chabada checking app behavior against app descriptions
play

CHABADA: Checking App Behavior Against App Descriptions Alessandra - PowerPoint PPT Presentation

Jun 24, 2023 •160 likes •1.05k views

CHABADA: Checking App Behavior Against App Descriptions Alessandra Gorla Saarland University, Germany joint work with Konstantin Kuznetsov, Ilaria Tavecchia, Florian Gross and Andreas Zeller London Restaurants Looking for a restaurant, a bar,

  1. CHABADA: Checking App Behavior Against App Descriptions Alessandra Gorla Saarland University, Germany joint work with Konstantin Kuznetsov, Ilaria Tavecchia, Florian Gross and Andreas Zeller

  6. London Restaurants Looking for a restaurant, a bar, a pub or just to have fun in London? Search no more! This application has all the information you need: • You can search for every type of food you want: french, british, chinese, indian etc. • You can use it if you are in a car, on a bicycle or walking • You can view all objectives on the map • You can search objectives • You can view objectives near you • You can view directions (visual route, distance and duration) • You can use it with Street View • You can use it with Navigation Keywords: london, restaurants, bars, pubs, food, breakfast, lunch, dinner, meal, eat, supper, street view, navigation

  7. London Restaurants Looking for a restaurant, a bar, a pub or just to have fun in London? Search no more! This application has all the information you need: • You can search for every type of food you want: french, british, chinese, indian etc. • You can use it if you are in a car, on a bicycle or walking • You can view all objectives on the map • You can search objectives • You can view objectives near you • You can view directions (visual route, distance and duration) • You can use it with Street View • You can use it with Navigation Keywords: london, restaurants, bars, pubs, food, breakfast, lunch, dinner, meal, eat, supper, street view, navigation Also sends out account info Also sends out mobile phone number Also sends out your device ID

  8. What is malicious? Also sends out account info Also sends out mobile phone number Also sends out your device ID London Restaurants

  9. What is malicious? Also sends out account info Also sends out mobile phone number Also sends out your device ID London Restaurants WhatsApp messenger

  10. What is malicious? Also sends out account info Also sends out mobile phone number Also sends out your device ID London Restaurants Also sends out account info Also sends out mobile phone number Also sends out your device ID WhatsApp messenger

  11. What is normal? • “London Restaurants” is a “travel” app • For “travel” apps, sending account infos is abnormal • For “messaging” apps, 
 this is far more likely London Restaurants

  12. CHABADA Weather "Weather", + Travel "Map"… "Travel", "Map"… Themes "Theme" 1. App collection 2. Topics 3. Clusters

  13. CHABADA Weather "Weather", + Travel "Map"… "Travel", "Map"… Themes "Theme" 1. App collection 2. Topics 3. Clusters Internet Access-Location Internet Access-Location Send-SMS 4. APIs 5. Outliers

  14. CHABADA Weather "Weather", + Travel "Map"… "Travel", "Map"… Themes "Theme" 1. App collection 2. Topics 3. Clusters Internet Access-Location Internet Access-Location Send-SMS 4. APIs 5. Outliers

  15. Apps collection

  16. Apps collection Winter 2013 Summer 2013

  17. Apps collection Winter 2013 Summer 2013 Total Android apps: 32,136

  18. Stemming looking for a restaurant, a bar, a pub or just to have fun in london? search no more! this application has all the information you need: • you can search for every type of food you want: french, british, chinese, indian etc. • you can use it if you are in a car, on a bicycle or walking • you can view all objectives on the map • you can search objectives • you can view objectives near you • you can view directions (visual route, distance and duration) • you can use it with street view • you can use it with navigation keywords: london, restaurants, bars, pubs, food, breakfast, lunch, dinner, meal, eat, supper, street view, navigation

  19. Stemming looking for a restaurant, a bar, a pub or just to have fun in london? search no more! this application has all the information you need: • you can search for everi type of food you want: french, british, chinese, indian etc. • you can use it if you are in a car, on a bicycle or walking • you can view all objectives on the map • you can search objectives • you can view objectives near you • you can view directions (visual route, distance and duration) • you can use it with street view • you can use it with navigation keywords: london, restaurants, bars, pubs, food, breakfast, lunch, dinner, meal, eat, supper, street view, navigation

  20. Topic Analysis

  21. Topic Analysis LDA

  22. Topic Analysis T1: [map, navigation, street,tour, …] T2: [weight, body, exercise,run …] LDA

  23. Topic Analysis T1: [map, navigation, street,tour, …] T2: [weight, body, exercise,run …] T1: 80%, T2: 20% LDA T2:90%, T1: 10% T1: 70%, T2: 30% T2:80%, T1: 20%

  24. Topics Table 1: Topics mined from Android Apps Id Assigned Name Most Representative Words (stemmed) 0 “personalize” galaxi, nexu, device, screen, effect, instal, customis 1 “game and cheat game, video, page, cheat, link, tip, trick sheets” 2 “money” slot, machine, money, poker, currenc, market, trade, stock, casino coin, finance 3 “tv” tv, channel, countri, live, watch, germani, na- tion, bbc, newspap 4 “music” music, song, radio, play, player, listen 5 “holidays” and christmas, halloween, santa, year, holiday, is- religion lam, god 6 “navigation and map, inform, track, gps, navig, travel travel” 7 “language” language, word, english, learn, german, translat 8 “share” email, ad, support, facebook, share, twitter, rate, suggest 9 “weather and stars” weather, forecast, locate, temperatur, map, city, light 10 “files and video” file, download, video, media, support, man- age, share, view, search

  25. 12 “cars” car, race, speed, drive, vehicl, bike, track 13 “design and art” life, peopl, natur, form, feel, learn, art, design, uniqu, effect, modern 14 “food and recipes” recip, cake, chicken, cook, food 15 “personalize” theme, launcher, download, install, icon, menu 16 “health” weight, bodi, exercise, diet, workout, medic 17 “travel” citi, guid, map, travel, flag, countri, attract 18 “kids and bodies” kid, anim, color, girl, babi, pictur, fun, draw, design, learn 19 “ringtones and sound, rington, alarm, notif, music sound” 20 “game” game, plai, graphic, fun, jump, level, ball, 3d, score 21 “search and search, icon, delet, bookmark, link, homepag, browse” shortcut, browser 22 “battle games” story, game, monster, zombi, war, battle 23 “settings and utils” screen, set, widget, phone, batteri 24 “sports” team, football, leagu, player, sport, basketbal 25 “wallpapers” wallpap, live, home, screen, background, menu 26 “connection” device, connect, network, wifi, blootooth, in- ternet, remot, server 27 “policies and ads” live, ad, home, applovin, notif, data, polici, pri- vacy, share, airpush, advertis 28 “popular media” seri, video, film, album, movi, music, award, star, fan, show, gangnam, top, bieber 29 “puzzle and card game, plai, level, puzzl, player, score, chal- games” leng, card

  26. London Restaurant Topics look london restaur search bar pub just applic fun inform can search need everi type food want french british chines indian etc car bicycl walk can us can view object map visual rout can search object search can view distanc durat can view direct object near can us street view can us navig keyword london restaur bar pub food view breakfast lunch dinner meal eat supper street navig

  27. London Restaurant Topics look london restaur search bar pub just applic fun inform can search need everi type food want french british chines indian etc car bicycl walk can us can view object map visual rout can search object search can view distanc durat can view direct object near can us street view can us navig keyword london restaur bar pub food view breakfast lunch dinner meal eat supper street navig “navigation and travel” (59.8%) 
 “food and recipes” (19.9%) 
 “travel” (14.0%)

  28. CHABADA Weather "Weather", + Travel "Map"… "Travel", "Map"… Themes "Theme" 1. App collection 2. Topics 3. Clusters Internet Access-Location Internet Access-Location Send-SMS 4. APIs 5. Outliers

  29. CHABADA Weather "Weather", + Travel "Map"… "Travel", "Map"… Themes "Theme" 1. App collection 2. Topics 3. Clusters Internet Access-Location Internet Access-Location Send-SMS 4. APIs 5. Outliers

  30. Clustering T1: 80%, T2: 20% T2:90%, T1: 10% T1: 70%, T2: 30% T2:80%, T1: 20%

  31. Clustering T1: 80%, T2: 20% T2:90%, T1: 10% K-means T1: 70%, T2: 30% T2:80%, T1: 20%

  32. Clustering T1: 80%, T2: 20% T1: 80%, T1: 70%, T2: 20% T2: 30% T2:90%, T1: 10% K-means T1: 70%, T2:90%, T2: 30% T1: 10% T2:80%, T1: 20% T2:80%, T1: 20%

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Bifrst Visualizing and Checking Behavior of Embedded Systems across Hardware and Software

Bifrst Visualizing and Checking Behavior of Embedded Systems across Hardware and Software

Bifrst Visualizing and Checking Behavior of Embedded Systems across Hardware and Software Will McGrath wmcgrath@stanford.edu Jeremy Warner jeremy.warner@berkeley.edu e M bedded G ateway C loud [MGC] embedded gateway cloud 2 e M

1.17k views • 60 slides
3. Satisfiability Checking 3.1 SAT-Checking Procedures Verification Technology

3. Satisfiability Checking 3.1 SAT-Checking Procedures Verification Technology

Fachgebiet RechnerSysteme Technische Universitt Verification Technology Darmstadt 3. Satisfiability Checking Computer Systems Lab 1 3. Satisfiability Checking 3 3. Satisfiability Checking 3.1 SAT-Checking Procedures Verification

278 views • 11 slides
Hoare Logic and Model Checking Model Checking Lecture 11: Model checking for Computation Tree

Hoare Logic and Model Checking Model Checking Lecture 11: Model checking for Computation Tree

Hoare Logic and Model Checking Model Checking Lecture 11: Model checking for Computation Tree Logic Dominic Mulligan Based on previous slides by Alan Mycroft and Mike Gordon Programming, Logic, and Semantics Group University of Cambridge

402 views • 25 slides
Chapter 8 Dataflow Descriptions in VHDL 1 benyamin@mehr.sharif.edu Dataflow Description

Chapter 8 Dataflow Descriptions in VHDL 1 benyamin@mehr.sharif.edu Dataflow Description

Chapter 8 Dataflow Descriptions in VHDL 1 benyamin@mehr.sharif.edu Dataflow Description Its between structural and behavioral descriptions Descriptions at this level specify the flow of data through the registers and busses of a

753 views • 51 slides
Checking & Spot-Checking the Correctness of Priority Queues Matthew Chu & Sampath Kannan

Checking & Spot-Checking the Correctness of Priority Queues Matthew Chu & Sampath Kannan

Checking & Spot-Checking the Correctness of Priority Queues Matthew Chu & Sampath Kannan (UPenn) Andrew McGregor (UCSD) Memory Checking Memory Checking Your resources: A lot of cheap unreliable memory and a little expensive reliable

1.11k views • 70 slides
Statistical Statistical Statistical Model Statistical Model Model Checking Model Checking

Statistical Statistical Statistical Model Statistical Model Model Checking Model Checking

Statistical Statistical Statistical Model Statistical Model Model Checking Model Checking Checking Checking for Timed Automata Timed Automata Coll C l C ll b llabora orators: t ors: Peter Bulychev, Alexandre David Axel Legay, Marius

725 views • 59 slides
BEHAVIOR @ HOME Behavior Basics Simple strategies that can make a big difference! Presented by

BEHAVIOR @ HOME Behavior Basics Simple strategies that can make a big difference! Presented by

BEHAVIOR @ HOME Behavior Basics Simple strategies that can make a big difference! Presented by Michelle Heid, MA, BCBA Hosted by Family Focus Resource Center Behavior Basics Behavior as communication ABCs of Behavior Functions of

717 views • 35 slides
CTL Chapter 6 Part 2 Overview Review CTL Model Checking CTL model Checking algorithms

CTL Chapter 6 Part 2 Overview Review CTL Model Checking CTL model Checking algorithms

CTL Chapter 6 Part 2 Overview Review CTL Model Checking CTL model Checking algorithms for ( U ) Counter Examples and witnesses Symbolic Model Checking (Thursday) Binary Decision Trees

740 views • 40 slides
Hoare Logic and Model Checking Model Checking But perhaps theres a clever way of

Hoare Logic and Model Checking Model Checking But perhaps theres a clever way of

Hoare Logic and Model Checking Model Checking But perhaps theres a clever way of compiling one into the other? Both have very different models of time How do they compare? We have seen two widely used temporal logics Relative

510 views • 10 slides
Partnership Regional Workshops Checking in Moving Forward 1 Checking in Website and

Partnership Regional Workshops Checking in Moving Forward 1 Checking in Website and

C. Difficile Prevention Partnership Regional Workshops Checking in Moving Forward 1 Checking in Website and toolkit Measurement Feedback form Questions? What else do you need? 2 Table Talk Since beginning this work

581 views • 30 slides
Toward Online Hybrid Systems Model Checking of Cyber-Physical Systems Time-Bounded Short-Run

Toward Online Hybrid Systems Model Checking of Cyber-Physical Systems Time-Bounded Short-Run

Toward Online Hybrid Systems Model Checking of Cyber-Physical Systems Time-Bounded Short-Run Behavior Lei Bu*, Qixin Wang , Xin Chen*, Linzhang Wang*, Tian Zhang*, Jianhua Zhao*, and Xuandong Li* *Nanjing University, The Hong Kong

395 views • 21 slides
Foundational Ideas Everyone needs support for behavior. Behavior is communication.

Foundational Ideas Everyone needs support for behavior. Behavior is communication.

Foundational Ideas Everyone needs support for behavior. Behavior is communication. Punishment doesnt work. Respond to the root of the behavior, not the surface. Positive Behavioral Interventions & Support Intensive Supports

489 views • 33 slides
Bounded Model Checking bmc Revision: 1.11 1 [BiereCimattiClarkeZhu99] uses SAT for model

Bounded Model Checking bmc Revision: 1.11 1 [BiereCimattiClarkeZhu99] uses SAT for model

Bounded Model Checking bmc Revision: 1.11 1 [BiereCimattiClarkeZhu99] uses SAT for model checking historically not the first symbolic model checking approach scales better than original BDD based techniques mostly incomplete in

521 views • 28 slides
IATTO Conference Presentation Descriptions I N T E R N A T I O N A L A S S O C I A T I O N O F

IATTO Conference Presentation Descriptions I N T E R N A T I O N A L A S S O C I A T I O N O F

IATTO Conference Presentation Descriptions I N T E R N A T I O N A L A S S O C I A T I O N O F T R A D E T R A I N I N G O R G A N I S A T I O N S IATTO Presentation Descriptions Lesley Batchelor Brexit and Beyond As we unravel the 40

355 views • 7 slides
Another approach to runtime checking Typical runtime checking is by duplicating entire CPU

Another approach to runtime checking Typical runtime checking is by duplicating entire CPU

Another approach to runtime checking Typical runtime checking is by duplicating entire CPU Expensive in power, area No protection from design errors Does not survive permanent faults Last time we saw an approach that leveraged

246 views • 7 slides
School Improvement SII Institute (Si2) Welcome! Todays Agenda Strategy Descriptions Import

School Improvement SII Institute (Si2) Welcome! Todays Agenda Strategy Descriptions Import

School Improvement Institute School Improvement SII Institute (Si2) Welcome! Todays Agenda Strategy Descriptions Import Strategy Descriptions Review -Update Descriptions and Strategy Info Review Strategy Reports Summary Impact Energy

550 views • 24 slides
Session 8 Deployment Descriptor Http 1 Reading and Reference Reading

Session 8 Deployment Descriptor Http 1 Reading and Reference Reading

Session 8 Http Session 8 Deployment Descriptor Http 1 Reading and Reference Reading en.wikipedia.org/wiki/HTTP Reference http headers en.wikipedia.org/wiki/List_of_HTTP_headers http status codes

263 views • 11 slides
Data Breach in the EU Session Title The New Landscape Name Tilly Lang Organization HewardMills

Data Breach in the EU Session Title The New Landscape Name Tilly Lang Organization HewardMills

October 15, 2019 Date Data Breach in the EU Session Title The New Landscape Name Tilly Lang Organization HewardMills Name Chris Hydak Organization Microsoft 1 Name Kall Loper Organization Protiviti Speaker Tilly Lang Data

417 views • 24 slides
Java Programming Unit 15 HTTP Sessions and cookies Java

Java Programming Unit 15 HTTP Sessions and cookies Java

Java Programming Unit 15 HTTP Sessions and cookies Java Server Pages (c) Yakov Fain 2014 Synchronous and Asynchronous Servlets Java Servlets run

1.41k views • 32 slides
A pattern language for microservices Chris Richardson Founder of the original CloudFoundry.com

A pattern language for microservices Chris Richardson Founder of the original CloudFoundry.com

A pattern language for microservices Chris Richardson Founder of the original CloudFoundry.com Author of POJOs in Action @crichardson chris@chrisrichardson.net http://plainoldobjects.com http://microservices.io http://eventuate.io

1.32k views • 68 slides
Architecting Java solutions for CICS Architecting Java solutions for CICS Course introduction

Architecting Java solutions for CICS Architecting Java solutions for CICS Course introduction

Architecting Java solutions for CICS Architecting Java solutions for CICS Course introduction Course introduction Reasons for hosting Java in CICS Requirements: Knowledge of transaction processing Experience of Java development What youll

757 views • 56 slides
In Introducing Cyber Effects in C2 Simulation Dr. B. Boltjes 1 , Dr. M. Pullen 2 , Dr. K. L.

In Introducing Cyber Effects in C2 Simulation Dr. B. Boltjes 1 , Dr. M. Pullen 2 , Dr. K. L.

In Introducing Cyber Effects in C2 Simulation Dr. B. Boltjes 1 , Dr. M. Pullen 2 , Dr. K. L. Morse 3 1 TNO Defence Research, The Netherlands 2 George Mason University, C4I Centre. 3 Johns Hopkins University / Applied Physics Laboratory APPROVED

559 views • 30 slides
s n i k n e J h t i w n o i t a r g e t n I s u o u n i t n o C n

s n i k n e J h t i w n o i t a r g e t n I s u o u n i t n o C n

s n i k n e J h t i w n o i t a r g e t n I s u o u n i t n o C n o h t y P n o s u c o f . . . & M i k a J e n k i n s G r m l . o r g P r o j e c t D a i l y b u

781 views • 49 slides
P

P

P Prr ss rt rst t

824 views • 24 slides

More recommend