Alexander Oprisnik

Android applications and games

BallMaze

BallMaze is a fun and addicting puzzle game. You have to get the ball on a target field by rolling it through an unlimited number of challenging mazes.

The rules are simple:
The ball rolls until it hits an obstacle. Blocking fields have different colors and you can select which color blocks the ball. Different game modes include real-time multiplayer challenges as well as singleplayer fun. YouTube video.

Stackr

How high can you stack it?

Stackr is a challenging arcade game - simply stack the blocks as high as you can.
The following four items can be used once per game to improve your score:

Slow: Slows down the game.
Widen: Make everything wider.
Sticky: The row is glued together.
Reset: Reset the game and keep your points.

smsSync

I am currently working on a big update with a completely new design (as seen in the picture above).

smsSync is a powerful SMS application. In addition, it allows you to send and receive SMS messages from your tablet and from other devices.

You can pair your devices using NFC. The devices are then synchronized locally via Wi-Fi.

Research

Semdroid - Semantic Android Application Analysis Using Machine Learning (Master's Thesis, 2014)

Semdroid is a static Android application analysis framework that allows to detect certain functionality included in applications, like cryptographic code or SMS functionality.

Android applications are disassembled and the structure is reconstructed.
Several analysis plugins dissect the application and report their findings.

The application's components can be analyzed separately.
Plugins can be based on any static analysis approach.
We proposed a new analysis approach based on machine learning: the Semantic Pattern Analysis.
New plugins can easily be added - just create a new configuration file.

Semdroid can be used on a personal computer, or can be directly deployed onto an Android device for on-device analysis of installed applications.

Learn more Source code on GitHub

Android Security (2013 – now)

Performed several Android security assessments and implemented malware detection mechanisms:

On-device network traffic analysis:

Developed an Android application that monitors network traffic in real time and checks if sensitive data is sent to a remote server.
Additional checks detect hashed sensitive data (e.g., MD5, SHA-1, SHA-256, etc.).

Power consumption-based malware detection (see publication):

Modified and tweaked PowerTutor in order to get power traces.
By using machine learning, we can classify applications running on the device.
Implemented application for real-time SMS tampering detection (forward / discard SMS, SMS commands: e.g., return phone location).

Detecting SMS catchers and sniffers (see publication).
Analyzing the built-in encryption systems of the Android platform (see publication).

Ricochet Robots (2011)

Ricochet Robots is a board game where the players have to find the shortest path to a given target field by moving different robots.

Goal: find the best solution as fast as possible.
Implemented the playable game in Java, including a customizable user interface (Java Swing toolkit).
Developed several heuristics that work together to solve the NP-complete problem.
Found solutions can be displayed step by step or automatically.
Great results: the shortest solutions can be found very efficiently (< 10 ms for most scenarios).

Publications

2014

Identifying Cryptographic Functionality in Android Applications

Alexander Oprisnik, Peter Teufl, Daniel Hein, Thomas Zefferer

SECRYPT 2014: The 11th International Conference on Security and Cryptography

More information

Android Encryption Systems

Peter Teufl, Andreas Gregor Fitzek, Daniel Hein, Alexander Marsalek, Alexander Oprisnik, Thomas Zefferer

PRISMS: International Conference on Privacy & Security in Mobile Systems

More information

Android - On-Device Detection of SMS Catchers and Sniffers

Peter Teufl, Thomas Zefferer, Christoph Wörgötter, Alexander Oprisnik, Daniel Hein

PRISMS: International Conference on Privacy & Security in Mobile Systems

More information

Towards Secure Mobile Computing: Employing Power-Consumption Information to Detect Malware on Mobile Devices

Thomas Zefferer, Peter Teufl, David Derler, Klaus Potzmader, Alexander Oprisnik, Hubert Gasparitz, Andrea Höller

IARIA: International Journal On Advances in Software 2014 vol 7 nr 1&2

More information

2013

Power Consumption-based Application Classification and Malware Detection on Android Using Machine-Learning Techniques

Thomas Zefferer, Peter Teufl, David Derler, Klaus Potzmader, Alexander Oprisnik, Hubert Gasparitz, Andrea Höller

FUTURE COMPUTING 2013: The Fifth International Conference on Future Computational Technologies and Applications

More information Best Paper Award

2012

Compact Hardware Implementations of the Block Ciphers mCrypton, NOEKEON, and SEA

Thomas Plos, Christoph Dobraunig, Markus Hofinger, Alexander Oprisnik, Christoph Wiesmeier, Johannes Wiesmeier

13th International Conference on Cryptology in India (INDOCRYPT 2012), Kolkata, India, December 9-12, 2012, Proceedings

More information