GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → OMirzaei → TriFlow

OMirzaei / TriFlow

Licence: other
TriFlow: Triaging Android Applications using Speculative Information Flows

Programming Languages

python
139335 projects - #7 most used programming language

Labels

androidrisksmartphonetriagecomputer-security

Projects that are alternatives of or similar to TriFlow

OasisLMF
Loss modelling framework.
Stars: ✭ 84 (+600%)
Mutual labels:  risk
benchmarks-attitude-smartphones
Benchmark on Attitude Estimation with Smartphones (datasets & scripts)
Stars: ✭ 30 (+150%)
Mutual labels:  smartphone
rc-headless-transmitter
DIY 2.4 GHz RC transmitter without display, configurable through smartphone or web browser
Stars: ✭ 28 (+133.33%)
Mutual labels:  smartphone
collector
⚖Open Source Toolkit for Conducting Quantitative Risk Assessment Interviews
Stars: ✭ 26 (+116.67%)
Mutual labels:  risk
social-data
Code and data for eviction and housing analysis in the US
Stars: ✭ 17 (+41.67%)
Mutual labels:  risk
RiskPortfolios
Functions for the construction of risk-based portfolios
Stars: ✭ 43 (+258.33%)
Mutual labels:  risk
awesome-risks
Sample Risks for a Software Project
Stars: ✭ 36 (+200%)
Mutual labels:  risk
piCamBot
Security camera based on a raspberry pi and Telegram, controllable by smartphone
Stars: ✭ 43 (+258.33%)
Mutual labels:  smartphone
FreePhone
FreePhone es un proyecto de investigación sobre privacidad en dispositivos móviles. Con este repositorio pretendemos liberar toda la experiencia acumulada durante la creación de un smartphone casero.
Stars: ✭ 57 (+375%)
Mutual labels:  smartphone
Computer-Security-algorithms
👨‍💻 Computer Security algorithms in C#
Stars: ✭ 48 (+300%)
Mutual labels:  computer-security
RiskInDroid
A tool for quantitative risk analysis of Android applications based on machine learning techniques
Stars: ✭ 69 (+475%)
Mutual labels:  risk
evaluator
⚖Open Source Toolkit for Quantitative Risk Assessment
Stars: ✭ 120 (+900%)
Mutual labels:  risk
Information Security Handbook
No description or website provided.
Stars: ✭ 22 (+83.33%)
Mutual labels:  computer-security
IDVerification
"Very simple but works well" Computer Vision based ID verification solution provided by LibraX.
Stars: ✭ 44 (+266.67%)
Mutual labels:  risk
ESPproMon
ESPproMon © Smartphone App for Energy Monitoring with Appp © Technology
Stars: ✭ 15 (+25%)
Mutual labels:  smartphone
flowrisk
A Python Implementation of Measures for Order Flow Risk, e.g. VPIN
Stars: ✭ 53 (+341.67%)
Mutual labels:  risk
Orca
Advanced Malware with multifeatures written in ASM/C/C++ , work on all windows versions ! (uncompleted)
Stars: ✭ 184 (+1433.33%)
Mutual labels:  risk
Macro-Deck
Macro Deck converts your phone, tablet or any other device with an up-to-date internet browser into an powerful remote macro pad to perform single actions or even multiple actions with just one tap.
Stars: ✭ 282 (+2250%)
Mutual labels:  smartphone
market risk gan tensorflow
Using Bidirectional Generative Adversarial Networks to estimate Value-at-Risk for Market Risk Management using TensorFlow.
Stars: ✭ 63 (+425%)
Mutual labels:  risk
sensible-github-labels
Github labels for teams that like workflows and structure
Stars: ✭ 121 (+908.33%)
Mutual labels:  triage
View All Similar Projects ➔

TriFlow: Triaging Android Applications using Speculative Information Flows

VERSION:

Version (by release date): 2019-11-08

DEVELOPER INFORMATION:

Name: Omid Mirzaei
Laboratory: Computer Security Lab (COSEC)
University: Universidad Carlos III de Madrid
Website: https://0m1d.com/software/TriFlow

PUBLICATION:

TriFlow: Triaging Android Applications using Speculative Information Flows
O. Mirzaei, G. Suarez-Tangil, J. E. Tapiador, J. M. de Fuentes
ACM Asia Conference on Computer and Communications Security (ASIACCS), Abu Dhabi, UAE (April 2017)

AWARDS:

• Best Previously Published Paper Award from 4th Spanish National Cybersecurity Research Conference
Donostia-San Sebastian, Spain (June 2018)

• 3rd Place Award from CSAW-Europe Best Applied Security Research Competition
As the third top applied security research work in Europe
Grenoble INP-ESISAR, Valence, France (November 2017)

INSTALLATION INSTRUCTIONS:

TriFlow is now upgraded to be compatible with python 3. There are two ways through which you can easily install and run TriFlow:

1. pipenv install & pipenv shell
2. pip install -U -r requirements.txt

USAGE:

TriFlow comes with two main modules which are Train_TriFlow and Score_TriFlow. The former one is used to train the system and to produce probabilities and weights of information flows from the dataset (dataset is an arbitrary directory which consists of 4 main sub-folders, i.e. Benign_Apks, Malware_Apks, Benign_Flows, and Malware_Flows), while the latter is used to score new unseen applications. For more information, we would like to refer you to our publication in AsiaCCS’17, and, also, the flowcharts on this repository.

To train TriFlow, you need to transfer the required files to four sub-folders explained above, and, then, running the below command in terminal:

python Train_TriFlow.py –i ‘/Directory/of/Your/Dataset’ -o ‘/Your/Desired/Output/Directory’

Once the above command is terminated, you will have two tables namely “Prob_InfoFlows_Sorted.csv” and “Weights_InfoFlows_Sorted.csv” in your desired output directory. Moreover, you will have two additional tables, “Freq_InfoFlows_Malware.csv” and “Freq_InfoFlows_Benign.csv”, which contain the frequencies of information flows in malwares and benign applications.

To score new applications based on the trained model, you need to copy all your applications in an arbitrary directory, and, then, running the below command in terminal:

python Score_TriFlow.py -a ‘/Directory/of/Your/Applications’ -t ‘/Directory/of/ProbabilityAndWeight/Tables’ -o ‘/Your/Desired/Output/Directory'

Once the above command is terminated, you will have two files in your desired output directory. The first one is “Sorted_Scores.csv” and contains all the scores for new applications, while the second one is “Scores_Percent.txt” that provides you with a detailed explanation of scores and the contribution of flows in each score.

To normalize scores to your arbitrary ranges, you need to do the following three simple steps:
• Set the new_min and new_max variables in “Score_Normalized.py” script with your required minimum and maximum ranges.
• Comment the line 92 in “Score_TriFlow.py” script.
• Un-comment the line 93 in “Score_TriFlow.py” script.

WHAT’S NEW IN THE CURRENT VERSION?

• Source and sink API methods are extracted from .dex file directly by parsing its header.
• Multidex Android applications are taken into account.
• Users/Analysts can normalize scores to their arbitrary ranges.
• The efficiencies of scripts have been improved.

Follow this link for more detailed information regarding Dalvik Executable format: https://source.android.com/devices/tech/dalvik/dex-format

COPYRIGHT NOTICE:

All rights reserved for the above authors and research center. Please, look at the "License.txt" file for more detailed information regarding the usage and distribution of these source codes.

ACKNOWLEDGEMENT:

This work was supported by the MINECO grant TIN2013-46469-R (SPINY: Security and Privacy in the Internet of You); by the CAM grant S2013/ICE-3095 (CIBERDINE: Cybersecurity, Data, and Risks), and by the MINECO grant TIN2016-79095-C2-2-R (SMOG-DEV - Security Mechanisms for Fog Computing: Advanced Security for Devices)

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].