Narrow Results

As the use of smartphones increases, Android, as a Linux-based open source mobile operating system (OS), has become the most popular mobile OS in time. Due to the widespread use of Android, malware developers mostly target Android devices and users. Malware detection systems to be developed for Android devices are important for this reason. Machine learning methods are being increasingly used for detection and analysis of Android malware. This study presents a method for detecting Android malware using feature selection with genetic algorithm (GA). Three different classifier methods with different feature subsets that were selected using GA were implemented for detecting and analyzing Android malware comparatively. A combination of Support Vector Machines and a GA yielded the best accuracy result of 98.45% with the 16 selected permissions using the dataset of 1740 samples consisting of 1119 malwares and 621 benign samples.

The “acoustic black hole” (ABH) phenomenon can be exploited for flexural vibration suppressions in beam and plate structures. Conventional ABH structures, however, are tied with the inherent structural weakness due to the low local stiffness required and possibly high stress concentration caused by the small residual cross-section thickness of the ABH taper, thus hampering their practical applications. In this study, the dynamic and static properties of a compound ABH beam are investigated through numerical simulations. It is shown that, whilst ensuring an effective ABH effect, the compound ABH structure allows a significant improvement in the static properties of the structure. For the former, the compound design is shown to outperform its counterpart in the conventional ABH configuration in terms of the damping enhancement and the vibration suppression. For the latter, the compound ABH structure is also shown to provide much better static properties in terms of structural stiffness and strength. Meanwhile, the structural damping can be further improved by using an extended platform at the tip of tailored profile, which improves the structural strength but reduces the structural stiffness at the same time. Therefore, when choosing the platform length, a balance needs to be struck among the desired ABH effect and the mechanical properties of the structure.

AndroPyTool is a tool for the extraction of both, static and dynamic features from Android applications. It aims to provide Android malware analysts with an integrated environment to extract multi-source features able of modelling the behaviour of a sample and that can be used to discern its nature, whether malware or goodware. AndroPyTool integrates well known tools in this field, such as AndroGuard, DroidBox, FlowDroid, AVClass, VirusTotal or Strace, which allow to obtain a wide set of features including Application Programming Interface (API) calls, permissions, labels obtained from the different antivirus engines included in VirusTotal, Source-Sinks data connections, API calls invoked in real time, accessed files, files operations and many others. AndroPyTool is an open source tool that can be used via both the source code and a Docker container, in just three stages (pre-static, static and dynamic analysis).

This paper is concerned with the bending analysis of single-walled carbon nanotubes (CNT) based on modified couple stress and strain gradient elasticity theories and Euler–Bernoulli beam theory. The size effect is taken into consideration using the modified couple stress and strain gradient elasticity theories. The governing equations and boundary conditions are derived using the variational approach. Deflections of CNT are obtained and presented in graphical form. Results are presented to show the effect of small-scale effect on bending of CNT. It is the first time in the literature, analytical expression and their solutions for the bending analysis based on strain gradient elasticity and couple stress theories are given for CNT under uniformly distributed load and concentrated end load.

The design complexity and outsourcing trend of modern integrated circuits (ICs) have increased the chance for adversaries to implant hardware Trojans (HTs) in the development process. To effectively defend against this hardware-based security threat, many solutions have been reported in the literature, including dynamic and static techniques. However, there is still a lack of methods that can simultaneously detect and diagnose HT circuits with high accuracy and low time complexity. Therefore, to overcome these limitations, this paper presents an HT detection and diagnosis method for gate-level netlists (GLNs) based on different machine learning (ML) algorithms. Given a GLN, the proposed method first partitions it into several circuit cones and extracts seven HT-related features from each cone. Then, we repeat this process for the sample GLN to construct a dataset for the next step. After that, we use K-Nearest Neighbor (KNN), Decision Tree (DT) and Naive Bayes (NB) to classify all circuit cones of the target GLN. Finally, we determine whether each circuit cone is HT-implanted through the label, completing the HT detection and diagnosis for target GLN. We have applied our method to 11 GLNs from ISCAS’85 and ISCAS’89 benchmark suites. As shown in experimental results of the three ML algorithms used in our method: (1) NB costs shortest time and achieves the highest average true positive rate (ATPR) of 100%; (2) DT costs longest time but achieve the highest average true negative rate (ATNR) of 98.61%; (3) Compared to NB and DT, KNN costs a slightly longer time than NB but the ATPR and ATNR values are approximately close to DT. Moreover, it can also report the possible implantation location of a Trojan instance according to the detecting results.

Software security vulnerabilities and leakages of private information are two of the main issues in modern software systems. Several different approaches, ranging from design techniques to run-time monitoring, have been applied to prevent, detect and isolate such vulnerabilities. Static taint analysis has been particularly successful in detecting injection vulnerabilities at compile time. However, its extension to detect leakages of sensitive data has been only partially investigated. In this paper, we introduce BackFlow, a backward flow reconstructor that, starting from the results of a generic taint analysis engine, reconstructs the flow of tainted data. If successful, BackFlow provides full information about the flow that such data (e.g. private information or user input) traversed inside the program before reaching a sensitive point (e.g. Internet communication or execution of an SQL query). Such information is needed to extend taint analysis to privacy analyses, since in such a scenario it is important to know which exact type of sensitive data flows to what type of communication channels. BackFlow has been implemented in Julia (an industrial static analyzer for Java, Android and .NET programs), and applied to WebGoat and different benchmarks to detect both injections and privacy issues. The experimental results prove that BackFlow is able to reconstruct the flow of tainted data for most of the true positives, it scales up to industrial applications, and it can be effectively applied to privacy analysis, such as the detection of sensitive data leaks or compliance with a data regulation.

Presented herein is a new method for the analysis of plates with clamped edges. The solutions for the natural frequencies of the plates are found using static analysis. The starting are the equations of motion of an isotropic rectangular plate supported on Winkler elastic foundation, with a positive or negative value. In either case, one can solve the displacements of such a plate under a given concentrated load. This deflection will be infinite if the plate losses its stiffness, or in other words, the generalized foundation is causing the plate to be unstable. The solution for the vibration frequencies of the plate is equivalent to finding the values of the negative elastic foundation that will yield infinite deflection under a point load on the plate. The solution for a clamped plate is decomposed as the sum of three cases of plates resting on elastic foundation: simply supported plate with a concentrated load, and two cases of distributed moments along opposite edges. The solution for simply supported plates with elastic foundation is found using Navier's method. For zero force, the vibration frequencies are found up to the desired accuracy by careful calculations at the neighborhood of the roots.

We investigate the decidability of the feasibility problem for imperative programs with bounded loops. A program is called feasible if all values it computes are polynomially bounded in terms of the input. The feasibility problem is representative of a group of related properties, like that of polynomial time complexity. It is well known that such properties are undecidable for a Turing-complete programming language. They may be decidable, however, for languages that are not Turing-complete. But if these languages are expressive enough, they do pose a challenge for analysis. We are interested in tracing the edge of decidability for the feasibility problem and similar problems.

In previous work, we proved that such problems are decidable for a language where loops are bounded but indefinite (that is, the loops may exit before completing the given iteration count). In this paper, we consider definite loops. A second language feature that we vary, is the kind of assignment statements. With ordinary assignment, we prove undecidability of a very tiny language fragment. We also prove undecidability with lossy assignment (that is, assignments where the modified variable may receive any value bounded by the given expression, even zero). But we prove decidability with max assignments (that is, assignments where the modified variable never decreases its value).

This study deals with a new method for the free vibration analysis of beams under different boundary conditions. We show that it is possible to apply a static approach for solving free vibration systems, i.e., we obtain natural frequencies for free vibration of beams by analyzing static beam bending problems. Specifically, the basic governing equation for beams with harmonic loadings and resting on an elastic foundation is solved and the solutions are used directly to yield the beam free vibration solutions. In the free vibration analysis, the natural frequency can be a real number or an imaginary number while in the static analysis, the foundation stiffness can be either positive or negative. We show that one can solve the deflection of a beam subjected to a given concentrated force and subsequently deduce the possible infinite deflection when the stiffness becomes zero or negative. In such cases, there exists an equivalent relationship between the free vibration frequencies and the negative stiffness. Consequently, determining the natural frequencies becomes a problem of determining an appropriate negative foundation elastic constant. In general, the numerical vibration solutions can be obtained by analyzing the relationship between loadings and frequencies. For comparison, a comparison with the classical free vibration solutions is presented and excellent agreement is illustrated. We further show that this static approach for free vibration solutions has a clear edge over the classical free vibration approach in computational beam vibration solutions. Very accurate and convergent numerical solutions can be obtained using a very simple numerical solution method. This static approach for free vibration problems can be extended for plate, shell and other structural systems.

Besides the applications aimed at increasing the efficiency of the Android mobile devices, also many malicious applications, millions of Android malware according to various security company reports, are being developed and uploaded into the application stores. In order to detect those applications, a malicious Android application detection system based on permission and permission groups namely, AppPerm Analyzer has been developed. The AppPerm Analyzer software extracts the manifest and code permissions of analyzed applications, creates duple and triple permission groups from them, calculates risk scores of these permissions and permission groups according to their usage rates in malicious and benign applications and calculates the total risk score of the analyzed application. After training the software with 7776 applications in total, it is tested with 1664 benign and 1664 malicious applications. In the tests, AppPerm Analyzer detected malicious applications with an accuracy of 96.19% at most. At this point, sensitivity (true-positive ratio) is 95.50% and specificity (true-negative ratio) is 96.88%. If a false-positive ratio up to 10% is accepted, the sensitivity increases to 99.04%.

Composite materials, with characteristics of light weight and high strength, are useful in manufacturing. Therefore, precise design and analysis is the first key procedure in composite applications, improper analysis or use of composite materials may cause serious failures. In this paper, wavelet finite element method (WFEM) based on B-spline wavelet on the interval (BSWI) is constructed for precise analysis of laminated plates and shells, which gives a guidance in design and application of composite structures. First, FEM formulations are derived from the generalized potential energy function based on the generalized variational principle and virtual work principle. Then, BSWI scaling functions are used as interpolation function to discretize the solving displacement field variables. At the same time, transformation matrix is constructed and used to translate the meaningless wavelet coefficients into physical space. At last, the static analysis results can be obtained by solving the FEM formulations. Due to the excellent features of BSWI, such as multiresolution, multiscale, localization and excellent numerical approximation characteristics etc., BSWI-based FEM can achieve accurate and efficient analysis by comparing with traditional methods. In the end, the effectiveness of the constructed BSWI WFEM is verified through several numerical examples.

This paper proposes an element decomposition method (EDM) for elastic-static, free vibration and forced vibration analyses of three-dimensional solid mechanics. The problem domain is first discretized using eight-node hexahedral elements. Then, each hexahedron is further subdivided into a set of sub-tetrahedral cells, and the local strains in each sub-tetrahedron are obtained using linear interpolation functions. For each hexahedron, the strain of the whole element is the weighted average value of the local strains, which means only one integration point is adopted to establish the stiffness matrix. To cure the numerical instability of one-point quadrature and improve the accuracy, a variation gradient item is complemented by variance of the local strains. Numerical examples, including both benchmark and practical engineering cases, demonstrate that the present method possesses the following interesting properties compared with the traditional finite element method using the same mesh discretization (1) super accuracy and faster convergence rate; (2) higher computational efficiency; (3) more immune to mesh distortion.

In this paper, a simple and accurate sinusoidal trigonometric theory (STT) for the bending analysis of functionally graded single-layer and sandwich plates and shells is presented for the first time. The principal feature of this theory is that models the thickness stretching effect with only 4-unknowns, even less than the first order shear deformation theory (FSDT) which as it is well-known has 5-unknowns. The governing equations and boundary conditions are derived by employing the principle of virtual work. Then, a Navier-type closed-form solution is obtained for functionally graded plates and shells subjected to bi-sinusoidal load for simply supported boundary conditions. Consequently, numerical results of the present STT are compared with other refined theories, FSDT, and 3D solutions. Finally, it can be concluded that: (a) An accurate but simple 4-unknown STT with thickness stretching effect is developed for the first time. (b) Optimization procedure (described in the paper) appear to be of paramount importance for 4-unknown higher order shear deformation theories (HSDTs) of this gender, so deserves a lot of further research. (c) Transverse shear stresses results are sensitive to the theory and need carefully attention.

Libraries offer reusable functionality through Application Programming Interfaces (APIs) with usage constraints such as call conditions or orders. Constraint violations, i.e. API misuses, commonly lead to bugs and security issues. Although researchers have developed various API misuse detectors in the past few decades, recent studies show that API misuse is prevalent in real-world projects, especially for secure socket layer (SSL) certificate validation, which is completely broken in many security-critical applications and libraries. In this paper, we introduce SSLDoc to effectively detect API misuse bugs, specifically for SSL API libraries. The key insight behind SSLDoc is a constraint-directed static analysis technique powered by a domain-specific language (DSL) for specifying API usage constraints. Through studying real-world API misuse bugs, we propose ISpec DSL, which covers majority types of API usage constraints and enables simple but precise specification. Furthermore, we design and implement SSLDoc to automatically parse ISpec into checking targets and employ a static analysis engine to identify potential API misuses and prune false positives with rich semantics. We have instantiated SSLDoc for OpenSSL APIs and applied it to large-scale open-source programs. SSLDoc found 45 previously unknown security-sensitive bugs in OpenSSL implementation and applications in Ubuntu. Up to now, 35 have been confirmed by the corresponding development communities and 27 have been fixed in master branch.

This technical note presents a static–dynamic relationship for the flexural free vibration analysis of beams in tension with some specific boundary conditions. It is shown to be possible that a free vibration system can be solved via a static analysis approach to determine the natural frequencies of the beam with tension forces. The key idea of this study is to substitute the real natural frequency parameters with zero or negative elastic foundation stiffness, thereby allowing one to obtain the natural frequencies by analyzing the case with negative foundation elastic constant. This static approach for vibration problems can be extended for more complicated engineering structural systems.

We present a generic aproach to the static analysis of concurrent programs with procedures. We model programs as communicating pushdown systems. It is known that typical dataflow problems for this model are undecidable, because the emptiness problem for the intersection of context-free languages, which is undecidable, can be reduced to them. In this paper we propose an algebraic framework for defining abstractions (upper approximations) of context-free languages. We consider two classes of abstractions: finite-chain abstractions, which are abstractions whose domains do not contain any infinite chains, and commutative abstractions corresponding to classes of languages that contain a word if and only if they contain all its permutations. We show how to compute such approximations by combining automata theoretic techniques with algorithms for solving systems of polynomial inequations in Kleene algebras.

The static strength analysis of a diaphragm coupling with joint bearing is carried out by using ANSYS, we find that the diaphragm coupling can bear the force with only 1.5 times the maximum torque, 13228 rpm rotational speed or 12 mm compensation respectively, it can be used safely; when the diaphragm coupling is forced with combined loads(with 2000 N axial force), the coating of diaphragm coupling forced more than compression limit, there are security risks; when the diaphragm coupling is forced with combined loads(with less than 1850 N axial force), it can be used safely.