FSquaDRA2: Evaluation of Resource-based App Repackaging Detection in Android

I am a primary developer of the FSquaDRA2 tool.

This tool caculates similarity between two Android applications using different metrics and different types of files constituting an Android package.

BBoxTester: Towards Black Box Testing of Android Apps

I am a primary developer of BBoxTester.

BBoxTester is a framework able to generate code coverage reports and produce uniform coverage metrics in testing without the source code. Security researchers сan automatically execute applications exploiting current state-of-art tools, and use the results of our framework to assess if the security-critical code was covered by the tests.

StaDynA: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications

I am a primary developer of StaDynA.

StaDynA is a system that allows analysts to dissect Android applications, which rely on dynamic code update features, i.e., reflection and dynamic class loading. This system combines static and dynamic analysis techniques. The system consists of server, which is a static analyzer based on AndroGuard, and client, which is a smartphone or emulator with a crafted version of the Android operating system. Using this system it is possible to detect the targets of reflective calls (even if they are encrypted or calculated at runtime), and to download and analyze classes loaded dynamically at runtime.

FSquaDRA: Fast Detection of Repackaged Applications

I am a primary developer of FSquaDRA.

FSquaDRA is a tool aiming at detection of repackaged Android applications. In the scope of this project we proposed a novel detection technique based on comparison of application resources. Moreover, we suggest an approach that can detect repackaged Android apps in a very fast way.

MOSES: MOdes-of-use SEparation for Smartphones

I am a primary developer of the MOSES system.

MOSES is a system, which is built on top of the Android OS, that can separate data on a device and can control the behavior of a user when she uses a smartphone in different contexts.

CRêPE: Context-Related Policies on Android

I am a contibutor to the CRêPE project. I ported this system to the newer versions of Android.

CRêPE (Context-Related Policy Enforcement) aims to support efficient context-related policy enforcement on mobile platforms. A context-related policy is a policy which enforcement requires the awareness of the user/device context.