From 071a82ea56dd2e961713669fefd83b6fbf0e0d0f Mon Sep 17 00:00:00 2001 From: Jean-Marie 'Histausse' Mineau Date: Sun, 19 Oct 2025 04:05:54 +0200 Subject: [PATCH] rasta and some cl --- slides.typ | 346 +++++++++++++++++++++++++++++++++++++++++++-- slides/figures.typ | 2 +- 2 files changed, 338 insertions(+), 10 deletions(-) diff --git a/slides.typ b/slides.typ index 217a10b..a181e53 100644 --- a/slides.typ +++ b/slides.typ @@ -345,8 +345,17 @@ #new-section-slide([Tool Reusability]) -#slide[ - Rasta 1 +#slide( + title: [Methodology] +)[ + #set align(center+horizon) + #show figure.caption: none + #scale(100%, get_figure()) + + #v(1em) + + #text(size: 25pt)[22 tools selected, 2 we could not package] + /* #stack(dir: ltr, scale(40%, reflow: true, get_figure()), @@ -354,23 +363,342 @@ )*/ ] -#slide[ - Rasta 2 +#slide( + title: [Methodology], + foreground: place( + bottom + left, + dx: 88%, + dy: -63%, + )[ + #set align(center+horizon) + #set text(size: 15pt) + 62 525 APKs #v(-1.5em) from #v(-1.5em) 2010 to 2023 + ] +)[ + #set align(center+horizon) + #show figure.caption: none + #scale(90%, get_figure()) + #text(size: 25pt)[We check if the results *exist* after running a tool] +] + +#slide( + title: [Results], + foreground: ghost-2(x: 97%, y: 10%) +)[ + #set align(center+horizon) + #show figure.caption: none + #scale(100%, get_figure()) + + //#text(size: 25pt)[We check if the results *exist* after running a tool] +] + +#counter("logical-slide").update( n => n - 1 ) +#slide( + title: [Results], + foreground: { + ghost-2(x: 97%, y: 10%) + + let x_0 = 112pt + let y_0 = -117pt + let w = 21pt + let h = 235pt + let dx = 33.3 + + for i in range(20) { + let color = if i in (2, 4, 6, 7, 8, 9, 14, 16, 18, 19) { + white.transparentize(100%) + } else { + white.transparentize(10%) + } + place( + bottom + left, + dx: x_0 + i*dx*1pt, + dy: y_0, + rect( + width: w, + height: h, + //stroke: red, + fill: color, + ) + ) + } + + place(bottom + left, line( + start: (x_0 - 20pt, y_0 - h/2), + end: (x_0 + dx * 20 * 1pt, y_0 - h/2), + stroke: pirat-color.red + 3pt + )) + } +)[ + #set align(center+horizon) + #show figure.caption: none + #scale(100%, get_figure()) +] + +#counter("logical-slide").update( n => n - 1 ) +#slide( + title: [Results], + foreground: { + ghost-2(x: 97%, y: 10%) + + let x_0 = 112pt + let y_0 = -117pt + let w = 21pt + let h = 235pt + let dx = 33.3 + + for i in range(20) { + let color = if i in (3, 10) { + white.transparentize(100%) + } else { + white.transparentize(10%) + } + place( + bottom + left, + dx: x_0 + i*dx*1pt, + dy: y_0, + rect( + width: w, + height: h, + //stroke: red, + fill: color, + ) + ) + } + + place(bottom + left, line( + start: (x_0 - 20pt, y_0 - h/2), + end: (x_0 + dx * 20 * 1pt, y_0 - h/2), + stroke: pirat-color.red + 3pt + )) + } +)[ + #set align(center+horizon) + #show figure.caption: none + #scale(100%, get_figure()) +] + +#slide( + title: [Results over Time], +)[ + #set align(center+horizon) + #show figure.caption: none + #scale(150%, get_figure()) +] + +#slide( + title: [Bytecode Size], +)[ + #set align(center+horizon) + #show figure.caption: none + #scale(120%, get_figure()) + + #text(size: 22pt)[Finishing rate as a function of the bytecode size, for APKs discovered in 2022] +] + +#slide( + title: [Conclusion] +)[ + #set align(center) + #item-by-item[ + - Over 22 tools, 10 are usable (*less than half*) + - Newer applications are harder to analyse + - Applications with more bytecode are harder to analyse + - Applications targetting more recent versions of Android are harder to analyse + ] +] + +#slide[ + #set align(center) + #text(size: 22pt)[21st International Conference on Software and Systems Reuse (ICSR 2024)] + + #v(2em) + + #show regex("\[\d+\]"): none + #cite(, form: "full") ] #new-section-slide([Class Shadowing]) -#slide[Shadow 1 - +#slide( + title: [Class Loading], +)[ + #set align(center) + #show: yes-codly + #grid( + columns: (2fr, 1em, 1fr), + scale(70%, reflow: true)[ + #codly( + highlights: (/* + (line: 1, start: 0, end: 11, fill: pirat-color.blue), + (line: 1, start: 22, end: 43, fill: pirat-color.blue), + (line: 3, start: 14, end: 27, fill: pirat-color.blue), + (line: 6, start: 32, end: 40, fill: pirat-color.blue), + */), + ..default-codly + ) + ```java + ClassLoader cl = new InMemoryDexClassLoader( + ByteBuffer.wrap(Base64.decode(DEX, 2)), + Main.class.getClassLoader() + ); + + Class loadedClass = this.cl.loadClass(decrypt(className)); + ``` + ], [], scale(70%, reflow: true)[ + #codly( + ..default-codly + ) + ```java + class A { + public static void foo() { + B b = new B(); + b.bar(); + } + } + ``` + ] + ) ] -#slide[Shadow 2 -] -#slide[Shadow 3 +#slide( + title: [Android Ecosystem] +)[ + #set align(center+horizon) + #show figure.caption: none + #grid( + columns: (3fr, 1fr), + scale(reflow: true, get_figure()), + [ + #set align(left) + #set text(size: 20pt) + #set list(marker: [-]) + === Types of classes: + + - APK Classes + - Platform Classes + - SDK Classes + - Hidden APIs + ] + ) + // TODO: hightlight ] +#slide( + title: [Android ClassLoaders] +)[ + #set align(center+horizon) + #show figure.caption: none + #scale(60%, reflow: true, get_figure()) +] + +#slide( + title: [MultiDex] +)[ + #set align(center + horizon) + + #only(1)[ + #block( + fill: green.lighten(50%), + inset: 10pt, + radius: 12pt, + )[ + #set align(left+top) + + === `app.apk` + #line(length: 30%) + ``` + AndroidManifest.xml + resources.arsc + META-INF/ + res/ + classes.dex + ``` + ] + ] + #only(2)[ + #block( + fill: green.lighten(50%), + inset: 8pt, + radius: 8pt, + )[ + #set align(left+top) + === `app.apk` + #line(length: 50%) + #stack(dir: ltr, + ``` + AndroidManifest.xml + resources.arsc + META-INF/ + res/ + classes.dex + ```, + h(2em),[ + ``` + classes2.dex + classes3.dex + ``` + ] + ) + ] + ] + #only(3)[ + #block( + fill: green.lighten(50%), + inset: 8pt, + radius: 8pt, + )[ + #set align(left+top) + === `app.apk` + #line(length: 75%) + #stack(dir:ltr, + ``` + AndroidManifest.xml + resources.arsc + META-INF/ + res/ + classes.dex + classes2.dex + classes3.dex + ```, h(2em), + ``` + classes4.dex + classes5.dex + classes6.dex + classes7.dex + classes8.dex + classes9.dex + classes10.dex + ```, h(2em), + ``` + classes11.dex + classes12.dex + classes13.dex + classes14.dex + classes15.dex + classes16.dex + ... + ``` + ) + ] + #ghost-4(x: 2%, y: 2%, mirror: true) + ] + +] + +#slide[ + #set align(center) + #text(size: 22pt)[Digital Threats: Research and Practice] + + #v(2em) + + #show regex("\[\d+\]"): none + #cite(, form: "full") +] + + #new-section-slide([The Application of Theseus]) #slide[Th 1 diff --git a/slides/figures.typ b/slides/figures.typ index 8e758ae..7482195 100644 --- a/slides/figures.typ +++ b/slides/figures.typ @@ -6,7 +6,7 @@ } else if type(body) != content { () }else if body.func() == figure { - (body,) + (body,) + body.fields().values().map(get_figures).flatten() } else { body.fields().values().map(get_figures).flatten() }