these-android-re/thesis
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

feedbacks
All checks were successful
/ test_checkout (push) Successful in 1m47s
Details

Browse source
This commit is contained in:
Jean-Marie Mineau 2025-10-20 14:50:48 +02:00
parent 37f8298cb7
commit 0d50644ede
Signed by: histausse
GPG key ID: B66AEEDA9B645AD2
2 changed files with 96 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

98
slides.typ
View file

@ -325,11 +325,12 @@
#item-by-item(start: 5)[ #item-by-item(start: 5)[
- Do *not* run the application - Do *not* run the application
- *Not* limited by code coverage - *Not* limited by code coverage
- Some values cannot be computed - But only for the *code available*
//- Some values cannot be computed
] ]
], ],
grid.cell(colspan: 2, uncover(7)[ grid.cell(colspan: 2, uncover(8)[
#text(size: 30pt)[Can we combine both?] #text(size: 30pt)[Can we combine both?]
]), ]),
) )
@ -341,7 +342,13 @@
#slide[ #slide[
#highlight-block(pb1-text) #highlight-block(pb1-text)
#highlight-block(pb2-text) #highlight-block(pb2-text)
#highlight-block(pb3-text) #highlight-block(pb3-text)
] ]
@ -500,7 +507,13 @@
] ]
#slide( #slide(
title: [Conclusion] title: [Conclusion],
foreground: {
place(
bottom + left,
text(fill: pirat-color.blue)[International Conference on Software and Systems Reuse (ICSR 2024)]
)
}
)[ )[
#set align(center) #set align(center)
#item-by-item[ #item-by-item[
@ -513,6 +526,7 @@
#slide[ #slide[
#set align(center) #set align(center)
// Sous titre dans la conclusion
#text(size: 22pt)[21st International Conference on Software and Systems Reuse (ICSR 2024)] #text(size: 22pt)[21st International Conference on Software and Systems Reuse (ICSR 2024)]
#v(2em) #v(2em)
@ -741,6 +755,7 @@
else: else:
return f"classes{index+1}.dex" return f"classes{index+1}.dex"
```) ```)
// Donner example
- `classes0.dex` ? - `classes0.dex` ?
- `classes1.dex` ? - `classes1.dex` ?
- `classes02.dex` ? - `classes02.dex` ?
@ -814,7 +829,7 @@
return load_from_file(dex_file, class_name) return load_from_file(dex_file, class_name)
else: else:
raise ClassNotFoundError() raise ClassNotFoundError()
```) ```) // TODO: nomer And Cl Alg
], [ ], [
#set align(left) #set align(left)
#set text(size: 18pt) #set text(size: 18pt)
@ -846,7 +861,11 @@
show table: set align(center+horizon) show table: set align(center+horizon)
it it
} }
#show "not working": "attack not successfull"
#show "working": "attack successfull"
#show "works": "successfull"
#scale(100%, reflow: true, get_figure(<tab:cl-results>)) #scale(100%, reflow: true, get_figure(<tab:cl-results>))
// TODO: IF PR: Add REF
] ]
#slide( #slide(
@ -867,7 +886,7 @@
#for i in range(3) { #for i in range(3) {
if i != 0 { counter("logical-slide").update( n => n - 1 ) } if i != 0 { counter("logical-slide").update( n => n - 1 ) }
slide( slide(
title: [In the Wild], title: [In the Wild: 49 975 APKs],
foreground: eye-2(x: 8%, y: 67%, height: 70pt) foreground: eye-2(x: 8%, y: 67%, height: 70pt)
)[ )[
#set align(center+horizon) #set align(center+horizon)
@ -886,6 +905,8 @@
} }
} }
) )
// TODO: Simplifier table, mettre nb apk dans titre
// enlever SDK et 1ere partie 100%
#scale(90%, reflow: true, get_figure(<tab:cl-shadow>)) #scale(90%, reflow: true, get_figure(<tab:cl-shadow>))
] ]
} }
@ -904,7 +925,8 @@
#slide[ #slide[
#set align(center) #set align(center)
#text(size: 22pt)[Digital Threats: Research and Practice] // Faire apparaitre a chaque étape
#text(size: 22pt)[Digital Threats: Research and Practice])
#v(2em) #v(2em)
@ -917,7 +939,13 @@
#slide( #slide(
title: [Overview], title: [Overview],
foreground: {
set align(center+horizon)
rotate(30deg, text(fill: pirat-color.red, size: 30pt)[Moche faire un dessin])
}
)[ )[
// TODO: bien tout rappeler l'objectif
// TODO: SOA
#set align(center+horizon) #set align(center+horizon)
#show figure.caption: none #show figure.caption: none
#scale(100%, reflow: true, get_figure(<fig:th-process>)) #scale(100%, reflow: true, get_figure(<fig:th-process>))
@ -932,7 +960,7 @@
#uncover("2-")[ #uncover("2-")[
- Android Emulator: runs on computer/server - Android Emulator: runs on computer/server
- Grodd Runner: clicks buttons - Grodd Runner: clicks buttons // TODO: ref
] ]
#v(2em) #v(2em)
@ -943,9 +971,10 @@
] ]
#slide( #slide(
title: [Dynamic Code Loading], title: [Transformation: Dynamic Code Loading],
foreground: ghost-6(x: 80%, y: 15%, mirror: true) foreground: ghost-6(x: 80%, y: 15%, mirror: true)
)[ )[
// Split schema: observed dyn code loaded / new apk
#set align(center+horizon) #set align(center+horizon)
#show figure.caption: none #show figure.caption: none
#show image: box.with(width: 58%) #show image: box.with(width: 58%)
@ -953,6 +982,7 @@
] ]
#for i in range(4) { #for i in range(4) {
// TODO: plutot barrer les lignes au lieux de les remplacer
if i != 0 { counter("logical-slide").update( n => n - 1 ) } if i != 0 { counter("logical-slide").update( n => n - 1 ) }
slide( slide(
@ -1070,6 +1100,8 @@
)[ )[
#set align(center+horizon) #set align(center+horizon)
#show figure.caption: none #show figure.caption: none
// TODO: enlever 1er 6iem pass, garder nb failed, remplacer vide par '-' sous '209'
// enlever nb activity
#set table( #set table(
fill: (x, y) => { fill: (x, y) => {
if ( if (
@ -1106,12 +1138,15 @@
#scale(90%, reflow: true, get_figure(<tab:th-bytecode-hashes>)) #scale(90%, reflow: true, get_figure(<tab:th-bytecode-hashes>))
] ]
// TODO schema!!!
#for i in range(3) { #for i in range(3) {
if i != 0 { counter("logical-slide").update( n => n - 1 ) } if i != 0 { counter("logical-slide").update( n => n - 1 ) }
slide( slide(
title: [Added Calls], title: [Added Method Calls],
)[ )[
// TODO: remove Before After
#set align(center+horizon) #set align(center+horizon)
#show link.where(dest: <acr-apk>): it => it.body #show link.where(dest: <acr-apk>): it => it.body
#show link.where(dest: <acr-dex>): it => it.body #show link.where(dest: <acr-dex>): it => it.body
@ -1133,11 +1168,12 @@
] ]
} }
// TODO: Remove?
#slide( #slide(
title: [Added Calls], title: [Toy Example: New Call Graph],
foreground: ghost-3(x: 93%, y: 10%) foreground: ghost-3(x: 93%, y: 10%)
)[ )[
// TODO: Légende des couleurs
#import "@preview/diagraph:0.3.5": render #import "@preview/diagraph:0.3.5": render
#set align(center+horizon) #set align(center+horizon)
#scale(47%, box(render( #scale(47%, box(render(
@ -1153,6 +1189,10 @@
#set align(center+horizon) #set align(center+horizon)
#show figure.caption: none #show figure.caption: none
#scale(90%, reflow: true, get_figure(<fig:th-status-npatched-vs-patched>)) #scale(90%, reflow: true, get_figure(<fig:th-status-npatched-vs-patched>))
// Fleche original
// Fleche theseus
//
// Theseus Transformeur
] ]
#slide( #slide(
@ -1174,7 +1214,7 @@
#item-by-item[ #item-by-item[
- After five years, more than half the static analysis tools are no longer usable. - After five years, more than half the static analysis tools are no longer usable.
The size of the application seems to be the most significant factor. The size of the application seems to be the most significant factor.
- Android behaviour is complex and well known. - Android behaviour is complex and not well known.
In the specific case of class loading, we showed that state-of-the-art tools do not match Android, leading to invalid analyses. In the specific case of class loading, we showed that state-of-the-art tools do not match Android, leading to invalid analyses.
- APKs can be augmented with instrumentation to improve further analyses with any other tools. - APKs can be augmented with instrumentation to improve further analyses with any other tools.
- Also, dynamic analysis is still very much not trivial. - Also, dynamic analysis is still very much not trivial.
@ -1233,3 +1273,37 @@
#pagebreak() #pagebreak()
#set page(height: auto, margin: 25mm) #set page(height: auto, margin: 25mm)
#bibliography("bibliography.bib") #bibliography("bibliography.bib")
/*
* RETOUR 1:
*
* Bon premier jet.
*
* - slide text bof
* - Parti 3: plus dure a comprendre
* - Expliquer ce qui est fait avant le résultat (surtout parti 3)
* - 'Analysing Applications: Which Tools?': 1 - 2 bof
* plus décrire les papier avec des bullets + limites, *critiquer*
* 1) test pas les outils
* 2) a l'air de dire que ca marche pas, mais pas a l'echelle
* bascullement de which tools? a tester les outils, on est pas sur que les outils fonctionne
*
*
* slite titre problemenatiques: PB1, PB2 PB3
*
* Plus d'état de l'art, dans chapitres? redonner contexte au debut des chapitre, en profiter pour l'état de l'art. Pas plus d'un ou deux papiers, si important.
* Remplacer l'état de l'art dans l'intro par intuition et mettre soa dans chapitre
*
* Pb Statement: lisibilité!
*
* PQ: focu on dcl & refl
*
* Obfuscation: fleche vers deobfuscation
*
* Intro, dessin pas a pas dans l'intro en fonction de ce qui se passe dans l'intro
* RQ1: Static, RQ2: Check coherence static / dynamic, RQ3: transformation
*
* Mettre Theseus Tranformeur un peu partout!
*
*/

10
slides/lib.typ
View file

@ -19,12 +19,16 @@ rgb("#E69426"),
pirat-color.red, pirat-color.red,
) )
#let highlight-block = block.with( #let highlight-block(body) = {
fill: pirat-color.blue, set text(fill: white)
block(
fill: pirat-color.blue.darken(30%),
width: 100%, width: 100%,
inset: 8pt, inset: 8pt,
radius: 4pt, radius: 4pt,
) body,
)
}
#let colortest = [ #let colortest = [
#for th in ( #for th in (