Here are some summaries of academic papers I've read. These are not meant to be formal reviews or critiques, they're simply to help me remember the primary ideas of the papers. Hopefully they're useful to you.

If you feel I've omitted or misrepresented an important point, please comment and I will update accordingly.

Disclaimer: Nearly all the papers I review I do so under strict time constraints, which may lead to omission of important points or misinterpretation of findings. Any inaccuracies are mine alone and not the authors'. Occasionally I will directly use text from the paper to more rapidly finish taking notes. I make no claim of ownership or copyright of any text, ideas, or figures of any paper for which I am not an author.

Identity, Location, Disease and More: Inferring Your Secrets from Android Public Resources 2013-10-14

Full paper - bibtex

tl;dr (too long; didn't read)

The authors develop a proof of concept Android app with no permissions that can "acquire sensitive information such as a smartphone user's identity, the disease condition he/she is interested in, her location and her driving route."

More specifically:

  • What revealing apps has the user installed? (e.g. a diabetes or gay social network app)
  • Where is the user?
  • What is the phone owner's Twitter account?
  • What diseases is he/she searching on the WebMD mobile app?
  • Stocks he/she searches in Yahoo! Finance.
  • What is the current travel route of the user?

Measuring the Cost of Cybercrime 2013-01-07

Full paper - bibtex

tl;dr (too long; didn't read)

The authors attempt to calculate the approximate cost to individuals and society of several types of cybercrime.

Direct losses: losses, damage, or other suffering felt by the victim as a consequence of a cybercrime.

Indirect losses: the losses and opportunity costs imposed on society by the fact that a certain cybercrime is carried out, no matter whether successful or not and independent of a specific instance of that cybercrime. Indirect costs generally cannot be attributed to individual victims.

MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones 2012-07-03

Full paper

tl;dr (too long; didn't read)

MoCFI is the first general control-flow integrity (CFI) framework for smartphone platforms. It protects against runtime and control-flow attacks (e.g. code injection or ROP) by enforcing that jumps go to an expected location. The implementation is on iOS though the overall technique should be applicable to Android (which also uses ARM). Note: requires jail-breaking to set an environment variable, install a shared library, and allow the library to rewrite app code during load-time.

Retargeting Android Applications to Java Bytecode 2013-01-15

Full paper - bibtex

tl;dr (too long; didn't read)

This paper expands on ded to more effectively convert Dalvik bytecode to Java class files (successfully retarged 99.99% of tested classes, 99.64% of apps' conversion completely verifiable).


  • We introduce the Tyde intermediate representation for structured semantic mapping between the VMs. All 257 Dalvik instructions are translated using only 9 translation rules.
  • Because sound bytecode typing is necessary for verifiability, we use a strong constraint-based type inference algorithm.
  • We introduce code transformations to fix unverifiable input bytecode. In addition to making the code verifiable, these transformations accurately mirror VM runtime behavior.