This document introduces dynamic analysis of Android applications using DroidBox. It describes what dynamic analysis is, why it is used, and how to perform it. It then provides details on DroidBox, including what it is, how it works, how to use it, and ideas for improving it. DroidBox performs dynamic taint analysis and hooking at the application framework level to monitor app actions like information leaks, network/file I/O, and cryptography operations. The document includes code snippets showing how DroidBox was ported to Android 2.3.
Kunwar Atul presented techniques for pentesting Android applications without root access. This included bypassing SSL pinning by modifying the app's manifest to allow user certificates, extracting sensitive data from backup files without root using ADB, and exploiting insecure Firebase databases and deep links. Deep links could be triggered via ADB to load attacker URLs within an app's webview. References were provided on SSL pinning bypass with Burp Suite, Frida, and modifying apps; reading data without root; and exploiting Firebase and deep links. The presentation did not cover Android architecture, tools like Drozer and Apktool, or lab setups.
An Introduction to the Android Framework -- a core architecture view from app...William Liang
This presentation, following the previous "An Introduction to the Linux Kernel and Device Drivers", is for another 3-hours lecture in the "Open Source System Software & Practice" class, organized and hosted by Prof. Shih-Hao Hung, in the Department of Computer Science and Information Engineering, National Taiwan University.
The slides cover the architecture of the Android Framework, including the Android architecture overview, system integration of the Android operating system, the Activity and Service framework components, life cycles, inter-component communication methods, how the framework works, the Android device control model, core system services, hardware abstraction layer, and related important issues, etc.
AppSec EU 2016: Automated Mobile Application Security Assessment with MobSFAjin Abraham
Mobile Application market is growing like anything and so is the Mobile Security industry. With lots of frequent application releases and updates happening, conducting the complete security analysis of mobile applications becomes time consuming and cumbersome. In this talk I will introduce an extendable, and scalable web framework called Mobile Security Framework (https://github.com/ajinabraham/YSO-Mobile-Security-Framework) for Security analysis of Mobile Applications. Mobile Security Framework is an intelligent and automated open source mobile application (Android/iOS) pentesting and binary/code analysis framework capable of performing static and dynamic analysis. It supports Android and iOS binaries as well as zipped source code. During the presentation, I will demonstrates some of the issues identified by the tool in real world android applications. The latest Dynamic Analyzer module will be released at OWASP AppSec. Attendees Benefits * An Open Source framework for Automated Mobile Security Assessment. * One Click Report Generation and Security Assessment. * Framework can be deployed at your own environment so that you have complete control of the data. The data/report stays within the organisation and nothing is stored in the cloud. * Supports both Android and iOS Applications. * Semi Automatic Dynamic Analyzer for intelligent application logic based (whitebox) security assessment.
Scalable Service-Oriented Middleware over IPDai Yang
ABSTRACT
Due to the increased amount of communication in cars, a reliable and easy to use middleware system for automotive applications becomes a popular research field. In this paper, we review a recent approach: the Scalable Service-Oriented Middleware over IP (SOME/IP). We present current tech- nologies and how SOME/IP differs from them. We point out how SOME/IP is ordered into the ISO/OSI layer model and discuss its service orientation. We also present the ad- vantages and disadvantages of SOME/IP. In the end, we analyze its timing behavior and whether it is suitable for automotive software or not.
Cyber Security Extortion: Defending Against Digital Shakedowns CrowdStrike
Real world lessons from CrowdStrike Services experts investigating complex cyber extortion attacks
The criminal act of theft is as old as civilization itself, but in the cyber realm new ways to steal your organization's data or profit by holding it hostage, continue to evolve. With each advancement in security technology, adversaries work tirelessly on new techniques to bypass your defenses. This webcast, "Cyber Extortion: Digital Shakedowns and How to Stop Them" examines the evolution of cyber extortion techniques, including the latest "datanapping" exploits. Whether it's an attack on a major movie studio, a massive healthcare system, or a global entertainment platform, recent extortion attempts demonstrate how critical it is to understand today's threat landscape so you can ensure that your organization mounts the best defense possible.
Download this presentation to learn what security experts from the cyber defense frontlines are discussing. Learn about:
•The range of extortion techniques being used today, including commonalities and differences in approaches
•Commodity type ransomware/datanapping vs. hands-on attacks — how are they alike and what are their differences?
•Potential outcomes of paying vs. not paying when attempting to recover data after an attack
•Real world examples of successful attacks and those that were thwarted or mitigated
•Strategies for keeping your organization from being targeted and what to do if you become the victim of a cyber shakedown
This document provides an overview of setting up an iOS penetration testing environment and common techniques for analyzing iOS applications. It discusses jailbreaking a device and installing useful tools. It also covers understanding the iOS file system and Objective-C runtime, using tools like Cycript and class-dump-z to enable runtime analysis and manipulation. The document describes insecure data storage techniques like plist files, NSUserDefaults, and CoreData that store unencrypted data. It also discusses analyzing network traffic and automated testing.
The document discusses tools and techniques related to analyzing Android applications. It provides an overview of the Android operating system architecture and outlines various static and dynamic analysis methods. These include decompiling applications with Apktool and Dex2jar, reviewing manifest files, monitoring network traffic with Wireshark, and using tools like Burp Suite and Mallory. The document also highlights common mobile security issues discovered through analysis and provides recommendations for securing Android devices and applications.
Mobile Application Security Testing (Static Code Analysis) of Android AppAbhilash Venkata
This document discusses three angles for performing mobile application security testing: client side checks, dynamic/runtime checks of local storage, databases and more, and static code analysis. It focuses on static code analysis, explaining that it covers over 50% of the OWASP Mobile Top 10 risks. It provides details on fetching APKs, converting them to source code, manual and automated static code analysis tools like MobSF and QARK, and common issues like improper use of Android intents that can be discovered through static analysis.
Getting started with using the Dark Web for OSINT investigationsOlakanmi Oluwole
The document discusses how to conduct open-source intelligence (OSINT) investigations using the dark web, providing an overview of the surface web, deep web, and dark web; resources for finding dark web sites like search engines and directories; and tips for investigating cases like finding the location and Wi-Fi network from a photo's metadata. It aims to educate on safely and legally utilizing open-source information on the dark web for investigative purposes.
Nmap is an open source tool that can scan networks to discover available hosts, services on hosts, operating systems and versions running on hosts, types of firewalls and filters in place, and other network details. It works across Linux, Windows, and other platforms. Nmap uses raw IP packets to gather this information, which can help identify security issues but also be used by attackers for reconnaissance. The tool supports various types of scans with different tradeoffs between stealthiness and information discovered. While Nmap has both command line and GUI interfaces, advanced usage requires command line expertise.
The document discusses web application security and the F5 BIG-IP Application Security Manager (ASM). It notes that most attacks are now targeted at web applications rather than networks. It then provides an overview of common web application attacks that ASM can protect against. The document discusses how ASM uses a positive security model to provide implicit protection against both known and unknown attacks. It also outlines the various deployment options and protections that ASM provides, such as bot detection, DDoS mitigation, and web application firewall capabilities.
Nmap is a free and open source tool for network discovery and security auditing. It was written by Fyodor and allows users to identify hosts on a network, determine services and operating systems running on them, and discover vulnerabilities. The document outlines the basic anatomy of a scan, describing the DNS lookup, ping, reverse DNS lookup, and scan steps. It also covers different scan types like TCP SYN, connect, ping, and UDP scans as well as useful options for excluding or including targets, specifying port numbers, and adjusting ping behavior. Later modules discuss operating system and version detection, stealth scanning techniques, timing options, and randomizing scans.
The Cyber Defense Matrix helps people organize and understand gaps in their overall security program. These slides describe several additional use cases of the Cyber Defense Matrix, including how to map the latest startup vendors and security trends, anticipate gaps, develop program roadmaps, capture metrics, reconcile inventories, improve situational awareness, and create a board-level view of their entire program.
See the 2016 version at: http://bit.ly/cyberdefensematrix
See the 2019 version at: http://bit.ly/cyberdefensematrixreloaded
This document discusses using Frida, a dynamic instrumentation toolkit, to bypass security defenses in Android apps. It provides an introduction to Frida and how it works, describes common Android app defenses like anti-debugging and anti-emulation checks, and demonstrates how to use Frida to bypass some of these defenses through code injection and interception. The document contains code examples and promises a demo of using Frida to monitor and intercept methods in an Android app in real-time.
The document provides biographies and background information on two cyber threat hunters, Teymur Kheirkhabarov and Sergey Soldatov. It then discusses the process of cyber threat hunting, including collecting log and system event data from endpoints, analyzing that data using tools like Yara and Cuckoo Sandbox, and manually investigating anomalies through iterative hypothesis testing to detect advanced threats. Examples are given of how threat hunters traced back the steps of an attacker who compromised a system by injecting code into the LSASS process and establishing persistence via a scheduled task. The document emphasizes that threat hunting requires both machine analysis of large datasets as well as human reasoning to uncover sophisticated threats that evade other security solutions.
This document provides an overview of scanning techniques used in ethical hacking. It defines scanning as gathering information about IP addresses, operating systems, services, and architectures of target systems. The document outlines common scanning types like port scanning, network scanning, and vulnerability scanning. It also describes popular scanning tools like Nmap and Hping2, and scanning methods like ping sweeps, SYN stealth scans, and Xmas scans. The goal of scanning is to detect live systems, open ports, operating systems, and services to inform later stages of hacking like banner grabbing, vulnerability assessment, and network mapping.
Understanding the Cyber Security Vendor LandscapeSounil Yu
We are often inundated with vendors offering their products and services to solve our various information security problems. How can you make sense of the wide range of technologies and ensure that your control gaps are being covered? Where are opportunities for technology disruption? Where are you overly reliant on technology? This is a framework for understanding security technologies so that you can align vendors in the right bucket to ensure that you have the suite of technologies that you need to execute your information security mission.
Distributed Immutable Ephemeral - New Paradigms for the Next Era of SecuritySounil Yu
We are rapidly approaching the next era of security where we need to be focused on the ability to recover from irrecoverable attacks. This can also be defined as resiliency. The traditional view of resiliency attempts to quickly restore assets that support services that we care about. This new approach/paradigm looks at resilience in ways that promote design patterns (distributed, immutable, ephemeral) where we do not care about a given asset at all while still keeping the overall service functioning. This new approach allows us to avoid having to deal with security at all.
This document discusses improving the Android Application Sandbox (DroidBox) by porting it to support Android 2.3, repackaging APKs to monitor API calls, and developing a new APIMonitor tool. The APIMonitor intercepts API calls by parsing smali code and outputting parameter and return values. It builds an API database to detect inherited methods. Future work includes classifying sensitive APIs and moving analysis to the cloud.
Automated Security Analysis of Android & iOS Applications with Mobile Securit...Ajin Abraham
Ajin Abraham presents the Mobile Security Framework, an open source tool for automating security analysis of Android and iOS mobile applications. It performs static analysis on application binaries and source code to detect vulnerabilities. It also includes dynamic analysis capabilities like monitoring network traffic, system calls and application data during runtime. The tool is hosted locally and does not send any data to the cloud. The talk demonstrates the tool's static and dynamic analysis features and provides examples of vulnerabilities it has discovered in real world applications. Future plans are discussed to add additional testing capabilities and improve the tool. Users are encouraged to download, test and contribute to the open source project.
This document proposes a sewerage system project for Pakistan to address current deficiencies. It outlines technical approaches like using gravity and pumping stations to move wastewater out of cities to be recycled before releasing into canals or for agricultural use. The project would start in major cities and expand nationwide, creating jobs and improving living standards and the environment. It seeks approval and funding from the Local Government and Community Development department, having consulted international construction firms on implementation. The project scope and stakeholders are defined, along with past experience working on similar initiatives and references.
The document discusses how a web browser can be used as a tool for hacking and reconnaissance by searching for sensitive information exposed online, such as administrative interfaces, documents containing private details, and vulnerabilities in web applications. It provides examples of searches that have uncovered passwords, internal files, and personal data, and warns that aggregation of online data poses serious privacy risks. The document aims to demonstrate how easy and powerful a web browser can be for gathering intelligence about targets.
Diabetes, Cardiovascular & Renal Complicationsnhussain12
This document provides information about a conference on diabetes, cardiovascular, and renal complications taking place on November 28-29, 2012 in London. It summarizes that registering by July 6th provides a £300 discount and registering by September 28th provides a £100 discount. It also lists the keynote speakers and topics to be discussed including novel diabetes drugs, biomarkers, hypertension, FDA guidelines, nephropathy, inflammation, dyslipidemia, and more.
Bark & Co specializes in commercial litigation and business disputes. Their initial approach is to thoroughly research and understand disputes to resolve them quickly and cheaply. Most disputes can be settled through alternative dispute resolution like mediation rather than expensive litigation. If court proceedings are necessary, Bark & Co works diligently to ensure the process is efficient, timely and cost-effective to achieve the best outcome for clients. They handle a wide range of commercial litigation for both individuals and corporations.
The document summarizes upcoming courses being offered by the Freshwater Biological Association (FBA), including a two-day course on identifying chironomid midge pupae to assess water quality. It also provides brief summaries of recent research articles covering topics like female sticklebacks preparing offspring for climate change, lawsuits to protect endangered freshwater fish species, and the potential of swamps to store large amounts of carbon. The bulletin aims to keep readers informed of current freshwater issues and research involving the FBA.
Over 120 riders from Harmony participated in the 2012 Adoption Ambassador Tour to support adoption and raise awareness for Tennessee children needing forever families. The tour aimed to welcome children, help prepare them for adoption, and offer encouragement and support through teamwork to accomplish the goal of finding every child a forever family.
Here is the winning story of the week - The Law of Sacrifice - the file is e-book. Please press right bottom corner of the screen to view the full page view.
This document discusses strategies for making Ruby on Rails applications highly available. It covers common architectures using a single server, and moving to distributed systems. Key topics include application modularity, useful gems for asynchronous processing, database replication, session management, application deployment, configuration management, and load balancing. The conclusion emphasizes that porting Rails apps to a highly available environment requires thinking about architecture and distribution early, but is not prohibitively difficult if approached methodically.
Project Coin introduced several new features to Java 7 including diamond syntax for type inference, multi-catch exception handling, try-with-resources for cleaner resource management, strings in switch statements, and underscores in numeric literals. NIO.2 expanded non-blocking I/O with new file system APIs and WatchService for monitoring directories. Performance was improved through parallel array operations and other concurrency updates. Java 8 will include lambda expressions and new date/time APIs.
This document provides an overview of how to build a full stack API with DevOps integration using Quarkus in under an hour. It discusses APIs in microservice architectures, Quarkus advantages over other frameworks, and includes demos on building the first Quarkus API, adding fault tolerance, observability, logging, persistence, and security. The agenda covers asynchronous and synchronous communication patterns, MicroProfile basics, Quarkus benefits like performance and container support, JAX-RS annotations, and using various Quarkus extensions for fault tolerance, OpenTelemetry, logging, databases, Hibernate ORM with Panache, and OAuth security.
This document provides an overview of the Laravel PHP framework. It discusses Laravel's history and evolution from version 1 to the current version 5.3. Key Laravel concepts are explained such as routing, controllers, models, views, Artisan commands, and architectural changes in version 5 like the directory structure and environment detection. Additional Laravel tools and resources are also mentioned like Laravel Elixir, Homestead, and Laracasts.
This document discusses approaches to managing architecture for Java and Spring applications. It covers topics like granularity of modules, layers and slices; using packages and code analysis tools to enforce architecture; a plain Java approach using packages and visibility; and the Hera plugin system for localizing change and enabling flexibility. Hera is a small plugin registry that allows selecting plugins based on criteria and callbacks to extend functionality in a modular way.
This document discusses distributed programming with Java RMI. It explains the key components of client-server systems and different distributed computing models like DCE, DCOM, CORBA, and Java RMI. It then describes how Java RMI works, the packages involved, and provides steps to implement a basic RMI application with a remote interface, server implementation, and client.
This document discusses distributed programming with Java RMI. It explains the key components of client-server systems and different distributed computing models like DCE, DCOM, CORBA, and Java RMI. It then describes how Java RMI works, the packages involved, and provides steps to implement a basic RMI application with a remote interface, server implementation, and client.
In this deck, I quickly summarize how people have dealt with logging in Docker historically and then describe a comprehensive approach to logging and monitoring in Docker, based on research and customer interviews.
While Docker adds a welcome layer of abstraction to the deployment of applications, it also challenges assumptions on how those applications should be managed. I discuss a comprehensive approach for collecting logs and metrics into a centralized platform and dissect the latest additions to Docker itself (log drivers, stats).
OverBlog top European blogging platform chose Symfony 2 for its brand new version.
Lear about their engineers feedbacks on how they design their software architecture based on Symfony 2.
The following points will be discussed:
- Dependency injection: Making a high speed transport layer with Apache Thrift into Symfony 2.
- Security Bundle: Integrating a Single Sign On
- Twig: Using Twig sandbox to jail custom OverBlog's users themes integration.
This presentation will be animated by Xavier HAUSHERR (CTO) and Gérald LONLAS (Project manager)
Android MVVM architecture using Kotlin, Dagger2, LiveData, MediatorLiveDataWaheed Nazir
Kotlin MVVM Architecture:
A sample app that display list of Google news. The purpose of this project to illustrate the usage of MVVM architecture design pattern that follow the best practices of Object Oriented Design Patterns using the following technology stack.
Architecture Design Pattern
MVVM
Dagger2 (Dependency Injection)
Live Data, MediatorLiveData
Room Database
Retrofit
Unit Testing (Espresso), Mockito (Coming soon)
Repository Pattern
AndroidX
Glide
NetworkBoundResource, NetworkAndDBBoundResource
Google News API
JetPack Libraries
FIWARE Wednesday Webinars - How to Debug IoT AgentsFIWARE
How to Debug IoT Agents Webinar - 17th April 2019
Corresponding webinar recording: https://youtu.be/FRqJsywi9e8
Chapter: IoT Agents
Difficulty: 3
Audience: Any Technical
Presenter: Jason Fox (Senior Technical Evangelist, FIWARE Foundation)
How to debug IoT Agents - investigating what goes wrong and how to fix it.
Advanced Malware Analysis Training Session 5 - Reversing Automationsecurityxploded
This presentation is part of our Advanced Malware Analysis Training Series program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
JavaOne 2009 BOF-5189 Griffon In DepthDanno Ferrin
Griffon is a software framework based on Grails that allows building rich desktop applications with Groovy and Java. It follows conventions like Grails for configuration and file layout. Griffon applications use the model-view-controller pattern extensively with reusable "MVC groups". The framework provides built-in support for testing and plugins to automate common tasks.
This document provides an overview of the dost.jar and fo.jar files in the DITA-OT. It discusses that dost.jar holds the Java code for the overall DITA-OT framework, while fo.jar holds the code for the FO plugin that generates PDF output. It then describes how to build a customized version of these jars by modifying the source code, and outlines some of the key functions contained within each jar file, such as the Java invoker, integrator, and processing pipeline modules.
Toward dynamic analysis of obfuscated android malwareZongXian Shen
The document provides an overview of analyzing obfuscated Android malware. It begins with a quick review of the Android runtime and framework startup process. It then discusses dynamic analysis techniques for fighting encrypted DEX code and native protectors. For encrypted DEX code, it describes preparing an emulator, debugging tools, and tracing plugins to analyze a sample that uses encryption. It explores the sample's decryption and loading logic, class decryption through reflection, and an anti-tampering technique. For native protectors, it discusses unpacking the library through static and dynamic analysis, reviewing the library loading process, and preparing to trace library initialization for monitoring decryption.
Grâce aux tags Varnish, j'ai switché ma prod sur Raspberry PiJérémy Derussé
Le moyen le plus rapide d'obtenir une réponse d'un Backend est de ne pas l'appeler ;-) Une solution fournie par les "reverse-proxy" me direz-vous, mais pas si simple d'invalider le cache...
Ce talk aborde une fonctionnalité méconnue de Varnish: les tags. Nous verrons comment en tirer partie via les "event listeners" d'une application Symfony standard. Au menu, un cluster de Rasberry Pi, une API, et des données toujours fraîches sous la milliseconde.
Creating a modern web application using Symfony API Platform, ReactJS and Red...Jesus Manuel Olivas
The API Platform framework is a set of tools to help you building API-first projects. The API project Platform is built on top of the Symfony framework, it means you can reuse all your Drupal 8 and Symfony skills and benefit of the incredible amount of Symfony documentation and community bundles.
During this session, you will learn how to use the API Platform project to create a modern web application using Symfony, Doctrine, ReactJS, Redux, Redux-Saga, Ant Design and DVA.
Scala and Akka work well for building resilient and concurrent Android applications like VoIP systems. The actor model in Akka helps encapsulate stateful components and handle errors gracefully. While some challenges exist like dex method limits and Proguard configuration, Scala has been successfully used in large Android apps and provides benefits like a powerful language and ecosystem compared to alternatives like Kotlin.
The document summarizes the Android camera subsystem architecture. It describes the application layer which uses Camera and MediaRecorder objects to access the camera. These objects communicate with native code through JNI. Native code uses Binder interfaces to communicate between processes like the MediaServer. The MediaServer manages services like the camera and encodes/writes media using Stagefright and hardware-accelerated codecs. Device drivers in the kernel provide low-level hardware access. Function calls propagate down through these layers when taking a picture or recording video.
Similar to Introduction to Dynamic Analysis of Android Application (20)
7 Most Powerful Solar Storms in the History of Earth.pdfEnterprise Wired
Solar Storms (Geo Magnetic Storms) are the motion of accelerated charged particles in the solar environment with high velocities due to the coronal mass ejection (CME).
Quality Patents: Patents That Stand the Test of TimeAurora Consulting
Is your patent a vanity piece of paper for your office wall? Or is it a reliable, defendable, assertable, property right? The difference is often quality.
Is your patent simply a transactional cost and a large pile of legal bills for your startup? Or is it a leverageable asset worthy of attracting precious investment dollars, worth its cost in multiples of valuation? The difference is often quality.
Is your patent application only good enough to get through the examination process? Or has it been crafted to stand the tests of time and varied audiences if you later need to assert that document against an infringer, find yourself litigating with it in an Article 3 Court at the hands of a judge and jury, God forbid, end up having to defend its validity at the PTAB, or even needing to use it to block pirated imports at the International Trade Commission? The difference is often quality.
Quality will be our focus for a good chunk of the remainder of this season. What goes into a quality patent, and where possible, how do you get it without breaking the bank?
** Episode Overview **
In this first episode of our quality series, Kristen Hansen and the panel discuss:
⦿ What do we mean when we say patent quality?
⦿ Why is patent quality important?
⦿ How to balance quality and budget
⦿ The importance of searching, continuations, and draftsperson domain expertise
⦿ Very practical tips, tricks, examples, and Kristen’s Musts for drafting quality applications
https://www.aurorapatents.com/patently-strategic-podcast.html
Understanding Insider Security Threats: Types, Examples, Effects, and Mitigat...Bert Blevins
Today’s digitally connected world presents a wide range of security challenges for enterprises. Insider security threats are particularly noteworthy because they have the potential to cause significant harm. Unlike external threats, insider risks originate from within the company, making them more subtle and challenging to identify. This blog aims to provide a comprehensive understanding of insider security threats, including their types, examples, effects, and mitigation techniques.
Best Programming Language for Civil EngineersAwais Yaseen
The integration of programming into civil engineering is transforming the industry. We can design complex infrastructure projects and analyse large datasets. Imagine revolutionizing the way we build our cities and infrastructure, all by the power of coding. Programming skills are no longer just a bonus—they’re a game changer in this era.
Technology is revolutionizing civil engineering by integrating advanced tools and techniques. Programming allows for the automation of repetitive tasks, enhancing the accuracy of designs, simulations, and analyses. With the advent of artificial intelligence and machine learning, engineers can now predict structural behaviors under various conditions, optimize material usage, and improve project planning.
Are you interested in dipping your toes in the cloud native observability waters, but as an engineer you are not sure where to get started with tracing problems through your microservices and application landscapes on Kubernetes? Then this is the session for you, where we take you on your first steps in an active open-source project that offers a buffet of languages, challenges, and opportunities for getting started with telemetry data.
The project is called openTelemetry, but before diving into the specifics, we’ll start with de-mystifying key concepts and terms such as observability, telemetry, instrumentation, cardinality, percentile to lay a foundation. After understanding the nuts and bolts of observability and distributed traces, we’ll explore the openTelemetry community; its Special Interest Groups (SIGs), repositories, and how to become not only an end-user, but possibly a contributor.We will wrap up with an overview of the components in this project, such as the Collector, the OpenTelemetry protocol (OTLP), its APIs, and its SDKs.
Attendees will leave with an understanding of key observability concepts, become grounded in distributed tracing terminology, be aware of the components of openTelemetry, and know how to take their first steps to an open-source contribution!
Key Takeaways: Open source, vendor neutral instrumentation is an exciting new reality as the industry standardizes on openTelemetry for observability. OpenTelemetry is on a mission to enable effective observability by making high-quality, portable telemetry ubiquitous. The world of observability and monitoring today has a steep learning curve and in order to achieve ubiquity, the project would benefit from growing our contributor community.
How Social Media Hackers Help You to See Your Wife's Message.pdfHackersList
In the modern digital era, social media platforms have become integral to our daily lives. These platforms, including Facebook, Instagram, WhatsApp, and Snapchat, offer countless ways to connect, share, and communicate.
An invited talk given by Mark Billinghurst on Research Directions for Cross Reality Interfaces. This was given on July 2nd 2024 as part of the 2024 Summer School on Cross Reality in Hagenberg, Austria (July 1st - 7th)
Advanced Techniques for Cyber Security Analysis and Anomaly DetectionBert Blevins
Cybersecurity is a major concern in today's connected digital world. Threats to organizations are constantly evolving and have the potential to compromise sensitive information, disrupt operations, and lead to significant financial losses. Traditional cybersecurity techniques often fall short against modern attackers. Therefore, advanced techniques for cyber security analysis and anomaly detection are essential for protecting digital assets. This blog explores these cutting-edge methods, providing a comprehensive overview of their application and importance.
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-InTrustArc
Six months into 2024, and it is clear the privacy ecosystem takes no days off!! Regulators continue to implement and enforce new regulations, businesses strive to meet requirements, and technology advances like AI have privacy professionals scratching their heads about managing risk.
What can we learn about the first six months of data privacy trends and events in 2024? How should this inform your privacy program management for the rest of the year?
Join TrustArc, Goodwin, and Snyk privacy experts as they discuss the changes we’ve seen in the first half of 2024 and gain insight into the concrete, actionable steps you can take to up-level your privacy program in the second half of the year.
This webinar will review:
- Key changes to privacy regulations in 2024
- Key themes in privacy and data governance in 2024
- How to maximize your privacy program in the second half of 2024
Details of description part II: Describing images in practice - Tech Forum 2024BookNet Canada
This presentation explores the practical application of image description techniques. Familiar guidelines will be demonstrated in practice, and descriptions will be developed “live”! If you have learned a lot about the theory of image description techniques but want to feel more confident putting them into practice, this is the presentation for you. There will be useful, actionable information for everyone, whether you are working with authors, colleagues, alone, or leveraging AI as a collaborator.
Link to presentation recording and transcript: https://bnctechforum.ca/sessions/details-of-description-part-ii-describing-images-in-practice/
Presented by BookNet Canada on June 25, 2024, with support from the Department of Canadian Heritage.
Paradigm Shifts in User Modeling: A Journey from Historical Foundations to Em...Erasmo Purificato
Slide of the tutorial entitled "Paradigm Shifts in User Modeling: A Journey from Historical Foundations to Emerging Trends" held at UMAP'24: 32nd ACM Conference on User Modeling, Adaptation and Personalization (July 1, 2024 | Cagliari, Italy)
Mitigating the Impact of State Management in Cloud Stream Processing SystemsScyllaDB
Stream processing is a crucial component of modern data infrastructure, but constructing an efficient and scalable stream processing system can be challenging. Decoupling compute and storage architecture has emerged as an effective solution to these challenges, but it can introduce high latency issues, especially when dealing with complex continuous queries that necessitate managing extra-large internal states.
In this talk, we focus on addressing the high latency issues associated with S3 storage in stream processing systems that employ a decoupled compute and storage architecture. We delve into the root causes of latency in this context and explore various techniques to minimize the impact of S3 latency on stream processing performance. Our proposed approach is to implement a tiered storage mechanism that leverages a blend of high-performance and low-cost storage tiers to reduce data movement between the compute and storage layers while maintaining efficient processing.
Throughout the talk, we will present experimental results that demonstrate the effectiveness of our approach in mitigating the impact of S3 latency on stream processing. By the end of the talk, attendees will have gained insights into how to optimize their stream processing systems for reduced latency and improved cost-efficiency.
Best Practices for Effectively Running dbt in Airflow.pdfTatiana Al-Chueyr
As a popular open-source library for analytics engineering, dbt is often used in combination with Airflow. Orchestrating and executing dbt models as DAGs ensures an additional layer of control over tasks, observability, and provides a reliable, scalable environment to run dbt models.
This webinar will cover a step-by-step guide to Cosmos, an open source package from Astronomer that helps you easily run your dbt Core projects as Airflow DAGs and Task Groups, all with just a few lines of code. We’ll walk through:
- Standard ways of running dbt (and when to utilize other methods)
- How Cosmos can be used to run and visualize your dbt projects in Airflow
- Common challenges and how to address them, including performance, dependency conflicts, and more
- How running dbt projects in Airflow helps with cost optimization
Webinar given on 9 July 2024
Introduction to Dynamic Analysis of Android Application
1. Introduction
to
Dynamic
Analysis
of
Android
Application
using
DroidBox
Kun
Yang
kelwya@gmail.com
2. What
is
Dynamic
Analysis?
• Dynamic
program
analysis
is
the
analysis
of
computer
so=ware
that
is
performed
by
execuAng
programs
built
from
that
so=ware
system
on
a
real
or
virtual
processor.
3. Why
Dynamic
Analysis?
• Dynamic
analysis
is
precise
• Overcome
AnA-‐reverse-‐engineering
• As
fast
as
program
execuAon
4. How
to
do
Dynamic
Analysis?
• Techniques
– System
hooking
– Dynamic
Taint
Analysis
– InstrumentaAon
• Levels
– ApplicaAon
Framework/Java
level
– NaAve
library
level
– Kernel/Driver
level
– Emulator/QEMU
level
13. How
to
Improve
DroidBox?
• PorAng
DroidBox
to
Android
2.3
– TaintDroid
has
been
ported
to
Android
2.3
• APK
instrumentaAon(*)
– PorAng
is
cumbersome
• InteracAve
analysis
log
• Cloud
Service
14. PorAng
Logs
dalvik
patch
vm/interp/Taint.h
Changed
TAINT_HISTORY
to
TAINT_BROWSER
Added
value
definiAons
of
some
taint
tags
vm/naAve/dalvik_system_Taint.c
Changed
all
the
log
tags
from
TaintLog
to
DroidBox
Added
an
argument
of
random
value
to
funcAon
Dalvik_dalvik_system_Taint_logPathFromFd
to
match
FdAccess
log
and
FileRW
log,
which
can
tell
what
file
is
being
read
or
wriien
(*)Excluded
some
file
path
started
with
“/dev/pts”,
“/system”,
“/data/app”
and
“/proc/”
which
is
legal
(*)Found
a
bug
in
TaintDroid
for
Android
2.3
that
will
make
the
log
analyzer
fail
to
output
the
correct
final
report
of
FileRW
acAons(I
will
fix
the
bug
in
the
future)
libcore
patch
libcore/crypto/src/main/java/javax/crypto/Cipher.java
Added
a
field
key
to
track
encrypAon
and
decrypAon
keys
Hacked
the
funcAon
init
to
save
encrypAon
and
decrypAon
keys
Hooked
the
funcAon
doFinal
to
log
cryptography
informaAon
libcore/crypto/src/main/java/javax/crypto/spec/SecretKeySpec.java
Modified
the
constructor
of
SecretKeySpec
Added
a
funcAon
getKey
for
other
module
to
log
with
libcore/dalvik/src/main/java/dalvik/system/DexClassLoader.java
Hooked
the
constructor
of
DexClassLoader
to
monitor
dynamic
load
and
execuAon
libcore/dalvik/src/main/java/dalvik/system/Taint.java
Added
and
changed
value
definiAons
of
some
taint
tags
as
we
did
in
Taint.h
Added
a
helper
funcAon
toHex
for
logging
Modified
declaraAon
of
naAve
funcAon
logPathFromFd
libcore/luni/src/main/java/java/io/FileDescriptor.java
Added
3
fields
to
FileDescriptor:
port,
id
and
readBuffer,
which
will
help
to
track.
Hacked
constructor
for
tracking
libcore/luni/src/main/java/java/uAl/ProperAes.java
Set
the
property
Keep-‐Alive
to
false
by
default
to
avoid
socket
reuse
libcore/luni/src/main/java/org/apache/harmony/luni/plaporm/OSFileSystem.java
Hooked
the
funcAons
read
and
write
to
log
file
operaAons
with
help
of
modified
logPathFromFd
libcore/luni/src/main/java/org/apache/harmony/luni/plaporm/OSNetworkSystem.java
Replaced
the
funcAon
getHostAddress
with
getHostName
Added
taint
sinks
or
logging
in
the
funcAons
connect/connectNonBlocking/send/wirte/sendUrgentData
(*)Many
Network
IO
funcAons
such
as
read
in
Android
2.1
are
moved
to
naAve
code
in
Android
2.3
so
I
did
logging
with
naAve
LOGW
funcAon
in
org_apache_harmony_luni_plaporm_OSNetworkSystem.cpp
libcore/security/src/main/java/java/security/MessageDigest.java
Added
2
fields
to
MessageDigest:
taintTrack
and
taintTag,
which
will
help
to
track
IniAalized
the
two
new
fields
in
the
constructor
Hooked
the
funcAon
digest
to
log
libcore/security/src/main/java/org/apache/harmony/security/PrivateKeyImpl.java
libcore/security/src/main/java/org/apache/harmony/security/provider/crypto/DSAPrivateKeyImpl.java
libcore/security/src/main/java/org/apache/harmony/security/provider/crypto/DSAPublicKeyImpl.java
libcore/security/src/main/java/org/apache/harmony/security/PublicKeyImpl.java
libcore/security/src/main/java/org/apache/harmony/security/x509/X509PublicKey.java
Added
a
funcAon
getKey
to
these
classes
for
other
module
to
log
with
libcore/security/src/main/java/org/bouncycastle/jce/
(*)JCE
library
was
not
found
in
source
code
of
Android
2.3
framework/base
patch
api/current.xml
AutomaAcally
generated
using
the
command:
make
update-‐api
core/java/android/app/AcAvity.java
Captured
the
phone
call
acAon
in
the
funcAon
startAcAvity
core/java/android/app/ContextImpl.java
Added
taint
sources
in
the
funcAon
getInstalledApplica7on
core/java/android/content/ContentResolver.java
Taint
sources
were
added
by
official
team
of
TaintDroid
in
version
2.3
in
the
funcAon
query
Changed
TAINT_HISTORY
to
TAINT_BROWSER
(*)Instead
of
adding
argument
in
CursorWrapperInner
funcAon
to
log,
DroidBox
for
Android
2.1
also
added
taint
sources
here
by
modifing
the
CursorWrapperInner
funcAon
and
the
constructor
of
class
CursorWrapper,
in
the
Android
2.3
I
chose
the
method
of
TaintDroid
team
which
is
a
liile
easier
core/java/android/content/ContextWrapper.java
Added
hook
in
the
funcAon
startService
to
log
telephony/java/android/telephony/SmsManager.java
Add
hooks
in
sendTextMessage
to
log
telephony/java/android/telephony/TelephonyManager.java
Add
hooks
in
getDeviceId
and
getSubscriberId
to
log
telephony/java/com/android/internal/telephony/PhoneSubInfo.java
Changed
the
return
values
of
getDeviceId
and
getSubscriberId
from
hardcoded
values
to
real
value
to
prevent
emulator
evasion
15. How
to
do
InstrumentaAon?
• bytecode
or
IR?
• I
chose
smali.
16. What
is
smali?
• smali
is
an
IR(Intermediate
RepresentaAon)
of
Dalvik
Bytecode
• The
syntax
is
loosely
based
on
Jasmin’s
syntax
– Jasmin
is
an
assembler/IR
for
the
Java
Virtual
Machine
• smali/baksmali
is
an
assembler/disassembler
for
the
dex
format
used
by
Dalvik
17. smali
types
Basic
types: Classes/Objects:
Lpackage/name/ObjectName
V void
(package.name.ObjectName)
Z
boolean
Ljava/lang/String
B
byte
(java.lang.String)
S
short
C
char
Arrays:
I
int
[I
(int[])
[[I
=
int[][],
[[[I
=
int[][][]
J
long
(64
bits)
F
float
Arrays
of
objects:
D
double
(64
bits)
[Ljava/lang/String
(an
array
of
Strings)
20. APKIL:
APK
InstrumentaAon
Library
• Current
Work
– Parsed
smali
files
into
tree
structure
– Implemented
some
instrumentaAon
API
for
Monitoring
Android
API
specified
• Future
Work
– Add
more
flexible
and
richer
instrumentaAon
API