update slides

2025-12-01 00:22:53 +01:00 · 2025-12-01 00:22:53 +01:00 · 0fd8b495c0
commit 0fd8b495c0
parent 21c2a58f3c
2 changed files with 66 additions and 84 deletions
--- a/slides.typ
+++ b/slides.typ
@ -91,8 +91,8 @@
    columns: (1fr, 1fr), [
      #image("slides/imgs/google.png", width: 200pt)
      - Smartphones are computers
-      - Android = linux + Android Runtime 
-      - APK = computer program
+      - Android = Linux + Android Runtime (ART)
+      - APK = computer program (Java-ish)
    ],
    //image("slides/imgs/phone.png", height: 350pt)
    ico.phone(
@ -1247,7 +1247,7 @@
      table.hline(),
      table.cell(colspan: 5, inset: 3pt)[],
  
-      [Jadx], hide[1.5.0], [#ko], [#ok], [#ok],
+      [Jadx], hide[1.5.0], text(fill: orange)[#warn], [#ok], [#ok],
      [Apktool], hide[2.9.3], [#warn], [#ok], [#ok],
      [Androguard], hide[4.1.2], [#ko], [#ok], [#ok],
      [Flowdroid], hide[2.13.0], [#ko], [#ko], [#ok],
@ -1264,7 +1264,7 @@
    #v(-1em)
    #link("https://github.com/androguard/androguard/pull/1149")[androguard/pull/1149] \
    #link("https://github.com/soot-oss/soot/pull/2211")[soot/pull/2211] (#text(fill: green)[merged])\
-    #link("https://github.com/skylot/jadx/pull/2702")[jadx/pull/2702]
+    #link("https://github.com/skylot/jadx/pull/2702")[jadx/pull/2702] (#text(fill: orange)[\~merged])
  ]
 ]

@ -1414,7 +1414,7 @@

  #v(2em)
  #uncover(3)[
-  - Phone with adb enable: actuall hardware
+  - Phone with adb enable: actual hardware
  - Human: intelligent button clicker
  ]
 ]
@ -1438,58 +1438,6 @@
  #get_figure(<fig:th-inserting-dex>)
 ]

-/*
-#for i in range(4) {
-  // TODO: plutot barrer les lignes au lieux de les remplacer
-  if i != 0 { counter("logical-slide").update( n => n - 1 ) }
-
-  slide(
-    title: [Transformation: Reflection],
-    //foreground: ghost-6(x: 80%, y: 15%, mirror: true)
-  )[
-    #show: yes-codly
-    #set align(center+horizon)
-
-    #if i == 1 {
-      codly(
-        highlighted-lines: (6,),
-        ..default-codly
-      )
-    } else if i == 3 {
-      codly(
-        offset: 5,
-        ..default-codly
-      )
-    } else {
-      codly(..default-codly)
-    }
- 
-    #if i in (0, 1) {
-      ```java
-      ClassLoader cl = MainActivity.class.getClassLoader();
-      Class clz = cl.loadClass("Reflectee");
-      Object obj = clz.newInstance();
-      Method mth = clz.getMethod("myMethod", String.class);
-      Object[] args = {(Object)"an argument"};
-      String retData = (String) mth.invoke(obj, args);
-      ```
-    } else if i == 2{
-      ```java
-      ClassLoader cl = MainActivity.class.getClassLoader();
-      Class clz = cl.loadClass(getFromInternet());
-      Object obj = clz.newInstance();
-      Method mth = clz.getMethod(getFromInternet(), String.class);
-      Object[] args = {(Object)getFromInternet()};
-      String retData = (String) mth.invoke(obj, args);
-      ```
-    } else {
-      ```java
-      String retData = (String) mth.invoke(obj, args);
-      ```
-    }
-  ]
-}*/
-
 #for i in range(7) {
  if i != 0 { counter("logical-slide").update( n => n - 1 ) }

@ -1612,21 +1560,22 @@
  }
 )[
  #set align(center+horizon)
-  #theseus-outline()
+  #theseus-outline(labels: true)
  #place(
    bottom+left,
-    dx: -20pt,
-    dy: -360pt,
-    box[
-      #for i in range(3) {
+    dx: -25pt,
+    dy: -335pt,
+    box({
+      for i in range(3) {
        place(
          dx: i*10pt,
          dy: i*10pt,
          ico.apk(height: 60pt, fill: red)
        )
      }
-      #place(dy: 85pt)[*RASTA*]
-    ]
+      set text(weight: "semibold", fill: luma(30%))
+      place(dy: -1.5em)[*RASTA*]
+    })
  )
  #arrow(
    stroke: 6pt + black,
@ -1649,7 +1598,7 @@
      dy: -50pt,
      ellipse(
        width: 100pt,
-        height: 300pt,
+        height: 310pt,
        stroke: 10pt + pirat-color.red,
      )
    )
@ -1662,21 +1611,22 @@
  }
 )[
  #set align(center+horizon)
-  #theseus-outline()
+  #theseus-outline(labels: true)
  #place(
    bottom+left,
-    dx: -20pt,
-    dy: -360pt,
-    box[
-      #for i in range(3) {
+    dx: -25pt,
+    dy: -335pt,
+    box({
+      for i in range(3) {
        place(
          dx: i*10pt,
          dy: i*10pt,
          ico.apk(height: 60pt, fill: red)
        )
      }
-      #place(dy: 85pt)[*RASTA*]
-    ]
+      set text(weight: "semibold", fill: luma(30%))
+      place(dy: -1.5em)[*RASTA*]
+    })
  )
  #arrow(
    stroke: 6pt + black,
@ -1802,7 +1752,7 @@
  }
 )[
  #set align(center+horizon)
-  #theseus-outline(stage: "theseus-vs-static")
+  #theseus-outline(stage: "theseus-vs-static", labels: true)
 ]

 #for i in range(3) {
@ -1899,7 +1849,7 @@
    - Our dynamic analysis is questionable
    - The dynamically loaded bytecode we intercepted is *mainly telemetry and advertisement* related
  ]
-  #only("4-", underline[Software Contributions:])
+  #uncover("4-", underline[Software Contributions:])
  #item-by-item(start: 5)[
    - *Androscalpel*: rust crate to *parse, modify and generate bytecode*
    - *Theseus*: tool implementing the method presented here
@ -1908,6 +1858,27 @@

 #new-section-slide([Conclusion])

+#slide(title: [Experimentations])[
+  #import "lib.typ": num
+  #set align(center+horizon)
+  #table(
+    columns: 4,
+    inset: 0.5em,
+    stroke: (x, y) => (
+      y: if y != 0 and y != 5 and (x, y) != (0, 3)  { 1pt } else { none },
+      left: if x != 0 { 1pt } else { none },
+    ),
+    table.header[][Experiment][Number of APKs][Time],
+    [RASTA], [20 static analyses], num(62525), [2 months],
+    [Class Loading], [1 static analysis], num(49975), [1 week],
+    table.cell(rowspan: 3)[Theseus], 
+      [dynamic analysis], num(4957), [1 week],
+      [patching], num(4748), [2 days],
+      [18 static analyses], num(8955), [2 months],
+
+  )
+]
+
 #slide[
  We showed that:

--- a/slides/outlines.typ
+++ b/slides/outlines.typ
@ -539,16 +539,6 @@
      if labels {
        set text(weight: "semibold", fill: luma(30%))
        if stage != "static-only" {
-          place(
-            left+bottom,
-            dx: rprt_pos2.at(0) - 1.4em,
-            dy: rprt_pos2.at(1) - rprt_size.height - 0.5em,
-          )[#set align(center); Reflection \ Data]
-          place(
-            left+bottom,
-            dx: dex_pos0.at(0) - 4em,
-            dy: dex_pos0.at(1) + 0.8em,
-          )[Dyn Loaded Code]
          place(
            left+bottom,
            dx: patcher_pos.at(0) - 0.5em,
@ -560,6 +550,18 @@
            dy: phone_pos.at(1) - phone_size.height - 0.5em,
          )[#set align(center); Dynamic \  Analysis]
        }
+        if stage not in ("static-only", "theseus-vs-static") {
+          place(
+            left+bottom,
+            dx: rprt_pos2.at(0) - 1.4em,
+            dy: rprt_pos2.at(1) - rprt_size.height - 0.5em,
+          )[#set align(center); Reflection \ Data]
+          place(
+            left+bottom,
+            dx: dex_pos0.at(0) - 4em,
+            dy: dex_pos0.at(1) + 0.8em,
+          )[Dyn Loaded Code]
+        }
        if stage in (
          "theseus",
          "static-vs-dyn",
@ -572,6 +574,15 @@
            dy: analyser_pos.at(1) + 1em,
          )[Static Analysis]
        }
+        if stage in (
+          "theseus-vs-static",
+        ) {
+          place(
+            left+bottom,
+            dx: analyser_pos2.at(0) - 1.5em,
+            dy: analyser_pos2.at(1) + 1em,
+          )[Static Analysis]
+        }
      }
      if stage == "static-only" {
        place(