Friday, 23 October 2015

The Impact of API Change- And Fault-Proneness on the User Ratings of Android Apps

ABSTRACT
The mobile apps market is one of the fastest growing areas in the information technology. In digging their market share, developers must pay attention to building robust and reliable apps. In fact, users easily get frustrated by repeated failures, crashes, and other bugs; hence, they abandon some apps in favor of their competition. In this paper we investigate how the fault- and change-proneness of APIs used by Android apps relates to their success estimated as the average rating provided by the users to those apps. First, in a study conducted on 5,848 (free) apps, we analyzed how the ratings that an app had received correlated with the fault- and change-proneness of the APIs such app relied upon. After that, we surveyed 45 professional Android developers to assess (i) to what extent developers experienced problems when using APIs, and (ii) how much they felt these problems could be the cause for unfavorable user ratings. The results of our studies indicate that apps having high user ratings use APIs that are less fault- and change-prone than the APIs used by low rated apps. Also, most of the interviewed Android developers observed, in their development experience, a direct relationship between problems experienced with the adopted APIs and the users’ ratings that their apps received.
 AIM
The aim of this paper is investigate how the fault- and change-proneness of APIs used by Android apps relates to their success estimated as the average rating provided by the users to those apps
SCOPE
The scope of this paper is analyzed how the ratings that an app had received correlated with the fault- and change-proneness of the APIs such app relied upon.
EXISTING SYSTEM
Stability and fault-proneness in the Android API is a sensitive and timely topic, given the frequent releases and the number of applications that use these APIs. Therefore, the goal of this paper is to provide solid empirical evidence and shed some light on the relationship between the success of apps (in terms of user ratings), and the change- and fault-proneness of the underlying APIs (i.e., Android API and third-party libraries). We designed two case studies. In the first study we analyzed to what extent the APIs fault- and change-proneness affect the user ratings of the Android apps using them, while in the second we investigated to what extent Android developers experience problems when using APIs and how much they feel these problems can be causes of unfavorable user ratings/comments
DISADVANTAGES
·      Users easily get frustrated by repeated failures, crashes, and other bugs
·      They abandon some apps in favor of their competition.
PROPOSED SYSTEM
In this project, the purpose of our study is to investigate whether the change- and fault-proneness of APIs used by the app relates (or not) to the app success, measured by its ratings. That is, a heavy usage of fault-prone APIs can lead to repeated failures or even crashes of the apps, hence encouraging users to give low ratings and possibly even abandoning the apps. Similarly, the use of unstable APIs that undergo numerous changes in their interfaces can cause backward compatibility problems or require frequent updates to the apps using those APIs. Such updates, in turn, can introduce defects into the applications using unstable APIs. Results of our first study demonstrate that Android apps having higher user ratings generally use APIs that are less fault- and change-prone than APIs used by low rated apps.
ADVANTAGES
·      APIs used by apps having high user ratings are significantly less fault-prone than APIs used by low rated apps
·      Our findings highlight the importance of avoiding change-and fault-prone APIs, it must be clear that selecting the best APIs to use is far from trivial
SYSTEM CONFIGURATION

HARDWARE REQUIREMENTS:-

·                Processor          -   Pentium –III

·                Speed                -    1.1 Ghz
·                RAM                 -    256 MB(min)
·                Hard Disk         -   20 GB
·                Floppy Drive    -    1.44 MB
·                Key Board                 -    Standard Windows Keyboard
·                Mouse               -    Two or Three Button Mouse
·                Monitor             -    SVGA

SOFTWARE REQUIREMENTS:-

·                Operating System      :Android OS             
·                Front End                  : JAVA
·                Database                  : SqLite
·                Tool                           :Eclipse
  
REFERENCES
Linares-Vasquez, M., Bernal-Cardenas, C.E., Bavota, G, Di Penta, M. “The Impact of API Change- and Fault-Proneness on the User Ratings of Android Apps” IEEE Transactions on Software Engineering, Volume 41,  Issue 4  November  2014

A Location- And Diversity-Aware News Feed System for Mobile Users

ABSTRACT
A location-aware news feed (LANF) system generates news feeds for a mobile user based on her spatial preference (i.e., her current location and future locations) and non-spatial preference (i.e., her interest). Existing LANF systems simply send the most relevant geo-tagged messages to their users. Unfortunately, the major limitation of such an existing approach is that, a news feed may contain messages related to the same location (i.e., point-of-interest) or the same category of locations (e.g., food, entertainment or sport). We argue that diversity is a very important feature for location-aware news feeds because it helps users discover new places and activities. In this paper, we propose D-MobiFeed; a new LANF system enables a user to specify the minimum number of message categories (h) for the messages in a news feed. In D-MobiFeed, our objective is to efficiently schedule news feeds for a mobile user at her current and predicted locations, such that (i) each news feed contains messages belonging to at least h different categories, and (ii) their total relevance to the user is maximized. To achieve this objective, we formulate the problem into two parts, namely, a decision problem and an optimization problem. For the decision problem, we provide an exact solution by modeling it as a maximum flow problem and proving its correctness. The optimization problem is solved by our proposed three-stage heuristic algorithm. We conduct a user study and experiments to evaluate the performance of D-MobiFeed using a real data set crawled from Foursquare. Experimental results show that our proposed three-stage heuristic scheduling algorithm outperforms the brute-force optimal algorithm by at least an order of magnitude in terms of running time and the relative error incurred by the heuristic algorithm is below 1%. D-MobiFeed with the location prediction method effectively improves the relevance, diversity, and efficiency of news feeds.
                                                                 
 AIM
The aim of this paper is is to efficiently schedule news feeds for a mobile user at her current and predicted locations, such that (i) each news feed contains messages belonging to at least h different categories, and (ii) their total relevance to the user is maximized.
SCOPE
The scope of this paper is to achieve this objective, we formulate the problem into two parts, namely, a decision problem and an optimization problem.
EXISTING SYSTEM
MobiFeed the state-of-the-art location-aware news feed system schedules news feeds for mobile users. In MobiFeed, the relevance of a message m to Bob is measured by both the content similarity between m and Bob’s submitted messages (i.e., a non-spatial factor) and the distance between m and Bob (i.e., a spatial factor). MobiFeed is motivated by the fact that, if the news feeds are only computed based on a user’s location at the query time (i.e., it does not consider the user’s future locations, e.g., GeoFeed), the total relevance of news feeds is not optimized With the geographical distance between a message and a mobile user in a relevance measure model, the relevance of a message to a mobile user is changing as the user is moving. Such a dynamic environment gives us an opportunity to employ location prediction technique to improve the quality of news feeds and the system efficiency. Existing diversification problems focus on retrieving an individual list of items with a certain level of diversity. In contrast, with our location prediction techniques, we aim at improving the quality of news feeds by scheduling multiple location- and diversity-aware news feeds for mobile users simultaneously.
DISADVANTAGES
·      A news feed may contain messages related to the same location (i.e., point-of-interest) or the same category of locations (e.g., food, entertainment or sport).
·      In MobiFeed considers a mobile environment that makes our location- and diversity-aware news feed system unique and more challenging.
PROPOSED SYSTEM
In this project, propose D-MobiFeed; a new LANF system enables a user to specify the minimum number of message categories (h) for the messages in a news feed. In D-MobiFeed, our objective is to efficiently schedule news feeds for a mobile user at her current and predicted locations, such that (i) each news feed contains messages belonging to at least h different categories, and (ii) their total relevance to the user is maximized. To achieve this objective, we formulate the problem into two parts, namely, a decision problem and an optimization problem. For the decision problem, we provide an exact solution by modeling it as a maximum flow problem and proving its correctness. The optimization problem is solved by our proposed three-stage heuristic algorithm. We conduct a user study and experiments to evaluate the performance of D-MobiFeed using a real data set crawled from Foursquare. Experimental results show that our proposed three-stage heuristic scheduling algorithm outperforms the brute-force optimal algorithm by at least an order of magnitude in terms of running time and the relative error incurred by the heuristic algorithm is below 1%. D-MobiFeed with the location prediction method effectively improves the relevance, diversity, and efficiency of news feeds.

ADVANTAGES
·      D-MobiFeed with the location prediction method effectively improves the relevance, diversity, and efficiency of news feeds.
·      D-MobiFeed can efficiently provide location- and diversity-aware news feeds when maintaining their high quality in terms of relevance
SYSTEM ARCHITECTURE

SYSTEM CONFIGURATION

HARDWARE REQUIREMENTS:-

·                Processor          -   Pentium –III

·                Speed                -    1.1 Ghz
·                RAM                 -    256 MB(min)
·                Hard Disk         -   20 GB
·                Floppy Drive    -    1.44 MB
·                Key Board                 -    Standard Windows Keyboard
·                Mouse               -    Two or Three Button Mouse
·                Monitor             -    SVGA

SOFTWARE REQUIREMENTS:-

·                Operating System      :Android OS             
·                Front End                  : JAVA
·                Database                   : SqLite
·                Tool                           :Eclipse


REFERENCES
Chow, C.Xu, W. “A Location- and Diversity-aware News Feed System for Mobile Users” IEEE Transactions ON Services Computing, Volume PP, Issue 99 MAY 2015.

Vulhunter: Toward Discovering Vulnerabilities In Android Applications

ABSTRACT:
With the prosperity of the Android app economy, many apps have been published and sold in various markets. However, short development cycles and insufficient security development guidelines have led to many vulnerable apps. Although some systems have been developed for automatically discovering specific vulnerabilities in apps, their effectiveness and efficiency are usually restricted because of the exponential growth of paths to examine and simplified assumptions. In this article, the authors propose a new static-analysis framework for facilitating security analysts to detect vulnerable apps from three aspects. First, they propose an app property graph (APG), a new data structure containing detailed and precise information from apps. Second, by modeling app-related vulnerabilities as graph traversals, the authors conduct graph traversals over APGs to identify vulnerable apps for easing the identification process. Third, they reduce the workload of manual verification by removing infeasible paths and generating attack inputs whenever possible. They have implemented the framework in a system named VulHunter with 9,145 lines of Java code and modeled five types of vulnerabilities. Checking 557 popular apps that are randomly collected from Google Play and have at least 1 million installations, the authors found that 375 apps (67.3 percent) have at least one vulnerability.
AIM
The aim of this paper is a new static-analysis framework for facilitating security analysts to detect vulnerable apps from three aspects.
SCOPE
The scope of this tends to implemented the framework in a system named VulHunter with 9,145 lines of Java code and modeled five types of vulnerabilities.
EXISTING SYSTEM:
Existing research on automatic vulnerability discovery for applications (“apps”) usually focuses on several specific types of vulnerabilities because of the undecidability of the generic problem of spotting program vulnerabilities For example, ComDroid aims at Intent related issues (that is, unauthorized Intent receipt and Intent spoofing). SMV-Hunter detects SSL and Transport Layer Security (TLS) man-in-the-middle vulnerabilities., Content Scope examines the vulnerabilities of an unprotected content provider. Android Leaks uncovers potential private information leakages. Woodpecker targets capability leak vulnerabilities. CHEX discovers component hijacking vulnerabilities. However, these systems’ effectiveness and efficiency are usually restricted in practice due to the exponential growth of paths to examine, simplified assumptions, and the limited number of vulnerability patterns.1,8 Moreover, it is not easy to extend these systems to capture new vulnerabilities, although they share some common, components (such as constructing control-flow graphs and dataflow graphs).
DISADVANTAGES:

  1.  It is not easy to extend these systems to capture new vulnerabilities, although they share some common, components (such as constructing control-flow graphs and dataflow graphs).
  2. They did not discover vulnerable apps, and it is not clear how SCA processes those apps.

PROPOSED SYSTEM:
In this project, propose a new static-analysis framework to facilitate vulnerability discovery for apps by extracting detailed and precise information from apps and easing the identification process. Moreover, the framework can reduce the manual-verification workload by performing slicing and filtering out infeasible paths. To our knowledge, existing approaches cannot achieve these goals simultaneously. Moreover, defining app property graphs (APGs) and employing graph databases can scale up the vulnerability discovery process. Researchers are exploring an alternative vulnerability-discovery approach of facilitating security analysts by providing detailed and precise information and expert knowledge. The work closest to our approach is the code property graph (CPG),1 which combines an abstract syntax tree (AST), control-flow graph (CFG), and program dependency graph (PDG) to represent C source codes and model common vulnerabilities as graph traversals. Therefore, finding potential vulnerabilities is turned into performing graph traversals over CPGs with much better performance in terms of accuracy and flexibility. Although we also model vulnerabilities as graph traversals and conduct graph traversals to find vulnerable apps, significant differences exist between the two approaches.
ADVANTAGES

  1. Capturing vulnerabilities is made easy and alsomodeling vulnerabilities become easy as per graph traversals.
  2. It reduces false positives and optimizes queries according to vulnerabilities pattern.

SYSTEM ARCHITECTURE:


SYSTEM CONFIGURATION

HARDWARE REQUIREMENTS:-

·                Processor          -   Pentium –III

·                Speed                -    1.1 Ghz
·                RAM                 -    256 MB(min)
·                Hard Disk         -   20 GB
·                Floppy Drive    -    1.44 MB
·                Key Board                 -    Standard Windows Keyboard
·                Mouse               -    Two or Three Button Mouse
·                Monitor             -    SVGA

SOFTWARE REQUIREMENTS:-

·                Operating System      :Android OS             
·                Front End                  : JAVA
·                Database                  : SqLite
·                Tool                           :Eclipse

REFERENCE:
Chenxiong Qian Xiapu Luo ; Yu Le ; Guofei Gu “VULHUNTER: TOWARD DISCOVERING VULNERABILITIES IN ANDROID APPLICATIONS”, IEEE Transactions on Micro, Volume 35 ,  Issue 1,Jan.-Feb. 2015

REAL: A RECIPROCAL PROTOCOL FOR LOCATION PRIVACY IN WIRELESS SENSOR NETWORKS

ABSTRACT
 K -anonymity has been used to protect location privacy for location monitoring services in wireless sensor networks (WSNs), where sensor nodes work together to report k -anonymized aggregate locations to a server. Each k -anonymized aggregate location is a cloaked area that contains at least k persons. However, we identify an attack model to show that overlapping aggregate locations still pose privacy risks because an adversary can infer some overlapping areas with less than k persons that violates the k -anonymity privacy requirement. In this paper, we propose a reciprocal protocol for location privacy (REAL) in WSNs. In REAL, sensor nodes are required to autonomously organize their sensing areas into a set of non-overlapping and highly accurate k -anonymized aggregate locations. To confront the three key challenges in REAL, namely, self-organization, reciprocity property and high accuracy, we design a state transition process, a locking mechanism and a time delay mechanism, respectively. We compare the performance of REAL with current protocols through simulated experiments. The results show that REAL protects location privacy, provides more accurate query answers, and reduces communication and computational costs.
AIM
The aim of this paper in REAL, sensor nodes are required to autonomously organize their sensing areas into a set of non-overlapping and highly accurate k -anonymized aggregate locations
SCOPE
The scope of this paper is to show that REAL protects location privacy, provides more accurate query answers, and reduces communication and computational costs.
EXISTING SYSTEM
With the advancement of sensor and wireless communication technologies, location monitor- ing applications have been developed for surveillance and location systems. Basically, location monitoring applications use sensors to gather personal locations and provide location-based services. However, with an untrustworthy server, an adversary may abuse its received location information to infer personal sensitive information. As a result, monitor- ing personal locations poses privacy threats to the monitored individuals
DISADVANTAGES

  1. Self-organization
  2.  reciprocity property
  3.  high accuracy

PROPOSED SYSTEM
In this paper, we propose a reciprocal protocol for location privacy (REAL) in WSNs. In REAL, sensor nodes are required to autonomously organize their sensing areas into a set of non-overlapping and highly accurate k -anonymized aggregate locations. To confront the three key challenges in REAL, namely, self-organization, reciprocity property and high accuracy, we design a state transition process, a locking mechanism and a time delay mechanism, respectively. 
ADVANTAGES

  1.  The state transition process to accomplish self-organization among sensor nodes
  2. The locking mechanism to guarantee the reciprocity property.
  3. The delay mechanism to improve the accuracy of aggregate locations.

SYSTEM ARCHITECTURE
 



SYSTEM CONFIGURATION

HARDWARE REQUIREMENTS:-

·                Processor          -   Pentium –III

·                Speed                -    1.1 Ghz
·                RAM                 -    256 MB(min)
·                Hard Disk         -   20 GB
·                Floppy Drive    -    1.44 MB
·                Key Board                 -    Standard Windows Keyboard
·                Mouse               -    Two or Three Button Mouse
·                Monitor             -    SVGA

SOFTWARE REQUIREMENTS:-

·                Operating System      :Android OS             
·                Front End                  : JAVA
·                Database                  : SqLite
·                Tool                           :Eclipse



REFERENCE:
Jia-Dong Zhang, and Chi-Yin Chow, “REAL: A RECIPROCAL PROTOCOL FOR LOCATION PRIVACY IN WIRELESS SENSOR NETWORKS” IEEE Transactions on  Dependable and Secure Computing, Year: 2015, Volume: 12, Issue: 4