TY - THES A1 - Tiwari, Abhishek T1 - Enhancing Users’ Privacy: Static Resolution of the Dynamic Properties of Android N2 - The usage of mobile devices is rapidly growing with Android being the most prevalent mobile operating system. Thanks to the vast variety of mobile applications, users are preferring smartphones over desktops for day to day tasks like Internet surfing. Consequently, smartphones store a plenitude of sensitive data. This data together with the high values of smartphones make them an attractive target for device/data theft (thieves/malicious applications). Unfortunately, state-of-the-art anti-theft solutions do not work if they do not have an active network connection, e.g., if the SIM card was removed from the device. In the majority of these cases, device owners permanently lose their smartphone together with their personal data, which is even worse. Apart from that malevolent applications perform malicious activities to steal sensitive information from smartphones. Recent research considered static program analysis to detect dangerous data leaks. These analyses work well for data leaks due to inter-component communication, but suffer from shortcomings for inter-app communication with respect to precision, soundness, and scalability. This thesis focuses on enhancing users' privacy on Android against physical device loss/theft and (un)intentional data leaks. It presents three novel frameworks: (1) ThiefTrap, an anti-theft framework for Android, (2) IIFA, a modular inter-app intent information flow analysis of Android applications, and (3) PIAnalyzer, a precise approach for PendingIntent vulnerability analysis. ThiefTrap is based on a novel concept of an anti-theft honeypot account that protects the owner's data while preventing a thief from resetting the device. We implemented the proposed scheme and evaluated it through an empirical user study with 35 participants. In this study, the owner's data could be protected, recovered, and anti-theft functionality could be performed unnoticed from the thief in all cases. IIFA proposes a novel approach for Android's inter-component/inter-app communication (ICC/IAC) analysis. Our main contribution is the first fully automatic, sound, and precise ICC/IAC information flow analysis that is scalable for realistic apps due to modularity, avoiding combinatorial explosion: Our approach determines communicating apps using short summaries rather than inlining intent calls between components and apps, which requires simultaneously analyzing all apps installed on a device. We evaluate IIFA in terms of precision, recall, and demonstrate its scalability to a large corpus of real-world apps. IIFA reports 62 problematic ICC-/IAC-related information flows via two or more apps/components. PIAnalyzer proposes a novel approach to analyze PendingIntent related vulnerabilities. PendingIntents are a powerful and universal feature of Android for inter-component communication. We empirically evaluate PIAnalyzer on a set of 1000 randomly selected applications and find 1358 insecure usages of PendingIntents, including 70 severe vulnerabilities. N2 - Die Nutzung von mobilen Geräten nimmt rasant zu, wobei Android das häufigste mobile Betriebssystem ist. Dank der Vielzahl an mobilen Anwendungen bevorzugen Benutzer Smartphones gegenüber Desktops für alltägliche Aufgaben wie das Surfen im Internet. Folglich speichern Smartphones eine Vielzahl sensibler Daten. Diese Daten zusammen mit den hohen Werten von Smartphones machen sie zu einem attraktiven Ziel für Geräte/Datendiebstahl (Diebe/bösartige Anwendungen). Leider funktionieren moderne Diebstahlsicherungslösungen nicht, wenn sie keine aktive Netzwerkverbindung haben, z. B. wenn die SIM-Karte aus dem Gerät entnommen wurde. In den meisten Fällen verlieren Gerätebesitzer ihr Smartphone dauerhaft zusammen mit ihren persönlichen Daten, was noch schlimmer ist. Abgesehen davon gibt es bösartige Anwendungen, die schädliche Aktivitäten ausführen, um vertrauliche Informationen von Smartphones zu stehlen. Kürzlich durchgeführte Untersuchungen berücksichtigten die statische Programmanalyse zur Erkennung gefährlicher Datenlecks. Diese Analysen eignen sich gut für Datenlecks aufgrund der Kommunikation zwischen Komponenten, weisen jedoch hinsichtlich der Präzision, Zuverlässigkeit und Skalierbarkeit Nachteile für die Kommunikation zwischen Apps auf. Diese Dissertation konzentriert sich auf die Verbesserung der Privatsphäre der Benutzer auf Android gegen Verlust/Diebstahl von physischen Geräten und (un)vorsätzlichen Datenverlust. Es werden drei neuartige Frameworks vorgestellt: (1) ThiefTrap, ein Anti-Diebstahl-Framework für Android, (2) IIFA, eine modulare Inter-App Analyse des Informationsflusses von Android Anwendungen, und (3) PIAnalyzer, ein präziser Ansatz für PendingIntent Schwachstellenanalyse. ThiefTrap basiert auf einem neuartigen Konzept eines Diebstahlschutzkontos, das die Daten des Besitzers schützt und verhindert, dass ein Dieb das Gerät zurücksetzt. Wir haben das vorgeschlagene Schema implementiert und durch eine empirische Anwenderstudie mit 35 Teilnehmern ausgewertet. In dieser Studie könnten die Daten des Besitzers geschützt und wiederhergestellt werden, und die Diebstahlsicherungsfunktion konnte in jedem Fall unbemerkt vom Dieb ausgeführt werden. IIFA schlägt einen neuen Ansatz für die Analyse von Komponenten zwischen Komponenten/ Inter-App Kommunikation (ICC/IAC) von Android vor. Unser Hauptbeitrag ist die erste vollautomatische, solide und präzise ICC/IAC Informationsflussanalyse, die aufgrund ihrer Modularität für realistische Apps skalierbar ist und eine kombinatorische Explosion vermeidet: Unser Ansatz bestimmt, dass Apps über kurze Zusammenfassungen kommuniziert werden, anstatt Absichtsaufrufe zwischen Komponenten zu verwenden und Apps, bei denen gleichzeitig alle auf einem Gerät installierten Apps analysiert werden müssen. Wir bewerten IIFA in Bezug auf Präzision, Rückruf und demonstrieren seine Skalierbarkeit für einen großen Korpus realer Apps. IIFA meldet 62 problematische ICC- / IAC-bezogene Informationsflüsse über zwei oder mehr Apps / Komponenten. PIAnalyzer schlägt einen neuen Ansatz vor, um Schwachstellen im Zusammenhang mit PendingIntent zu analysieren. PendingIntents nutzen eine leistungsstarke und universelle Funktion von Android für die Kommunikation zwischen Komponenten. Wir evaluieren PIAnalyzer empirisch an einem Satz von 1000 zufällig ausgewählten Anwendungen und finden 1358 unsichere Verwendungen von PendingIntents, einschließlich 70 schwerwiegender Schwachstellen. KW - Android Security KW - Static Analysis KW - Privacy Protection Y1 - 2019 ER - TY - THES A1 - Böhne, Sebastian T1 - Different degrees of formality T1 - Verschiedene Formalitätsgrade BT - an introduction to the concept and a demonstration of its usefulness BT - Vorstellung des Konzepts und Nachweis seiner Nützlichkeit N2 - In this thesis we introduce the concept of the degree of formality. It is directed against a dualistic point of view, which only distinguishes between formal and informal proofs. This dualistic attitude does not respect the differences between the argumentations classified as informal and it is unproductive because the individual potential of the respective argumentation styles cannot be appreciated and remains untapped. This thesis has two parts. In the first of them we analyse the concept of the degree of formality (including a discussion about the respective benefits for each degree) while in the second we demonstrate its usefulness in three case studies. In the first case study we will repair Haskell B. Curry's view of mathematics, which incidentally is of great importance in the first part of this thesis, in light of the different degrees of formality. In the second case study we delineate how awareness of the different degrees of formality can be used to help students to learn how to prove. Third, we will show how the advantages of proofs of different degrees of formality can be combined by the development of so called tactics having a medium degree of formality. Together the three case studies show that the degrees of formality provide a convincing solution to the problem of untapped potential. N2 - In dieser Dissertation stellen wir das Konzept der Formalitätsgrade vor, welches sich gegen eine dualistische Sichtweise richtet, die nur zwischen formalen und informalen Beweisen unterscheidet. Letztere Sichtweise spiegelt nämlich die Unterschiede zwischen den als informal klassifizierten Argumentationen nicht wieder und ist außerdem unproduktiv, weil sie nicht in der Lage ist, das individuelle Potential der jeweiligen Argumentationsstile wertzuschätzen und auszuschöpfen. Die Dissertation hat zwei Teile. Im ersten analysieren wir das Konzept der Formalitätsgrade (eine Diskussion über die Vorteile der jeweiligen Grade eingeschlossen), während wir im zweiten Teil die Nützlichkeit der Formalitätsgrade anhand von drei Fallbeispielen nachweisen. Im ersten von diesen werden wir Haskell B. Currys Sichtweise zur Mathematik, die nebenbei bemerkt von größter Wichtigkeit für den ersten Teil der Dissertation ist, mithilfe der verschiedenen Formalitätsgrade reparieren. Im zweiten Fallbeispiel zeigen wir auf, wie die Beachtung der verschiedenen Formalitätsgrade den Studenten dabei helfen kann, das Beweisen zu erlernen. Im letzten Fallbeispiel werden wir dann zeigen, wie die Vorteile von Beweisen verschiedener Formalitätsgrade durch die Anwendung sogenannter Taktiken mittleren Formalitätsgrades kombiniert werden können. Zusammen zeigen die drei Fallbeispiele, dass die Formalitätsgrade eine überzeugende Lösung für das Problem des ungenutzten Potentials darstellen. KW - argumentation KW - Coq KW - Curry KW - degree of formality KW - formalism KW - logic KW - mathematics education KW - philosophy of mathematics KW - proof KW - proof assistant KW - proof environment KW - tactic KW - Argumentation KW - Beweis KW - Beweisassistent KW - Beweisumgebung KW - Coq KW - Curry KW - Formalismus KW - Formalitätsgrad KW - Logik KW - Mathematikdidaktik KW - Mathematikphilosophie KW - Taktik Y1 - 2019 U6 - http://nbn-resolving.de/urn/resolver.pl?urn:nbn:de:kobv:517-opus4-423795 N1 - CCS -> Applied computing -> Education -> Interactive learning environments CCS -> Theory of computation -> Logic CCS -> Computing methodologies -> Symbolic and algebraic manipulation -> Symbolic and algebraic algorithms -> Theorem proving algorithms ER - TY - GEN A1 - Alhosseini Almodarresi Yasin, Seyed Ali A1 - Bin Tareaf, Raad A1 - Najafi, Pejman A1 - Meinel, Christoph T1 - Detect me if you can BT - Spam Bot Detection Using Inductive Representation Learning T2 - Companion Proceedings of The 2019 World Wide Web Conference N2 - Spam Bots have become a threat to online social networks with their malicious behavior, posting misinformation messages and influencing online platforms to fulfill their motives. As spam bots have become more advanced over time, creating algorithms to identify bots remains an open challenge. Learning low-dimensional embeddings for nodes in graph structured data has proven to be useful in various domains. In this paper, we propose a model based on graph convolutional neural networks (GCNN) for spam bot detection. Our hypothesis is that to better detect spam bots, in addition to defining a features set, the social graph must also be taken into consideration. GCNNs are able to leverage both the features of a node and aggregate the features of a node’s neighborhood. We compare our approach, with two methods that work solely on a features set and on the structure of the graph. To our knowledge, this work is the first attempt of using graph convolutional neural networks in spam bot detection. KW - Social Media Analysis KW - Bot Detection KW - Graph Embedding KW - Graph Convolutional Neural Networks Y1 - 2019 SN - 978-1-4503-6675-5 U6 - https://doi.org/10.1145/3308560.3316504 SP - 148 EP - 153 PB - Association for Computing Machinery CY - New York ER - TY - GEN A1 - Fandiño, Jorge T1 - Founded (auto)epistemic equilibrium logic satisfies epistemic splitting T2 - Postprints der Universität Potsdam : Mathematisch-Naturwissenschaftliche Reihe N2 - In a recent line of research, two familiar concepts from logic programming semantics (unfounded sets and splitting) were extrapolated to the case of epistemic logic programs. The property of epistemic splitting provides a natural and modular way to understand programs without epistemic cycles but, surprisingly, was only fulfilled by Gelfond's original semantics (G91), among the many proposals in the literature. On the other hand, G91 may suffer from a kind of self-supported, unfounded derivations when epistemic cycles come into play. Recently, the absence of these derivations was also formalised as a property of epistemic semantics called foundedness. Moreover, a first semantics proved to satisfy foundedness was also proposed, the so-called Founded Autoepistemic Equilibrium Logic (FAEEL). In this paper, we prove that FAEEL also satisfies the epistemic splitting property something that, together with foundedness, was not fulfilled by any other approach up to date. To prove this result, we provide an alternative characterisation of FAEEL as a combination of G91 with a simpler logic we called Founded Epistemic Equilibrium Logic (FEEL), which is somehow an extrapolation of the stable model semantics to the modal logic S5. T3 - Zweitveröffentlichungen der Universität Potsdam : Mathematisch-Naturwissenschaftliche Reihe - 1060 KW - answer set programming KW - epistemic specifications KW - epistemic logic programs Y1 - 2020 U6 - http://nbn-resolving.de/urn/resolver.pl?urn:nbn:de:kobv:517-opus4-469685 SN - 1866-8372 IS - 1060 SP - 671 EP - 687 ER - TY - GEN A1 - Aguado, Felicidad A1 - Cabalar, Pedro A1 - Fandiño, Jorge A1 - Pearce, David A1 - Perez, Gilberto A1 - Vidal, Concepcion T1 - Revisiting explicit negation in answer set programming T2 - Postprints der Universität Potsdam : Mathematisch-Naturwissenschaftliche Reihe N2 - A common feature in Answer Set Programming is the use of a second negation, stronger than default negation and sometimes called explicit, strong or classical negation. This explicit negation is normally used in front of atoms, rather than allowing its use as a regular operator. In this paper we consider the arbitrary combination of explicit negation with nested expressions, as those defined by Lifschitz, Tang and Turner. We extend the concept of reduct for this new syntax and then prove that it can be captured by an extension of Equilibrium Logic with this second negation. We study some properties of this variant and compare to the already known combination of Equilibrium Logic with Nelson's strong negation. T3 - Zweitveröffentlichungen der Universität Potsdam : Mathematisch-Naturwissenschaftliche Reihe - 1104 KW - Answer Set Programming KW - non-monotonic reasoning KW - Equilibrium logic KW - explicit negation Y1 - 2021 U6 - http://nbn-resolving.de/urn/resolver.pl?urn:nbn:de:kobv:517-opus4-469697 SN - 1866-8372 IS - 1104 SP - 908 EP - 924 ER - TY - JOUR A1 - Cabalar, Pedro A1 - Fandiño, Jorge A1 - Schaub, Torsten H. A1 - Schellhorn, Sebastian T1 - Gelfond-Zhang aggregates as propositional formulas JF - Artificial intelligence N2 - Answer Set Programming (ASP) has become a popular and widespread paradigm for practical Knowledge Representation thanks to its expressiveness and the available enhancements of its input language. One of such enhancements is the use of aggregates, for which different semantic proposals have been made. In this paper, we show that any ASP aggregate interpreted under Gelfond and Zhang's (GZ) semantics can be replaced (under strong equivalence) by a propositional formula. Restricted to the original GZ syntax, the resulting formula is reducible to a disjunction of conjunctions of literals but the formulation is still applicable even when the syntax is extended to allow for arbitrary formulas (including nested aggregates) in the condition. Once GZ-aggregates are represented as formulas, we establish a formal comparison (in terms of the logic of Here-and-There) to Ferraris' (F) aggregates, which are defined by a different formula translation involving nested implications. In particular, we prove that if we replace an F-aggregate by a GZ-aggregate in a rule head, we do not lose answer sets (although more can be gained). This extends the previously known result that the opposite happens in rule bodies, i.e., replacing a GZ-aggregate by an F-aggregate in the body may yield more answer sets. Finally, we characterize a class of aggregates for which GZ- and F-semantics coincide. KW - Aggregates KW - Answer Set Programming Y1 - 2019 U6 - https://doi.org/10.1016/j.artint.2018.10.007 SN - 0004-3702 SN - 1872-7921 VL - 274 SP - 26 EP - 43 PB - Elsevier CY - Amsterdam ER - TY - JOUR A1 - Aguado, Felicidad A1 - Cabalar, Pedro A1 - Fandiño, Jorge A1 - Pearce, David A1 - Perez, Gilberto A1 - Vidal, Concepcion T1 - Forgetting auxiliary atoms in forks JF - Artificial intelligence N2 - In this work we tackle the problem of checking strong equivalence of logic programs that may contain local auxiliary atoms, to be removed from their stable models and to be forbidden in any external context. We call this property projective strong equivalence (PSE). It has been recently proved that not any logic program containing auxiliary atoms can be reformulated, under PSE, as another logic program or formula without them – this is known as strongly persistent forgetting. In this paper, we introduce a conservative extension of Equilibrium Logic and its monotonic basis, the logic of Here-and-There, in which we deal with a new connective ‘|’ we call fork. We provide a semantic characterisation of PSE for forks and use it to show that, in this extension, it is always possible to forget auxiliary atoms under strong persistence. We further define when the obtained fork is representable as a regular formula. KW - Answer set programming KW - Non-monotonic reasoning KW - Equilibrium logic KW - Denotational semantics KW - Forgetting KW - Strong equivalence Y1 - 2019 U6 - https://doi.org/10.1016/j.artint.2019.07.005 SN - 0004-3702 SN - 1872-7921 VL - 275 SP - 575 EP - 601 PB - Elsevier CY - Amsterdam ER - TY - GEN A1 - Cabalar, Pedro A1 - Fandiño, Jorge A1 - Schaub, Torsten H. A1 - Schellhorn, Sebastian T1 - Lower Bound Founded Logic of Here-and-There T2 - Logics in Artificial Intelligence N2 - A distinguishing feature of Answer Set Programming is that all atoms belonging to a stable model must be founded. That is, an atom must not only be true but provably true. This can be made precise by means of the constructive logic of Here-and-There, whose equilibrium models correspond to stable models. One way of looking at foundedness is to regard Boolean truth values as ordered by letting true be greater than false. Then, each Boolean variable takes the smallest truth value that can be proven for it. This idea was generalized by Aziz to ordered domains and applied to constraint satisfaction problems. As before, the idea is that a, say integer, variable gets only assigned to the smallest integer that can be justified. In this paper, we present a logical reconstruction of Aziz’ idea in the setting of the logic of Here-and-There. More precisely, we start by defining the logic of Here-and-There with lower bound founded variables along with its equilibrium models and elaborate upon its formal properties. Finally, we compare our approach with related ones and sketch future work. Y1 - 2019 SN - 978-3-030-19570-0 SN - 978-3-030-19569-4 U6 - https://doi.org/10.1007/978-3-030-19570-0_34 SN - 0302-9743 SN - 1611-3349 VL - 11468 SP - 509 EP - 525 PB - Springer CY - Cham ER - TY - JOUR A1 - Aguado, Felicidad A1 - Cabalar, Pedro A1 - Fandiño, Jorge A1 - Pearce, David A1 - Perez, Gilberto A1 - Vidal-Peracho, Concepcion T1 - Revisiting Explicit Negation in Answer Set Programming JF - Theory and practice of logic programming KW - Answer set programming KW - Non-monotonic reasoning KW - Equilibrium logic KW - Explicit negation Y1 - 2019 U6 - https://doi.org/10.1017/S1471068419000267 SN - 1471-0684 SN - 1475-3081 VL - 19 IS - 5-6 SP - 908 EP - 924 PB - Cambridge Univ. Press CY - New York ER - TY - THES A1 - Ashouri, Mohammadreza T1 - TrainTrap BT - a hybrid technique for vulnerability analysis in JAVA Y1 - 2020 ER -