Fully automated functional fuzzing of Android apps for detecting non-crashing logic bugs

Android apps are GUI-based event-driven software and have become ubiquitous in recent years. Obviously, functional correctness is critical for an app’s success. However, in addition to crash bugs, non-crashing functional bugs (in short as “non-crashing bugs” in this work) like inadvertent function failures, silent user data lost and incorrect display information are prevalent, even in popular, well-tested apps. These non-crashing functional bugs are usually caused by program logic errors and manifest themselves on the graphic user interfaces (GUIs). In practice, such bugs pose significant challenges in effectively detecting them because (1) current practices heavily rely on expensive, small-scale manual validation ( the lack of automation ); and (2) modern fully automated testing has been limited to crash bugs ( the lack of test oracles ). This paper fills this gap by introducing independent view fuzzing , a novel, fully automated approach for detecting non-crashing functional bugs in Android apps. Inspired by metamorphic testing, our key insight is to leverage the commonly-held independent view property of Android apps to manufacture property-preserving mutant tests from a set of seed tests that validate certain app properties. The mutated tests help exercise the tested apps under additional, adverse conditions. Any property violations indicate likely functional bugs for further manual confirmation. We have realized our approach as an automated, end-to-end functional fuzzing tool, Genie. Given an app, (1) Genie automatically detects non-crashing bugs without requiring human-provided tests and oracles (thus fully automated ); and (2) the detected non-crashing bugs are diverse (thus general and not limited to specific functional properties ), which set Genie apart from prior work. We have evaluated Genie on 12 real-world Android apps and successfully uncovered 34 previously unknown non-crashing bugs in their latest releases — all have been confirmed, and 22 have already been fixed. Most of the detected bugs are nontrivial and have escaped developer (and user) testing for at least one year and affected many app releases, thus clearly demonstrating Genie’s effectiveness. According to our analysis, Genie achieves a reasonable true positive rate of 40.9%, while these 34 non-crashing bugs could not be detected by prior fully automated GUI testing tools (as our evaluation confirms). Thus, our work complements and enhances existing manual testing and fully automated testing for crash bugs.

Download Full-text

Tracing or Tracking? A Preliminary Analysis of COVID-19 Outbreak Tracker Apps on Android and User Privacy (Preprint)

10.2196/preprints.19662 ◽

2020 ◽

Author(s):

Alex Akinbi ◽

Ehizojie Ojie

Keyword(s):

Preliminary Analysis ◽

Service Providers ◽

User Participation ◽

Memory Storage ◽

Phone Call ◽

Contact Tracing ◽

Privacy Rights ◽

User Privacy ◽

Android Apps ◽

User Data

BACKGROUND Technology using digital contact tracing apps has the potential to slow the spread of COVID-19 outbreaks by recording proximity events between individuals and alerting people who have been exposed. However, there are concerns about the abuse of user privacy rights as such apps can be repurposed to collect private user data by service providers and governments who like to gather their citizens’ private data. OBJECTIVE The objective of our study was to conduct a preliminary analysis of 34 COVID-19 trackers Android apps used in 29 individual countries to track COVID-19 symptoms, cases, and provide public health information. METHODS We identified each app’s AndroidManifest.xml resource file and examined the dangerous permissions requested by each app. RESULTS The results in this study show 70.5% of the apps request access to user location data, 47% request access to phone activities including the phone number, cellular network information, and the status of any ongoing calls. 44% of the apps request access to read from external memory storage and 2.9% request permission to download files without notification. 17.6% of the apps initiate a phone call without giving the user option to confirm the call. CONCLUSIONS The contributions of this study include a description of these dangerous permissions requested by each app and its effects on user privacy. We discuss principles that must be adopted in the development of future tracking and contact tracing apps to preserve the privacy of users and show transparency which in turn will encourage user participation.

Download Full-text

PRATD: A Phased Remote Access Trojan Detection Method with Double-Sided Features

Electronics ◽

10.3390/electronics9111894 ◽

2020 ◽

Vol 9 (11) ◽

pp. 1894

Author(s):

Chun Guo ◽

Zihua Song ◽

Yuan Ping ◽

Guowei Shen ◽

Yuhei Cui ◽

...

Keyword(s):

False Positive ◽

Detection Method ◽

False Positive Rate ◽

True Positive Rate ◽

Remote Access ◽

Detection Methods ◽

Security Threats ◽

True Positive ◽

Trojan Detection ◽

Positive Rate

Remote Access Trojan (RAT) is one of the most terrible security threats that organizations face today. At present, two major RAT detection methods are host-based and network-based detection methods. To complement one another’s strengths, this article proposes a phased RATs detection method by combining double-side features (PRATD). In PRATD, both host-side and network-side features are combined to build detection models, which is conducive to distinguishing the RATs from benign programs because that the RATs not only generate traffic on the network but also leave traces on the host at run time. Besides, PRATD trains two different detection models for the two runtime states of RATs for improving the True Positive Rate (TPR). The experiments on the network and host records collected from five kinds of benign programs and 20 famous RATs show that PRATD can effectively detect RATs, it can achieve a TPR as high as 93.609% with a False Positive Rate (FPR) as low as 0.407% for the known RATs, a TPR 81.928% and FPR 0.185% for the unknown RATs, which suggests it is a competitive candidate for RAT detection.

Download Full-text

Ascertaining an efficient eligibility cut-off for extended Medicare items for eating disorders

Australasian Psychiatry ◽

10.1177/10398562211028632 ◽

2021 ◽

pp. 103985622110286

Author(s):

Tracey Wade ◽

Jamie-Lee Pennesi ◽

Yuan Zhou

Keyword(s):

Eating Disorders ◽

Eating Disorder ◽

False Positive Rate ◽

Area Under The Curve ◽

Rate Sensitivity ◽

True Positive Rate ◽

Eating Disorder Examination Questionnaire ◽

Eating Disorder Examination ◽

Positive Rate ◽

The Relationship

Objective: Currently eligibility for expanded Medicare items for eating disorders (excluding anorexia nervosa) require a score ⩾ 3 on the 22-item Eating Disorder Examination-Questionnaire (EDE-Q). We compared these EDE-Q “cases” with continuous scores on a validated 7-item version of the EDE-Q (EDE-Q7) to identify an EDE-Q7 cut-off commensurate to 3 on the EDE-Q. Methods: We utilised EDE-Q scores of female university students ( N = 337) at risk of developing an eating disorder. We used a receiver operating characteristic (ROC) curve to assess the relationship between the true-positive rate (sensitivity) and the false-positive rate (1-specificity) of cases ⩾ 3. Results: The area under the curve showed outstanding discrimination of 0.94 (95% CI: .92–.97). We examined two specific cut-off points on the EDE-Q7, which included 100% and 87% of true cases, respectively. Conclusion: Given the EDE-Q cut-off for Medicare is used in conjunction with other criteria, we suggest using the more permissive EDE-Q7 cut-off (⩾2.5) to replace use of the EDE-Q cut-off (⩾3) in eligibility assessments.

Download Full-text

Pretherapeutic Imaging for Axillary Staging in Breast Cancer: A Systematic Review and Meta-Analysis of Ultrasound, MRI and FDG PET

Journal of Clinical Medicine ◽

10.3390/jcm10071543 ◽

2021 ◽

Vol 10 (7) ◽

pp. 1543

Author(s):

Morwenn Le Boulc’h ◽

Julia Gilhodes ◽

Zara Steinmeyer ◽

Sébastien Molière ◽

Carole Mathelin

Keyword(s):

Systematic Review ◽

Sensitivity And Specificity ◽

Meta Analysis ◽

False Negative ◽

Significant Proportion ◽

False Negative Rate ◽

True Positive Rate ◽

Axillary Staging ◽

Positron Emission ◽

Positive Rate

Background: This systematic review aimed at comparing performances of ultrasonography (US), magnetic resonance imaging (MRI), and fluorodeoxyglucose positron emission tomography (PET) for axillary staging, with a focus on micro- or micrometastases. Methods: A search for relevant studies published between January 2002 and March 2018 was conducted in MEDLINE database. Study quality was assessed using the QUality Assessment of Diagnostic Accuracy Studies checklist. Sensitivity and specificity were meta-analyzed using a bivariate random effects approach; Results: Across 62 studies (n = 10,374 patients), sensitivity and specificity to detect metastatic ALN were, respectively, 51% (95% CI: 43–59%) and 100% (95% CI: 99–100%) for US, 83% (95% CI: 72–91%) and 85% (95% CI: 72–92%) for MRI, and 49% (95% CI: 39–59%) and 94% (95% CI: 91–96%) for PET. Interestingly, US detects a significant proportion of macrometastases (false negative rate was 0.28 (0.22, 0.34) for more than 2 metastatic ALN and 0.96 (0.86, 0.99) for micrometastases). In contrast, PET tends to detect a significant proportion of micrometastases (true positive rate = 0.41 (0.29, 0.54)). Data are not available for MRI. Conclusions: In comparison with MRI and PET Fluorodeoxyglucose (FDG), US is an effective technique for axillary triage, especially to detect high metastatic burden without upstaging majority of micrometastases.

Download Full-text

Markerless tracking of an entire honey bee colony

Nature Communications ◽

10.1038/s41467-021-21769-1 ◽

2021 ◽

Vol 12 (1) ◽

Author(s):

Katarzyna Bozek ◽

Laetitia Hebert ◽

Yoann Portugal ◽

Greg J. Stephens

Keyword(s):

Honey Bee ◽

True Positive Rate ◽

Computational Method ◽

Visual Features ◽

Brood Cell ◽

Collective Behaviors ◽

Markerless Tracking ◽

Bee Colony ◽

Positive Rate ◽

Group Members

AbstractFrom cells in tissue, to bird flocks, to human crowds, living systems display a stunning variety of collective behaviors. Yet quantifying such phenomena first requires tracking a significant fraction of the group members in natural conditions, a substantial and ongoing challenge. We present a comprehensive, computational method for tracking an entire colony of the honey bee Apis mellifera using high-resolution video on a natural honeycomb background. We adapt a convolutional neural network (CNN) segmentation architecture to automatically identify bee and brood cell positions, body orientations and within-cell states. We achieve high accuracy (~10% body width error in position, ~10° error in orientation, and true positive rate > 90%) and demonstrate months-long monitoring of sociometric colony fluctuations. These fluctuations include ~24 h cycles in the counted detections, negative correlation between bee and brood, and nightly enhancement of bees inside comb cells. We combine detected positions with visual features of organism-centered images to track individuals over time and through challenging occluding events, recovering ~79% of bee trajectories from five observation hives over 5 min timespans. The trajectories reveal important individual behaviors, including waggle dances and crawling inside comb cells. Our results provide opportunities for the quantitative study of collective bee behavior and for advancing tracking techniques of crowded systems.

Download Full-text

Classifying the Biological Status of Honeybee Workers Using Gas Sensors

Sensors ◽

10.3390/s21010166 ◽

2020 ◽

Vol 21 (1) ◽

pp. 166

Author(s):

Jakub T. Wilk ◽

Beata Bąk ◽

Piotr Artiemjew ◽

Jerzy Wilde ◽

Maciej Siuda

Keyword(s):

Gas Sensors ◽

Laboratory Tests ◽

Test Chamber ◽

Ambient Air ◽

True Positive Rate ◽

True Positive ◽

Positive Rate ◽

Parameters Of Accuracy ◽

Selection Of

Honeybee workers have a specific smell depending on the age of workers and the biological status of the colony. Laboratory tests were carried out at the Department of Apiculture at UWM Olsztyn, using gas sensors installed in two twin prototype multi-sensor detectors. The study aimed to compare the responses of sensors to the odor of old worker bees (3–6 weeks old), young ones (0–1 days old), and those from long-term queenless colonies. From the experimental colonies, 10 samples of 100 workers were taken for each group and placed successively in the research chambers for the duration of the study. Old workers came from outer nest combs, young workers from hatching out brood in an incubator, and laying worker bees from long-term queenless colonies from brood combs (with laying worker bee’s eggs, humped brood, and drones). Each probe was measured for 10 min, and then immediately for another 10 min ambient air was given to regenerate sensors. The results were analyzed using 10 different classifiers. Research has shown that the devices can distinguish between the biological status of bees. The effectiveness of distinguishing between classes, determined by the parameters of accuracy balanced and true positive rate, of 0.763 and 0.742 in the case of the best euclidean.1nn classifier, may be satisfactory in the context of practical beekeeping. Depending on the environment accompanying the tested objects (a type of insert in the test chamber), the introduction of other classifiers as well as baseline correction methods may be considered, while the selection of the appropriate classifier for the task may be of great importance for the effectiveness of the classification.

Download Full-text

Improving Ecological Inference by Predicting Individual Ethnicity from Voter Registration Records

Political Analysis ◽

10.1093/pan/mpw001 ◽

2016 ◽

Vol 24 (2) ◽

pp. 263-272 ◽

Cited By ~ 29

Author(s):

Kosuke Imai ◽

Kabir Khanna

Keyword(s):

Mean Squared Error ◽

False Positive Rate ◽

True Positive Rate ◽

Voter Registration ◽

Racial Groups ◽

Ecological Inference ◽

Inference Problem ◽

Individual Level ◽

Positive Rate ◽

Election Results

In both political behavior research and voting rights litigation, turnout and vote choice for different racial groups are often inferred using aggregate election results and racial composition. Over the past several decades, many statistical methods have been proposed to address this ecological inference problem. We propose an alternative method to reduce aggregation bias by predicting individual-level ethnicity from voter registration records. Building on the existing methodological literature, we use Bayes's rule to combine the Census Bureau's Surname List with various information from geocoded voter registration records. We evaluate the performance of the proposed methodology using approximately nine million voter registration records from Florida, where self-reported ethnicity is available. We find that it is possible to reduce the false positive rate among Black and Latino voters to 6% and 3%, respectively, while maintaining the true positive rate above 80%. Moreover, we use our predictions to estimate turnout by race and find that our estimates yields substantially less amounts of bias and root mean squared error than standard ecological inference estimates. We provide open-source software to implement the proposed methodology.

Download Full-text

Induction of Neural Plasticity Using a Low-Cost Open Source Brain-Computer Interface and a 3D-Printed Wrist Exoskeleton

Sensors ◽

10.3390/s21020572 ◽

2021 ◽

Vol 21 (2) ◽

pp. 572

Author(s):

Mads Jochumsen ◽

Taha Al Muhammadee Janjua ◽

Juan Carlos Arceo ◽

Jimmy Lauber ◽

Emilie Simoneau Buessinger ◽

...

Keyword(s):

Open Source ◽

Neural Plasticity ◽

Motor Evoked Potentials ◽

Low Cost ◽

True Positive Rate ◽

Positive Rate ◽

3D Printed ◽

Major Factors ◽

And Control ◽

Bci System

Brain-computer interfaces (BCIs) have been proven to be useful for stroke rehabilitation, but there are a number of factors that impede the use of this technology in rehabilitation clinics and in home-use, the major factors including the usability and costs of the BCI system. The aims of this study were to develop a cheap 3D-printed wrist exoskeleton that can be controlled by a cheap open source BCI (OpenViBE), and to determine if training with such a setup could induce neural plasticity. Eleven healthy volunteers imagined wrist extensions, which were detected from single-trial electroencephalography (EEG), and in response to this, the wrist exoskeleton replicated the intended movement. Motor-evoked potentials (MEPs) elicited using transcranial magnetic stimulation were measured before, immediately after, and 30 min after BCI training with the exoskeleton. The BCI system had a true positive rate of 86 ± 12% with 1.20 ± 0.57 false detections per minute. Compared to the measurement before the BCI training, the MEPs increased by 35 ± 60% immediately after and 67 ± 60% 30 min after the BCI training. There was no association between the BCI performance and the induction of plasticity. In conclusion, it is possible to detect imaginary movements using an open-source BCI setup and control a cheap 3D-printed exoskeleton that when combined with the BCI can induce neural plasticity. These findings may promote the availability of BCI technology for rehabilitation clinics and home-use. However, the usability must be improved, and further tests are needed with stroke patients.

Download Full-text

The Heartbeat Classification Based on PCA

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.195-196.402 ◽

2012 ◽

Vol 195-196 ◽

pp. 402-406

Author(s):

Xue Qin Chen ◽

Rui Ping Wang

Keyword(s):

Principal Component Analysis ◽

Pattern Recognition ◽

Recognition Task ◽

Principal Component ◽

True Positive Rate ◽

True Positive ◽

Heartbeat Classification ◽

Positive Rate ◽

Electrocardiogram Ecg ◽

Pattern Recognition Task

Classify the electrocardiogram (ECG) into different pathophysiological categories is a complex pattern recognition task which has been tried in lots of methods. This paper will discuss a method of principal component analysis (PCA) in exacting the heartbeat features, and a new method of classification that is to calculate the error between the testing heartbeat and reconstructed heartbeat. Training and testing heartbeat is taken from the MIT-BIH Arrhythmia Database, in which 8 types of arrhythmia signals are selected in this paper. The true positive rate (TPR) is 83%.

Download Full-text

The influence of digital PET/CT on diagnostic certainty and interrater reliability in [68Ga]Ga-PSMA-11 PET/CT for recurrent prostate cancer

European Radiology ◽

10.1007/s00330-021-07870-5 ◽

2021 ◽

Author(s):

Ian Alberts ◽

Jan-Niklas Hünermund ◽

Christos Sachpekidis ◽

Clemens Mingels ◽

Viktor Fech ◽

...

Keyword(s):

Prostate Cancer ◽

Interrater Reliability ◽

True Positive Rate ◽

True Positive ◽

Recurrent Prostate Cancer ◽

Pathological Lesions ◽

Diagnostic Certainty ◽

Pet Ct ◽

Positive Rate ◽

Digital Pet

Abstract Objective To investigate the impact of digital PET/CT on diagnostic certainty, patient-based sensitivity and interrater reliability. Methods Four physicians retrospectively evaluated two matched cohorts of patients undergoing [68Ga]Ga-PSMA-11 PET/CT on a digital (dPET/CT n = 65) or an analogue scanner (aPET/CT n = 65) for recurrent prostate cancer between 11/2018 and 03/2019. The number of equivocal and pathological lesions as well as the frequency of discrepant findings and the interrater reliability for the two scanners were compared. Results dPET/CT detected more lesions than aPET/CT (p < 0.001). A higher number of pathological scans were observed for dPET/CT (83% vs. 57%, p < 0.001). The true-positive rate at follow-up was 100% for dPET/CT compared to 84% for aPET/CT (p < 0.001). The proportion of lesions rated as non-pathological as a total of all PSMA-avid lesions detected for dPET/CT was comparable to aPET/CT (61.8% vs. 57.0%, p = 0.99). Neither a higher rate of diagnostically uncertain lesions (11.5% dPET/CT vs. 13.7% aPET/CT, p = 0.95) nor discrepant scans (where one or more readers differed in opinion as to whether the scan is pathological) were observed (18% dPET/CT vs. 17% aPET/CT, p = 0.76). Interrater reliability for pathological lesions was excellent for both scanner types (Cronbach’s α = 0.923 dPET/CT; α = 0.948 aPET/CT) and interrater agreement was substantial for dPET/CT (Krippendorf’s α = 0.701) and almost perfect in aPET/CT (α = 0.802). Conclusions A higher detection rate for pathological lesions for dPET/CT compared with aPET/CT in multiple readers was observed. This improved sensitivity was coupled with an improved true-positive rate and was not associated with increased diagnostic uncertainty, rate of non-specific lesions, or reduced interrater reliability. Key Points • New generation digital scanners detect more cancer lesions in men with prostate cancer. • When using digital scanners, the doctors are able to diagnose prostate cancer lesions with better certainty • When using digital scanners, the doctors do not disagree with each other more than with other scanner types.

Download Full-text