Full Text
See detailBypassing the Combinatorial Explosion: Using Similarity to Generate and Prioritize T-wise Test Suites for Large Software Product Lines
Henard, Christopher UL; Papadakis, Mike UL; Perrouin, Gilles UL et al

Report (2012)

Software Product Lines (SPLs) are families of products whose commonalities and variability can be captured by Feature Models (FMs). T-wise testing aims at finding errors triggered by all interactions ... [more ▼]

Software Product Lines (SPLs) are families of products whose commonalities and variability can be captured by Feature Models (FMs). T-wise testing aims at finding errors triggered by all interactions amongst t features, thus reducing drastically the number of products to test. T-wise testing approaches for SPLs are limited to small values of t -- which miss faulty interactions -- or limited by the size of the FM. Furthermore, they neither prioritize the products to test nor provide means to finely control the generation process. This paper offers (a) a search-based approach capable of generating products for large SPLs, forming a scalable and flexible alternative to current techniques and (b) prioritization algorithms for any set of products. Experiments conducted on 124 FMs (including large FMs such as the Linux kernel) demonstrate the feasibility and the practicality of our approach. [less ▲]

Detailed reference viewed: 131 (5 UL)
Full Text
Peer Reviewed
See detailRefactoring Access Control Policies for Performance Improvement
Elkateb, Donia UL; Mouelhi, Tejeddine UL; Le Traon, Yves UL et al

in Proceedings of the 3rd ACM/SPEC International Conference on Performance Engineering (ICPE 2012) (2012)

In order to facilitate managing authorization, access control architectures are designed to separate the business logic from an access control policy. To determine whether a user can access which ... [more ▼]

In order to facilitate managing authorization, access control architectures are designed to separate the business logic from an access control policy. To determine whether a user can access which resources, a request is formulated from a component, called a Policy Enforcement Point (PEP) located in application code. Given a request, a Policy Decision Point (PDP) evaluates the request against an access control policy and returns its access decision (i.e., permit or deny) to the PEP. With the growth of sensitive information for protection in an application, an access control policy consists of a larger number of rules, which often cause a performance bottleneck. To address this issue, we propose to refactor access control policies for performance improvement by splitting a policy (handled by a single PDP) into its corresponding multiple policies with a smaller number of rules (handled by multiple PDPs). We define seven attribute-set-based splitting criteria to facilitate splitting a policy. We have conducted an evaluation on three subjects of reallife Java systems, each of which interacts with access control policies. Our evaluation results show that (1) our approach preserves the initial architectural model in terms of interaction between the business logic and its corresponding rules in a policy, and (2) our approach enables to substantially reduce request evaluation time for most splitting criteria. Copyright 2012 ACM. [less ▲]

Detailed reference viewed: 125 (0 UL)
Full Text
Peer Reviewed
See detailPeer-to-Peer Load Testing
Meira, Jorge Augusto UL; Almeida, Eduardo Cunha; Le Traon, Yves UL et al

in Software Testing, Verification and Validation (ICST), 2012 IEEE Fifth International Conference on (2012)

Nowadays the large-scale systems are common-place in any kind of applications. The popularity of the web created a new environment in which the applications need to be highly scalable due to the data ... [more ▼]

Nowadays the large-scale systems are common-place in any kind of applications. The popularity of the web created a new environment in which the applications need to be highly scalable due to the data tsunami generated by a huge load of requests (i.e., connections and business operations). In this context, the main question is to validate how far the web applications can deal with the load generated by the clients. Load testing is a technique to analyze the behavior of the system under test upon normal and heavy load conditions. In this work we present a peer-to-peer load testing approach to isolate bottleneck problems related to centralized testing drivers and to scale up the load. Our approach was tested in a DBMS as study case and presents satisfactory results. [less ▲]

Detailed reference viewed: 52 (0 UL)
Full Text
See detailIn-Vivo Bytecode Instrumentation for Improving Privacy on Android Smartphones in Uncertain Environments
Bartel, Alexandre; Klein, Jacques UL; Monperrus, Martin et al

E-print/Working paper (2012)

In this paper we claim that an efficient and readily applicable means to improve privacy of Android applications is: 1) to perform runtime monitoring by instrumenting the application bytecode and 2) in ... [more ▼]

In this paper we claim that an efficient and readily applicable means to improve privacy of Android applications is: 1) to perform runtime monitoring by instrumenting the application bytecode and 2) in-vivo, i.e. directly on the smartphone. We present a tool chain to do this and present experimental results showing that this tool chain can run on smartphones in a reasonable amount of time and with a realistic effort. Our findings also identify challenges to be addressed before running powerful runtime monitoring and instrumentations directly on smartphones. We implemented two use-cases leveraging the tool chain: BetterPermissions, a fine-grained user centric permission policy system and AdRemover an advertisement remover. Both prototypes improve the privacy of Android systems thanks to in-vivo bytecode instrumentation. [less ▲]

Detailed reference viewed: 104 (18 UL)
Full Text
Peer Reviewed
See detailPairwise testing for software product lines: Comparison of two approaches
Perrouin, Gilles UL; Oster, Sebastian; Sen, Sagar et al

in Software Quality Journal (2012), 20(3), 605-643

Software Product Lines (SPL) are difficult to validate due to combinatorics induced by variability, which in turn leads to combinatorial explosion of the number of derivable products. Exhaustive testing in ... [more ▼]

Software Product Lines (SPL) are difficult to validate due to combinatorics induced by variability, which in turn leads to combinatorial explosion of the number of derivable products. Exhaustive testing in such a large products space is hardly feasible. Hence, one possible option is to test SPLs by generating test configurations that cover all possible t feature interactions (t-wise). It dramatically reduces the number of test products while ensuring reasonable SPL coverage. In this paper, we report our experience on applying t-wise techniques for SPL with two independent toolsets developed by the authors. One focuses on generality and splits the generation problem according to strategies. The other emphasizes providing efficient generation. To evaluate the respective merits of the approaches, measures such as the number of generated test configurations and the similarity between them are provided. By applying these measures, we were able to derive useful insights for pairwise and t-wise testing of product lines. [less ▲]

Detailed reference viewed: 180 (3 UL)
Full Text
Peer Reviewed
See detailFormalisation de contextes et d'exigences pour la validation formelle de logiciels embarqués
Dhaussy, Philippe; Boniol, Frédéric; Roger, Jean-Charles et al

in TSI. Technique et science informatiques (2012), 31(6), 797--825

Un défi bien connu dans le domaine des méthodes formelles est d'améliorer leur intégration dans les processus de développement industriel. Dans le contexte des systèmes embarqués, l’utilisation des ... [more ▼]

Un défi bien connu dans le domaine des méthodes formelles est d'améliorer leur intégration dans les processus de développement industriel. Dans le contexte des systèmes embarqués, l’utilisation des techniques de vérification formelle nécessitent tout d'abord de modéliser le système à valider, puis de formaliser les propriétés devant être satisfaites sur le modèle et enfin de décrire le comportement de l'environnement du modèle. Ce dernier point que nous nommons « contexte de preuve » est souvent négligé. Il peut être, cependant, d'une grande importance afin de réduire la complexité de la preuve. Dans notre contribution, nous cherchons à proposer à l’utilisateur une aide pour la formalisation de ce contexte en lien avec la formalisation des propriétés. Dans ce but, nous proposons et expérimentons un langage (DSL), nommée CDL (Context Description Language), pour la description des acteurs de l’environnement, basée sur des diagrammes d’activités et de séquence et des patrons de définition des propriétés à vérifier. Les propriétés sont modélisées et reliées à des régions d’exécution spécifiques du contexte. Nous illustrons notre contribution sur un exemple et décrivons des résultats sur plusieurs applications industrielles embarquées. [less ▲]

Detailed reference viewed: 121 (1 UL)