Mathematics (Faculty of)

Permanent URI for this communityhttps://uwspace.uwaterloo.ca/handle/10012/9924

Welcome to the Faculty of Mathematics community.

This community and it’s collections are organized using the University of Waterloo's Faculties and Academics structure. In this structure:

  • Communities are Faculties or Affiliated Institutions
  • Collections are Departments or Research Centres

Research outputs are organized by type (eg. Master Thesis, Article, Conference Paper).

New collections following this structure will be created UPON REQUEST.

Browse

Browsing Mathematics (Faculty of) by Author "Aafer, Yousra"

Filter results by typing the first few letters
Now showing 1 - 5 of 5
  • Thumbnail Image
    Item
    A Longitudinal Analysis Of Replicas in the Wild Wild Android
    (University of Waterloo, 2024-09-24) Abbas Zaidi, Syeda Mashal; Aafer, Yousra
    In this thesis, we report and study a phenomenon that contributes to Android API sprawls. We observe that OEM developers introduce private APIs that are composed by copy-paste-editing full or partial code from AOSP and other OEM APIs – we call such APIs, Replicas. To quantify the prevalence of Replicas in the wildly fragmented Android ecosystem, we perform the first large-scale (security) measurement study, aiming at detecting and evaluating Replicas across 342 ROMs, manufactured by 10 vendors and spanning 7 versions. Our study is motivated by the intuition that Replicas contribute to the production of bloated custom Android codebases, add to the complexity of the Android access control mechanism and updates process, and hence may lead to access control vulnerabilities. Our study is facilitated by RepFinder, a tool we develop. It infers the core functionality of an API and detects syntactically and semantically similar APIs using static program paths. RepFinder reveals that Replicas are commonly introduced by OEMs and more importantly, they unnecessarily introduce security enforcement anomalies. Specifically, RepFinder reports an average of 141 Replicas per the studied ROMs, accounting for 9% to 17% of custom APIs – where 37% (on average) are identified as under-protected. Our study thus points to the urgent need to debloat Replicas.
  • Thumbnail Image
    Item
    A Security Analysis of the Multi-User Ecosystem in Android Framework
    (University of Waterloo, 2024-10-23) Khan, Muhammad Shahpar Nafees; Aafer, Yousra
    The Android framework’s multi-user ecosystem introduces significant security challenges, particularly in the enforcement of user-specific access control checks. While previous research has highlighted flaws in Android’s access control mechanism, these efforts often overlook the complexities introduced by vendor customization and the unique demands of a multi-user environment. In this thesis, we conduct a systematic analysis of the Android Open Source Project (AOSP), identifying key patterns regulating multi-user access control implementations. We use these patterns to develop MVP, a static analysis tool that examines vendor ROMs for missing user-specific access control checks in custom ROMs. For example, our analysis reveals that Android’s multi-user environment is susceptible to cross-user attacks; sensitive data can be shared between profiles, and non-privileged users can manipulate privileged system settings. These findings underscore the need for rigorous enforcement of access control mechanisms to mitigate security risks in Android’s multi-user environment.
  • Thumbnail Image
    Item
    Analyzing Access Control logic in the Android Automotive Framework
    (University of Waterloo, 2025-01-30) Jumana, .; Aafer, Yousra
    The Android Automotive Operating System (AAOS) is a specialized version of the Android OS designed specifically for in-vehicle hardware. Prominent car manufacturers, including Honda, General Motors (GM), Volvo, and Ford have already adopted it, with Porsche planning to follow soon. Despite its popularity, little has been done to evaluate the security of AAOS integration, particularly at the framework layer where access control vulnerabilities are likely to arise. To bridge the gap, we perform the first security evaluation of automotive APIs in AAOS. Our study is enabled by AutoAcRaptor, an automated tool that identifies automotive-specific entry points, generates their access control specifications, and analyzes them for potential security risks. AutoAcRaptor leverages static analysis and NLP to perform a three-staged analysis pipeline: 1) Convergence Analysis, 2) Similarity Analysis, and 3) Cross-Image Analysis. Our evaluation demonstrates that the tool is able to efficiently focus the security analysis on auto-specific functionality and pinpoint automotive APIs with likely anomalous access control.
  • Thumbnail Image
    Item
    Android Access Control Recommendation as a Deep Learning Task
    (University of Waterloo, 2023-09-25) Vagavolu, Dheeraj; Nagappan, Meiyappan; Aafer, Yousra
    Android enforces access control checks to protect sensitive framework APIs. If not properly protected, framework APIs can open the door for malicious apps to access sensitive resources without having the necessary privileges. Unfortunately, as reported in the existing literature, such access control anomalies are prevalent in Android APIs, notably those introduced by customization parties. Therefore, various solutions have been proposed to detect anomalies, particularly those due to inconsistencies in the enforcement of access checks across the Android framework(s). The solutions can be largely divided into two categories: convergence-based techniques which rely on the convergence of two APIs on similar resources, and probabilistic approaches which incorporate additional hints in the form of manually defined structural and semantic code constructs. In this paper, we are motivated by the promising application of using code constructs, beyond convergence as proposed by the probabilistic approaches, to recommend access control enforcement and detect inconsistencies. Specifically, we propose a deep learning-based approach that aims to automatically learn the correspondence between various code constructs and access control requirements. To this end, we fine-tune CodeBert on statically derived features from the Android Open Source Project (AOSP). Our feature engineering process addresses various peculiarities that characterize Android implementations. The resulting fine-tuned model can be queried to recommend access control for vendor-customized APIs. The fine-tuned model achieves an accuracy of 93%, a precision of 91%, and a recall of 92% in the AOSP data. Additionally, our evaluation of custom ROMs shows that the model is able to not only rediscover previously reported inconsistencies but also discover new ones.
  • Thumbnail Image
    Item
    Systematically Detecting Access Control Flaws in the Android Framework
    (University of Waterloo, 2022-08-25) El-Rewini, Zeinab; Aafer, Yousra
    Android's permission model is used to regulate access to the Application Program Interfaces (APIs) within the Android system services, which provide access to sensitive system resources, such as the camera and microphone. To successfully invoke sensitive APIs, a caller must hold one or more Android permissions. Like all access control systems, the Android permission model is vulnerable to anomalies in security policy enforcement, including inconsistent access control enforcement. These inconsistencies occur when there are multiple paths to a sensitive resource, some with stronger access control enforcement than others. Attackers can exploit an inconsistency to improperly access a sensitive resource by taking the path with the weakest access control checks. Many access control anomalies are a natural byproduct of the fragmented Android ecosystem, in which various vendors and carriers customize the baseline Android Open Source Project (AOSP) code base for their unique business needs. One consequence of this customization is software bloat, which is known to expand the attack surface. Though the security impacts of customization in the Android ecosystem have been studied extensively, the literature is missing a study on customization-induced code bloat and its effect on Android access control flaws. Additionally, though a significant body of research has been dedicated to Android access control inconsistency detection, the existing state-of-the-art tools experience high false positive rates, as they precisely link access control checks to resources. That is, if is a sensitive resource is shown to be control-dependent on an access control check, the existing tools consider that check required for that resource with full confidence. In practice, this assumption is faulty as an access control check may not target all control-dependent resources. In this thesis, we make two significant contributions to address both gaps in the literature. First, we conduct the first large-scale longitudinal study analyzing the security impact of Residual APIs, which are unused custom APIs that have been forgotten over the course of a customized AOSP code base's evolution. We find that Residuals are prevalent in the code bases of all major Original Equipment Manufacturers (OEMs) and that they result in security-critical vulnerabilities, including cases of inconsistent access control enforcement. Second, we introduce a novel probabilistic inconsistency detection approach that introduces a measure of uncertainty to the linkage between resources and access control checks. Our approach uncovers implicit relations between framework-level resources and protections and leverages probabilistic inference techniques to generate recommendations that link resources to protections with a degree of uncertainty. We find that our approach improves existing tools by reducing false positives.