The number of malicious Android apps is increasing rapidly. Android malware can damage or alter other files or settings, install additional applications, etc. To determine such behaviors, a security analyst can significantly benefit from identifying the family to which an Android malware belongs, rather than only detecting if an app is malicious. Techniques for detecting Android malware, and determining their families, lack the ability to handle certain obfuscations that aim to thwart detection.
ISR has long been an internationally recognized leader in research into all aspects of open source software development. In this role, researchers at ISR along with colleagues throughout the U.S. helped to develop a new agenda that can help guide future research into open source software development.
I am aiding core developers of the Linux kernel to use mutation analysis to improve kernel systems testing methods, and to verify critical algorithms. I am also investigating the use of bounded model checking (CBMC) on Linux kernel. As an outcome of this project so far we have identified 3 bugs in the Linux kernel. I am also applying mutation analysis on sqlite3 to improve its testing.
Previous studies have shown that there is a non-trivial amount of duplication in source code. We analyzed a corpus of 2.6 million non-fork projects hosted on GitHub representing over 258 million files written in Java, C++ Python and JavaScript. We found that this corpus has a mere 54 million unique files. In other words, 79% of the code on GitHub consists of clones of previously created files. There is considerable variation between language ecosystems. JavaScript has the highest rate of file duplication, only 7% of the files are distinct.
This research addresses challenges in understanding and developing lightweight, Web-based informal music education environments that bring the complexity and joy of orchestral music to diverse audiences. The challenges span from providing awareness and appreciation of different classical music genres through creation of multi-instrument musical compositions, in ways that are fun and interactive.
The Alloy specification language, and the corresponding Alloy Analyzer, have received much attention in the last two decades with applications in many areas of software engineering. Increasingly, formal analyses enabled by Alloy are desired for use in an on-line mode, where the specifications are automatically kept in sync with the running, possibly changing, software system. However, given Alloy Analyzer's reliance on computationally expensive SAT solvers, an important challenge is the time it takes for such analyses to execute at runtime.
The Internet of Things (IoT) is an emerging technology powered by smart devices that increasingly pervades our environments and practices. The process of incorporating technology into one's practices involves use and adaptation of the technology and is usually referred to as appropriation. In research about IoT, appropriation of IoT technology is a rather new topic. It is necessary to understand how appropriation takes place in order to be able to provide strong support for it in the design of technology.
ISR
