CRAT: Code Review Assistant Tool for Mobile Operating Systems – FxOS as an example

• Main Authors: CHANG, HANG-CHUNG, 張瀚中
• Other Authors: Huang, Yu-Lun
• Format: Others
• Language: en_US
• Published: 2015
• Online Access: http://ndltd.ncl.edu.tw/handle/uh6yd8

碩士 === 國立交通大學 === 電機工程學系 === 103 === Recently, mobile technologies grow rapidly, more and more valuable personal information is stored on the mobile devices. This leads to a raising risk of mobile devices. One of the major attacks is from the anomalous mobile apps. Attackers exploit the vulnerabilities of mobile apps and launch attacks to the mobile devices. These attacks may cause the system crash or leakage of personal information. To improve the security of a mobile device, mobile apps must be carefully reviewed before they can be pushed to a marketplace. However, when we submitted an anomalous app, which uses up extremely high cycles, to an app reviewer, the reviewer approved the app after couple days. This means it is not easy for an app reviewer to review every line of an app. In the thesis, we propose CRAT to help an app reviewer vetting mobile app. We revise the K-means classification (called K'-means classification) to better detect anomaly apps which can cause DoS attacks (CPU, memory, network I/O). We classify normal apps into groups using K'-means classification and test the app under review with these groups. Three experiments are designed for evaluating the accuracy and performance of CRAT. The results show CRAT can detect anomalies with an accuracy of 90\% or above. And the classification and detection process can be done in a short time; 60000 normal apps can be classified within 0.2 seconds.