Anonymous attackers have been targeting the Android ecosystem for performing severe malicious activities. Despite the complement of various vulnerabilities by security researchers, new vulnerabilities are continuously emerging. In this paper, we introduce a new type of vulnerability that can be exploited to hide data in an application file, bypassing the Android's signing policy. Specifically, we exploit padding areas that can be created by using the alignment option when applications are packaged. We present a proof-of-concept implementation for exploiting the vulnerability. Finally, we demonstrate the effectiveness of VeileDroid by using a synthetic application that hides data in the padding area and updates the data without re-signing and updating the application on an Android device.

Android operating system occupies a high share in the mobile terminal market. It promotes the rapid development of Android applications (apps). However, the emergence of Android malware greatly endangers the security of Android smartphone users. Existing research works have proposed a lot of methods for Android malware detection, but they did not make the utilization of apps' functional category information so that the strong similarity between benign apps in the same functional category is ignored. In this paper, we propose an Android malware detection scheme based on the functional classification. The benign apps in the same functional category are more similar to each other, so we can use less features to detect malware and improve the detection accuracy in the same functional category. The aim of our scheme is to provide an automatic application functional classification method with high accuracy. We design an Android application functional classification method inspired by the hyperlink induced topic search (HITS) algorithm. Using the results of automatic classification, we further design a malware detection method based on app similarity in the same functional category. We use benign apps from the Google Play Store and use malware apps from the Drebin malware set to evaluate our scheme. The experimental results show that our method can effectively improve the accuracy of malware detection.

In this letter, we consider the incorrigible sets of binary linear codes. First, we show that the incorrigible set enumerator of a binary linear code is tantamount to the Tutte polynomial of the vector matroid induced by the parity-check matrix of the code. A direct consequence is that determining the incorrigible set enumerator of binary linear codes is #P-hard. Then for a cycle code, we express its incorrigible set enumerator via the Tutte polynomial of the graph describing the code. Furthermore, we provide the explicit formula of incorrigible set enumerators of cycle codes constructed from complete graphs.

In this paper, we consider the collaborative editing of two-dimensional (2D) data such as handwritten letters and illustrations. In contrast to the editing of 1D data, which is generally realized by the combination of insertion/deletion of characters, overriding of strokes can have a specific meaning in editing 2D data. In other words, the appearance of the resulting picture depends on the reflection order of strokes to the shared canvas in addition of the absolute coordinate of the strokes. We propose a Peer-to-Peer (P2P) collaborative drawing system consisting of several nodes with replica canvas, in which the consistency among replica canvases is maintained through data channel of WebRTC. The system supports three editing modes concerned with the reflection order of strokes generated by different users. The result of experiments indicates that the proposed system realizes a short latency of around 120 ms, which is a half of a cloud-based system implemented with Firebase Realtime Database. In addition, it realizes a smooth drawing of pictures on remote canvases with a refresh rate of 12 fps.

Troika is a recently proposed sponge-based hash function for IOTA's ternary architecture and platform, which is developed by CYBERCRYPT and is now used in IOTA's blockchain. In this paper, we introduce the preimage attack on 2/3 rounds of Troika with a divide-and-conquer approach. Firstly, we propose the equivalent conditions to determine whether a message is the preimage with an algebraic method. As a result, for the preimage attack on two-round Troika, we can search the preimage only in a valid smaller space and efficiently enumerate the messages which can satisfy most of the equivalent conditions with a guess-and-determine technique. Our experiments show that the time complexity of the preimage attack on 2-round Troika can be improved to 379 from 3243. For the preimage attack on 3-round Troika, the MILP-based method is applied to achieve the optimal time complexity, which is 327 times faster than brute force.

Optical navigation (OPNAV) is the use of the on-board imaging data to provide a direct measurement of the image coordinates of the target as navigation information. Among the optical observables in deep-space, the edge of the celestial body is an important feature that can be utilized for locating the planet centroid. However, traditional edge detection algorithms like Canny algorithm cannot be applied directly for OPNAV due to the noise edges caused by surface markings. Moreover, due to the constrained computation and energy capacity on-board, light-weight image-processing algorithms with less computational complexity are desirable for real-time processing. Thus, to fast and accurately extract the edge of the celestial body from high-resolution satellite imageries, this paper presents an algorithm-hardware co-design of real-time edge detection for OPNAV. First, a light-weight edge detection algorithm is proposed to efficiently detect the edge of the celestial body while suppressing the noise edges caused by surface markings. Then, we further present an FPGA implementation of the proposed algorithm with an optimized real-time performance and resource efficiency. Experimental results show that, compared with the traditional edge detection algorithms, our proposed one enables more accurate celestial body edge detection, while simplifying the hardware implementation.

In this paper, we present the effectiveness of image compression based on a convolutional auto encoder (CAE) with region of interest (ROI) for quality control. We propose a method that adapts image quality for prioritized parts and non-prioritized parts for CAE-based compression. The proposed method uses annotation information for the distortion weights of the MS-SSIM-based loss function. We show experimental results using a road damage image dataset that is used to check damaged parts and an image dataset with segmentation data (ADE20K). The experimental results reveals that the proposed weighted loss function with CAE-based compression from F. Mentzer et al. learns some characteristics and preferred bit allocations of the prioritized parts by end-to-end training. In the case of using road damage image dataset, our method reduces bpp by 31% compared to the original method while meeting quality requirements that an average weighted MS-SSIM for the road damaged parts be larger than 0.97 and an average weighted MS-SSIM for the other parts be larger than 0.95.

This manuscript discusses a new indoor positioning method and proposes a multi-distance function trilateration over k-NN fingerprinting method using radio signals. Generally, the strength of radio signals, referred to received signal strength indicator or RSSI, decreases as they travel in space. Our method employs a list of fingerprints comprised of RSSIs to absorb interference between radio signals, which happens around the transmitters and it also employs multiple distance functions for conversion from distance between fingerprints to the physical distance in order to absorb the interference that happens around the receiver then it performs trilateration between the top three closest fingerprints to locate the receiver's current position. An experiment in positioning performance is conducted in our laboratory and the result shows that our method is viable for a position-level indoor positioning method and it could improve positioning performance by 12.7% of positioning error to 0.406 in meter in comparison with traditional methods.

Detecting Android malwares is imperative. As a promising Android malware detection scheme, we focus on the scheme leveraging the differences of traffic patterns between benign apps and malwares. Those differences can be captured even if the packet is encrypted. However, since such features are just statistic based ones, they cannot identify whether each traffic is malicious. Thus, it is necessary to design the scheme which is applicable to encrypted traffic data and supports identification of malicious traffic. In this paper, we propose an Android malware detection scheme based on level of SSL server certificate. Attackers tend to use an untrusted certificate to encrypt malicious payloads in many cases because passing rigorous examination is required to get a trusted certificate. Thus, we utilize SSL server certificate based features for detection since their certificates tend to be untrusted. Furthermore, in order to obtain the more exact features, we introduce required permission based weight values because malwares inevitably require permissions regarding malicious actions. By computer simulation with real dataset, we show our scheme achieves an accuracy of 92.7%. True positive rate and false positive rate are 5.6% higher and 3.2% lower than the previous scheme, respectively. Our scheme can cope with encrypted malicious payloads and 89 malwares which are not detected by the previous scheme.

While the graph minor theorem by Robertson and Seymour assures that any minor-closed class of graphs can be characterized by a finite list of excluded minors, such a succinct characterization by excluded minors is not always possible in matroids which are combinatorial abstraction from graphs. The class of matroids representable over a given infinite field is known to have an infinite number of excluded minors. In this paper, we show that, for any algebraic element x over the rational field ℚ the degree of whose minimal polynomial is 2, there exist infinitely many ℚ[x]-representable excluded minors of rank 3 for ℚ-representability. This implies that the knowledge that a given matroid is F-representable where F is a larger field than ℚ does not decrease the difficulty of excluded minors' characterization of ℚ-representability.

Android malwares are rapidly becoming a potential threat to users. Among several Android malware detection schemes, the scheme using Inter-Component Communication (ICC) is gathering attention. That scheme extracts numerous ICC-related features to detect malwares by machine learning. In order to mitigate the degradation of detection performance caused by redundant features, Correlation-based Feature Selection (CFS) is applied to feature before machine learning. CFS selects useful features for detection in accordance with the theory that a good feature subset has little correlation with mutual features. However, CFS may remove useful ICC-related features because of strong correlation between them. In this paper, we propose an effective feature selection scheme for Android ICC-based malware detection using the gap of the appearance ratio. We argue that the features frequently appearing in either benign apps or malwares are useful for malware detection, even if they are strongly correlated with each other. To select useful features based on our argument, we introduce the proportion of the appearance ratio of a feature between benign apps and malwares. Since the proportion can represent whether a feature frequently appears in either benign apps or malwares, this metric is useful for feature selection based on our argument. Unfortunately, the proportion is ineffective when a feature appears only once in all apps. Thus, we also introduce the difference of the appearance ratio of a feature between benign apps and malwares. Since the difference simply represents the gap of the appearance ratio, we can select useful features by using this metric when such a situation occurs. By computer simulation with real dataset, we demonstrate our scheme improves detection accuracy by selecting the useful features discarded in the previous scheme.

Permission warnings and privacy policy enforcement are widely used to inform mobile app users of privacy threats. These mechanisms disclose information about use of privacy-sensitive resources such as user location or contact list. However, it has been reported that very few users pay attention to these mechanisms during installation. Instead, a user may focus on a more user-friendly source of information: text description, which is written by a developer who has an incentive to attract user attention. When a user searches for an app in a marketplace, his/her query keywords are generally searched on text descriptions of mobile apps. Then, users review the search results, often by reading the text descriptions; i.e., text descriptions are associated with user expectation. Given these observations, this paper aims to address the following research question: What are the primary reasons that text descriptions of mobile apps fail to refer to the use of privacy-sensitive resources? To answer the research question, we performed empirical large-scale study using a huge volume of apps with our ACODE (Analyzing COde and DEscription) framework, which combines static code analysis and text analysis. We developed light-weight techniques so that we can handle hundred of thousands of distinct text descriptions. We note that our text analysis technique does not require manually labeled descriptions; hence, it enables us to conduct a large-scale measurement study without requiring expensive labeling tasks. Our analysis of 210,000 apps, including free and paid, and multilingual text descriptions collected from official and third-party Android marketplaces revealed four primary factors that are associated with the inconsistencies between text descriptions and the use of privacy-sensitive resources: (1) existence of app building services/frameworks that tend to add API permissions/code unnecessarily, (2) existence of prolific developers who publish many applications that unnecessarily install permissions and code, (3) existence of secondary functions that tend to be unmentioned, and (4) existence of third-party libraries that access to the privacy-sensitive resources. We believe that these findings will be useful for improving users' awareness of privacy on mobile software distribution platforms.

In this study, we evaluated the electro-optical characteristics and structural stability in curved state of dye-doped liquid crystal (LC) gel film for stretchable displays. As the results, maximum contrast ratio of 6.7:1 and suppression of LC flow were achieved by optimum of blend condition such as gelator and dye concentration.

We investigate excluded minor characterizations of two fundamental classes of matroids: orientable matroids and representable matroids. We prove (i) for any fixed field F, there exist infinitely many excluded minors of rank 3 for the union of the class of orientable matroids and the class of F-representable matroids, and (ii) for any fixed field F with characteristic 0, there exist infinitely many orientable excluded minors of rank 3 for intersection of the class of orientable matroids and the class of F-representable matroids. We show these statements by explicitly constructing infinite families of excluded minors.

Multilinear maps have lots of cryptographic applications including multipartite key exchange and indistinguishability obfuscations. Since the concept of multilinear map was suggested, three kinds of candidate multilinear maps are constructed. However, the security of multilinear maps suffers from various attacks. In this paper, we overview suggested multilinear maps and cryptanalysis of them in diverse cases.

We study an authentication method using secret figures of Pattern Lock, called pass patterns. In recent years, it is important to prevent the leakage of personal and company information on mobile devices. Android devices adopt a login authentication called Pattern Lock, which achieves both high resistance to Brute Force Attack and usability by virtue of pass pattern. However, Pattern Lock has a problem that pass patterns directly input to the terminal can be easily remembered by shoulder-surfing attack. In this paper, we propose a shoulder-surfing resistant authentication using pass pattern of Pattern Lock, which adopts a challenge & response authentication and also uses users' short-term memory. We implement the proposed method as an Android application and measure success rate, authentication time and the resistance against shoulder surfing. We also evaluate security and usability in comparison with related work.

Android is one of the most popular mobile device platforms. However, since Android apps can be disassembled easily, attackers inject additional advertisements or malicious codes to the original apps and redistribute them. There are a non-negligible number of such repackaged apps. We generally call those malicious repackaged apps “clones.” However, there are apps that are not clones but are similar to each other. We call such apps “relatives.” In this work, we developed a framework called APPraiser that extracts similar apps and classifies them into clones and relatives from the large dataset. We used the APPraiser framework to study over 1.3 million apps collected from both official and third-party marketplaces. Our extensive analysis revealed the following findings: In the official marketplace, 79% of similar apps were attributed to relatives, while in the third-party marketplace, 50% of similar apps were attributed to clones. The majority of relatives are apps developed by prolific developers in both marketplaces. We also found that in the third-party market, of the clones that were originally published in the official market, 76% of them are malware.

Recently, a high dimensional classification framework has been proposed to introduce spatial structure information in classical single kernel support vector machine optimization scheme for brain image analysis. However, during the construction of spatial kernel in this framework, a huge adjacency matrix is adopted to determine the adjacency relation between each pair of voxels and thus it leads to very high computational complexity in the spatial kernel calculation. The method is improved in this manuscript by a new construction of tensorial kernel wherein a 3-order tensor is adopted to preserve the adjacency relation so that calculation of the above huge matrix is avoided, and hence the computational complexity is significantly reduced. The improvement is verified by experimental results on classification of Alzheimer patients and cognitively normal controls.

The Android pattern unlock is a widely adopted graphical password system that requires a user to draw a secret pattern connecting points arranged in a grid. The theoretical security of pattern unlock can be defined by the number of possible patterns. However, only upper bounds of the number of patterns have been known except for 3×3 and 4×4 grids for which the exact number of patterns was found by brute-force enumeration. In this letter, we present the first lower bound by computing the minimum number of visible points from each point in various subgrids.

The Android pattern unlock is a popular graphical password scheme, where a user is presented a 3×3 grid and required to draw a pattern on the onscreen grid. Each pattern is a sequence of at least four contact points with some restrictions. Theoretically, the security level of unlock patterns is determined by the size of the pattern space. However, the number of possible patterns is only known for 3×3 and 4×4 grids, which was computed by brute-force enumeration. The only mathematical formula for the number of possible patterns is a permutation-based upper bound. In this article, we present an improved upper bound by counting the number of “visible” points that can be directly reached by a point.