Remote backup and recovery service for Android device owners

goatishspyMobile - Wireless

Dec 10, 2013 (3 years and 8 months ago)

76 views



Ben Gurion University

Deutsche Telekom Labs



The Program in Software Engineering



Remote backup and
recovery service for
Android device owners




A
D
D DOCUMENT



Authors:

Limor Segev

Eran Frieman

Carmel Karni


Date:

10 December
2013


Table of Content

1. Use Cases

................................
................................
................................
...................

3

High level use cases view of the system:

................................
...............................

3

2 Data Model

................................
................................
................................
...............

12

2.1 Description of Data Objects

................................
................................
...............

12

2.2 Data Objects Relationships

................................
................................
................

12

2.3 Databases

................................
................................
................................
...........

13

3 Behavioral Analysis

................................
................................
................................
..

15

3.1 Sequence Diagrams

................................
................................
...........................

15

3.2 Events

................................
................................
................................
................

19

3.3 States

................................
................................
................................
..................

19

4 Object
-
Oriented Analysis

................................
................................
.........................

20

4.1 Class Diagrams

................................
................................
................................
..

20

4.2 Class Description

................................
................................
...............................

22

4.3 Packages

................................
................................
................................
............

27

4.4 Unit Testing

................................
................................
................................
.......

27

5 System Architecture

................................
................................
................................
..

30

6 User Interface Draft

................................
................................
................................
..

31

7 Testing

................................
................................
................................
......................

37

Speed, Capacity & Throughput

................................
................................
...............

37

Reliability

................................
................................
................................
................

37

Availability

................................
................................
................................
..............

37

8 Task List

................................
................................
................................
...................

38

9

Prototype

................................
................................
................................
................

39




1
.

Use Cases

The Use cases of the system are:




1.

Install and Register

2.

Login

3.

Intercept Install Event
.

4.

Backup application
.

5.

Handset recovery
.

6.

Handle Android malware detection

7.

Manager Login

8.

Produce reports


High level use cases view of the system:





Install and Register

Use Case ID

1

Primary Actor

Owner (User)

Brief Description

The user registers to the server

(including a login)

Trigger

The user installs the system application

Preconditions

The server is active

Flow of Events

#

Actor

System

1

The user downloads
the application


2

The user installs the
apk file of the
application.


3


Asks the user for registry data:

Name, password

4

Enters the relevant
details and confirms


5


Agent send
s

the
username
and password

to the server

along w
ith the

device

IME
number.

6


The server writes the data to
the database


7


The server sends confirmation
to the user
.

Post
-
conditions

-

The new user is registered to the system


i⹥.


his⁤ t慩ls
睥w攠writ瑥t 瑯tt桥⁤戮

Alternative flows
and exceptio
ns

6.
a

-

The user name that was entered already exists in the
database.

-

The server notify the user and asks for new user name






Login

(first use after installation)

Use Case ID

2

Primary Actor

Owner

Brief Description

The
owner

login to the server

f
or the first time after the software
was installed. The owner had previously registered to the
system.

Trigger

The
owner

asks to log
in.

Preconditions

The application is installed

on the device
. The user is already
registered in the server, and needs to l
ogin since he replaced
his device or had to
re
-
install the backup and recovery
application.

Flow of Events

#

Actor

System

1

User hit the login
button


2


The agent asks the user for
username and password

3

Enters the relevant
details and confirms


4


Agent send
s

the
username
and password

to the server

along with the device IME
number.

5


The server confirms username
and password using the DB
. If
the IME doesn't match the one
stored, it creates a new entry
in the DB, associated with the
user, with

the new IME.

6


Server sends confirmation to
the agent

Post
-
conditions

-

The agent has the username, password and IME number
stored.

-

The server has the new IME number, in case the user has a
new device.





Intercept Install Event


Use Case ID

3

Primar
y Actors

Owner

Brief Description

The Agent detects that a new app
lication h
as been installed,
asks the user if he wa
nts to back it up. I
f so, sends the
appropriate files to
the server
.

Trigger

The user installed a new application.

Preconditions

The Ag
ent is enabled.

Flow of Events

#

Actor

System

1

Install an
application.


2


Agent identify the installation

3



Agent asks the
owner

whether




to backup the application

4

Confirms the
backup.


5


Agent
gets the apk file, and
the apk

signature.

6


Agent
login to the server

and
send the apk file signature.


(the rest is continued in use
case 4)

Post
-
conditions

The application has been installed and was backed up on the
server.

Alternative flows
and exceptions

3
.a


The agent was con
figured to auto
-
backup, so it skips
directly to step 5 without asking the user.


4.a


The user decide not to backup the app, the app is not
backed up.





Backup Application

Use Case ID

4

Primary Actors

Server

Brief Description

The server

receives an
application signature from the agent,

check
s

if the files

already exist in his data base. In case that it
does

not
,

the server gets the apk file and stores it. The server
the
n add
s

the appropriate records to its data base.

Trigger

Agent sends
apk signat
ure

to the server

(including implicit login)

Preconditions

The server is active. The Agent has logged in to the server and
sent
the apk file signature, the user approved to backup the
application.

Flow of Events

#

Actor

System

1


The server searches fo
r
the apk
signature in the
database

2



The server doesn't find an
apk with this signature

in
the database
, so it
requests the full apk from
the agent.

3

The agent send
apk file

and data to
the server


4


The s
erver st
ores
application data in the db,

update the user backup
-

list and updates the
application status to be
"UNCHECKED"

5


The server sends
confirmation to the agent

6

The agent informs
the user that the
backup was
completed
successfully.


Post
-
conditions

-

The applic
ation is backed

up on
the server.

-

The application is associated with the user's backup
-
list.


2
.a

T
he application exists in the database:

1)

T
he server just update
s the user backup list

without
asking for the apk file

from the agent.

2)

In case that the application is marked in the
database as malicious, the server informs the user
about it, advice him to remove it, and ask him if the
application should be in his recovery list.




Handset recovery

Use Case ID

5

Primary Actors

Owner

Brief Description

The user decides to recover
spe
cific app
lications
. The agent
receives the

user's recovery list
from the server and then
performs a recovery

to the ones that the user selected.


Trigger

The user asked to perform a recovery.

Preconditions

The applications designed to be recovered has a
backup on the
server

and are associated with the user’s backup list


Flow of Events

#

Actor

System

1

Asks to do an
application
recovery.


2


The agent performs login,


and
asks for
his recovery
list

3


The recovery list is presented
to the user

5

Chooses
specific
app
lication
s to
be recovered



6


Agent asks for
the
specific
app
lication
s from the server.

7


Server send
s relevant
applications apk files.

8


Agent sends confirmation to
the server

9


Agent performs recovery of
the desired a
pp
lication
s.

10


Agent informs the user of a
successful recovery.

Post
-
conditions

The applications have been recovered.

Alternative flows
and exceptions

7
.a


The agent receives a corrupted file from the server (e.g.
due to connection problems).


The

agent request for resending of the information from
the server.


7.b

The server detects malicious application in the user
recovery list.



The server informs it to the agent, who asks the user if
he wishes to recover a malicious application.





Handle
Android Malware Detection

Use Case ID

6

Primary Actor

Threats Detection
system

(an external application that interact
with our system)
,
owner

Brief Description

The Threats Detection system

detects

an infection in a s
pecific
application stored on the ser
ver
.

Trigger

The Threats D
etection
system

had
detected an infection in an
ap
plication and notified the server
.

Preconditions

The
Threats detection
system is active,

server is active and the
database contains applications.

Flow of Events

#

Actors

System

1

Sends a notification

about an infected
application


2


Server finds the infected
application id inside the
database (according to it's
status


"䥎fb䍔b䐢)

3


Locates all device owners ids
which installed this application

4


The server adds the
a
pplication details to the
malicious applications table

5


Sends notification to all of the
relevant device owners,
instructing them to recover
their device to previous state.

6


The server asks the device
owners if they want the
malicious application t
o be on
their recovery list for future
recoveries

Post
-
conditions

-

All of the relevant device owners received a notification
about the threat that was detected

-

The device owners choose whether or not to keep the
malicious application in their recovery list
s.

-

The infected application was documented and handled by
the server






Manager
Login

Use Case ID

7

Primary Actor

System Manager

Brief Description

The
manager

login to the server

in order to get information
stored

Trigger

The manager

asked

to login


Preconditions

The server is
active;

the
manager started the
GUI

application.

Flow of Events

#

Actor

System

1

Manager

hit the
login button


2


The
server asks the manager

for a username and password

3

Enters the relevant
details and confirms


4


The server confirms username
and password using the DB

5


Server sends confirmation
to
the GUI

Post
-
conditions

-

The
manager

is logged in

Alternative flows
and exceptions

4
.a

-

the server finds that the login data hasn’t matched the
摡瑡tst潲敤oi湳i摥⁴h
攠e慴a扡se

-

瑨t⁳敲e敲潴ifi敳⁴ 攠eser⁡ 搠d潥s⁢慣k⁴ ⁳瑥t′





Produce Reports

Use Case ID

8

Primary Actor

System Manager

Brief Description

The system manager asks the server to produce reports based
on the data stored in the database.

This is a

generic use case that demonstrates the process which
is identical for each type of report.

Trigger

The system manager asked

for a report

Preconditions

The s
ystem manager started the manager
-
GUI application
.

Flow of Events

#

Actors

System

1

Sends a re
quest to
produce
a specific
report
.


2


Server
parse the request and
sends back

the desired
information

3

Parse the data
received from the
server and present
the requested
report.


Post
-
conditions

-

The desired report is presented



2 Data Model

2.1 D
escription of Data Objects


Client
Agent

userName :String

password :String

deviceIME: long

serverUpdateInterval :int

loggedIn : boolean

autoBackup : boolean

serviceRunning : boolean


The application has no need of complex data objects, since:


1)

The ser
ver keeps all of the relevant users and applications data in a MySQL data
-
base.

2)

The only information that the client application needs to keep is the configurations made
by the user and login data:

a.


Lo
gin data in order to perform auto login when he needs t
o send an application
for backup or receive
recovery data (this includes the username, password and
device IME number).

b.

The agent also keeps a number

serverUpdateInterval

which represent the time
interval in which the agent will check if any of the user's
installed applications
had been detected as malicious.

c.

Configuration data


which includes:

1.

loggedIn


is the agent loggedIn to the server


2.

autoBackup


should the agent backup applications automatically, or
should he ask the user.


3.

se
rviceRunning


is th
e service (agent) currently active.



2.2

Data Objects

Relationships

Non applicable, since there is only one date object.



2.3 Databases


Entity Relations Diagram:














Users

UserName

Password

Registration

LastUse


APKs

Name

Signature

Adde
d At

Status

Size

Location


Users
-
APKs

UserName

APKName

Added At

Notified


Manager
s

UserName

Password

Registration

LastUse

E
-
Mail


Users
-
Devices

UserName

IMEnumber


Rollbacks

UserName

rollbackDate


Transactions:

Client Transactions:



Registration


cr
eates a new entry in the
Users

table.



Login


changes
the
LastUse

column

in the appropriate
Users

entry
.


According to the project costumer definition, it is not needed to prevent users from

performing parallel logins with the same username and password.



Backup


Create
s

a new entry in the
Users
-
APKs

table
and may create

a new entry in the
APKs

table, if one
doesn’t already

exist.



Change

Password


changes the
password

column in the appropriate
Users

entry.



Check updates
-

changes the
LastUse

column in t
he appropriate
Users

entry (uses login)



Ask For Apk list


receives

Manager Transactions:



Creation


creates a new manager entry in the managers table.



Login
-

changes the
LastUse

column in the appropriate
Manager
s

entry.



Get
Report
-

receive a data for

a specific report (out of few reports defined in advance)

Malware detection system interface:



Change Status


changes the status column in the relevant
APKs

entry, the status can be one
of three values:
UNCHECHED/CHECKED
/
INF
ECTED

(
default value is U
NCHECK
ED
)
.




Alert User
-

assigns true to the
Notified

column (default value is false) in the appropriate
Users
-
APKs

entry


3 Behavioral Analysis

3.1 Sequence Diagrams



A standard sequence diagram for message handling at
the
server side

we will call it "server (
High
Level)" in other sequence diagrams
:




Register

*server side actions are described above.



Login

*server side actions are described above.




Intercept Install Event

+ BackUp

*server side actions are described above.




Handset recovery

*server

side actions are described above.



Handle Android Malware Detection




Manager
Login

*server side actions are described above.



Produce Reports

*server side actions are described above
.



3.2 Events


New app
lication

installation
: A user tries to i
nstall a new Application on the android
machine;

the installation is discovered by the agen
t which the
n sends the user data
and the ap
k signature to the server. In case that

t
he signature
already exists on the
server, it

up
dates the database. If the server

is unfamiliar with the signature than the
server asks for the
full
apk
file, which the
n

is

being
sent by

the client
-
agent.

U
pon receiving the apk the server register it on the DB and the scenario ends.


An
application is detected as
malware:

The malware

detection
application

discovers

that one of the app
lications is a malicious

a
nd informs the servers about it;

upon notification,
the ser
ver
chan
ge
s

the
status of the application in the relevant field

of the database
. Each client with the
relevant applicat
ion installed
will receive the
information about the malicious program once it logs in and checks for updates on the
server.

3.3 States



The s
erver is always active.




Cl
ient/
Agent:



Active









Inactive


Logged
-
In

Logged
-
Out


4 Object
-
Oriented Analysis

4.1 Clas
s Diagrams




The client
-
agent class diagram







The
client
-
manager

class diagram




The
server

class diagram





4.2 Class Description


Below there is a description of the main classes, and for each class a detailed

explanation of the main method
s
.



Server Side


Class
Reactor


This class is the server’s reactor for requests sent from remote clients (such as the ClientAgent

and the manager gui which is located in a remote computer).

The server has an IP and port
(i.e


a server socket channel)
th
rough which it receives
requests, parses them and reacts.


This class handles server operations that are related to bac
kup and recovery of user's apks and

also management requests (such as producing reports).


The reactor is always running and waiting fo
r connection requests
.


The reactor creates a th
read
-
pool
which w
ill be used in order to handle
messages


from clients

(which will be handled by threads) .


T
he

Reactor creates instances of the

ConnectionAc
ceptor

upon accepting connection requests
.

Finally
, MessageProcessorTask thread gets the message sent
by the user and using the
Protocol parses it.



Class
ConnectionAcceptor


This
class creates a socket channel for the communication with the client who wants to

establish a connection with the server.


The main method here is "accept()" which creates the socket channel that will be used

exclusively by the
server to communication with the client during the current connection

scenario
.




Class
ConnectionHandler


This class uses the socket channel in o
rder to read the messages sent from the client.


For each message
, it creates an instance of MessageProcessorTask that will handle the

message.





Class
ReactorData

This class is a singleton which is used by the other classes in order to get the selecto
r and

executor
(th
r
ead
-
pool)
when needed.


Class
Protocol (implements ServerProtocol)

This class has only one method, which is

parse(String message). T
his

method is highly
important since it decides according to the content of the message what should happ
en next.

A result of the parsing could be a database query, a response to the gui
-
client of the server or a
response to the Client
-
Agent.



Preconditions


the Reactor thread is up and running and a connection with a
specific client has been established.



A r
esponse of some sort is returned to the client.


Class SqlInterface


Description



the class in wrapper around sql queries used to access the SQL server

in order to
get or set data
.

Precondition
-

all the methods require the server to be active.


queryAd
minLogin
(
admin,password
);



Description


this method gets username and password and checks that they match an
entry in the DB



Post
-
conditions


if a matching record is found in the database, the manager is
marked as logged in.

queryUser
s
List(
string applica
tionName
)



Description


this method gets returns a l
ist of all the users who has the given
application in their applications list.



Post
-
conditions


the list of users is retrieved.


queryAppList(
String username
)



Description


this method gets returns a lis
t of a
ll the APK's that are part of the given
user backup list
.



Post
-
condition
-

the list of applications is retrieved.


queryGetApp
(
String
apkName)



Description


this method

returns the application that matches the given application
name.


queryIsExist(str
ing
Signature)



Description


this method checks
whether an apk with the given signature e
xists on
the server.


queryAddApkUser(
String
apkName,

String
user
name
)



Description


this method adds the application to the user list of APK's and vice
versa.



P
re con
ditions

the user is registered.



Post Conditions


the DB is updated and the user is registered as holding the
specified application
, if the application was not backed up on the server, it now does.


queryLogin(
string
user
name
,

string

password)



Description



this method gets username and password and checks that they match an
entry in the DB



Post Conditions


the users is marked as logged in.


queryAddUser(
String
user
name, String
password)



Description


this method gets username and password and adds the s
pecified user to
the DB
.



P
reconditions


the user does not exist in the DB



P
ost conditions

the user exists in the DB.


query
Users
Report()



Description


Returns the data about the users in order to produce users report
.

queryApksReport()



Description


Retu
rns the data about the apks in order to produce applications report.

queryUsersApksReport()



Description


Returns the data about the users
-
apks in order to produce users
-
applications report.

queryRollbacksReport()



Description


Returns the data about the r
ollbacks made in order to produce rollbacks
report.

queryMalwaresReport()



Description


Returns the data about the malwares detected in order to produce
Malwares report.



Client

Side


Class
Agent
ComManager

This class

is responsible for the communication w
ith the server. It knows how to connect to
the server and send / receive messages. The ClientAgent class uses the methods of this class as
“black box”, and does not know anything about the implementation of the communication.

The method sendMessage() is c
alled after one of the other methods is initiated and then it
prepares
a message and send it to the server.




Class ClientAgent


ClientAgent class is
the backbone of the client application it is
responsible for the agent

operations and behavior on the de
vice.

It
delegates messages from the android client to the server through the class
AgentComManager
.


The main functionalities of the class are:



Receive

an
apk detected by the listener and sends them to the server

(via
delegation)

for backup.



Handle

regis
tration and login needed in order to exchange data with the
server
.



Handle

recovery requests.




Regist
e
r(username, password)



Description
-

This method is used in order to register the user in the server's DB for
future backup of apks and recovery reques
ts. It is called only once at the first time
that the agent service is initiated.

The registration is done by calling the register
method of the
AgentComManager
.



Precondition


the agent is installed on the device and running



Post
-
condition


the user is r
egistered in the server DB, the agent keeps the username
and password given by the user in order to communicate with the server.


login(
username, password
)



Description
-

This method is called when a user which is not a regular user of the
system or a first

time user tries to login into the system.

It delegates the login through
the login method of the
AgentComManager
.



Preconditions


the agent was registered in the server and holds a username and
password for identification, the agent is currently active.



P
ost
-
condition


the agent logged in successfully

alertBacku
p
(
boolean
)



Description
-

This method is called when the user is asked
whether

he would like to
backup a certain app
lication
.



Preconditions


The A
gent has detected an application that was installed

and the
agent was configured to manual backup.



Post
-
condition


The agent acts acc
ording to

the user wish.



backUp(apk File);



Description


this method is called after the listener had detected
an installation. The
apk file is sent to the server via TCP/
IP.



Preconditions


the agent is active and logged in to the server.



Post
-
condition


the apk file was sent to the server successfully.

chooseApps(List<apk> apps);



Description


this method is called in when the user selects applications in order to
recove
r them on his device.



Precondition


the agent was registered in the server.



Post
-
condition


the

list of applications is chosen in order to do recovery
.

configure(List configurationFields);



Description


gets a new set of agent configuration, made by the
user in the gui, and
set the agent internal configuration fields accordingly.



Precondition


the backup and recovery application is installed.



Post
-
condition


the configuration fields are set according to the new definitions.

checkUpdates();



Description


checks for updates about malwares in the server, in order to do that it
calls the checkUpdates() method of
AgentComManager
.



Precondition


the backup and recovery application is installed

and the user is
registered and logged in.



Post
-
condition


the agen
t got updates and alerted the user in case necessary.

compare(List phoneApks, List serverApks);



Description


compares the applications list on the phone to the application list
backed up on the server

it uses the method
getBackedupApks
()

from the

AgentCo
mManager
.



Precondition

the backup and recovery application is installed and the user is
registered and logged in.



Post
-
condition


the list of differences between the backed up applications and the
applications installed is presented to the user.

getBacke
dupApks();



Description


gets the list of applications
from

the server using the
getBackedupApks() method of the
AgentComManager
.



Precondition
-

the backup and recovery application is installed and the user is
registered and logged in.



Post
-
condition


the

list of backed up applications is retrieved from the server.

do
R
ecover
y(application list
);




Description


this method is called after
a recovery request w
as made by the user. It
gets a list of applicaton names from the user and installs them on the devic
e



Preconditions


the agent is active and logged in t
o the server, recovery data exists on
the server.



Post
-
condition


the application

had been re
-
installed on the device.


alertUser(String appName);




Description


this method is called after the agent ha
d been notified by the server that
a malware was detected on his device, instructing him to recover/remove the
application.



Preconditions


the agent is active and logged in to the server
.



Post
-
condition


the user had been notified.



Class
Listener


This

class detects installations of new apks and forward them to backup(apk File)
method of

the clientAgent class.




Class Restorer

This class handles restoration of an application file (apk) on the device.

It has only one major method


restore(apk file).

R
estore(apk file)



Description


this method receives an apk file which the user decided he wants to
restore on his device. The apk file is sent from the server and this method is
responsible for re
-
installing it on the device.



Preconditions


the agent is
active and it was able to receive a valid apk file from the
server



Post
-
conditions


the apk is installed on the device.


Manager

(also client side)

Class Manaer
GuiFacade

This class is built according to the façade design pattern.

It is a layer between the

manager

management Gui and the rest of the “logic” of the
application.

It provides an interface of methods which the Gui can provoke, so that the Gui doesn’t has to
know how the logic is implemented, and hence the coupling between the logic and the Gui
de
creases.


Class ComManager

This class is the manager communication manager with the server.

It has all of the implementation of addressing the server in order to send or receive data, while
the logic class ManagerLogic does not know anything about it, and
uses this class as “black
-
box”.

All of the methods of this class are called from the parallel methods in ComManager.

The methods prepare requests and send them to the server using

the method

sendMessage().



Class ManagerLogic


This class is part of the s
erver logic layer
, it gets users requests from the Gui through the

façade, and sends them to the server using
the delegation class ComManager.

The class main methods are:

addManager(String name, String password);



Description


this method adds a new manag
er to the database in the server. In order
to do so, it calls addManager() in ComManager class.



Preconditions


the server is running.



Post
-
conditions


the new manager is added to the database.

produceUsersReport();



Description


this
method is called whe
n the manager wants to produce the users
report, in order to do that, the method produceUsersReport() of the class
ComManager is called.



Preconditions


the server is running, the manager is logged in.



Post
-
conditions


the report data is sent back from th
e server.

produceApksReport();



Description


this
method is called when the manager wants to produce the
applications report, in order to do that, the method produceApksReport() of the class
ComManager is called.



Preconditions


the server is running, the
manager is logged in.



Post
-
conditions


the report data is sent back from the server.

produceUsersApksReport();



Description


this
method is called when the manager wants to produce the users
-
applications report, in order to do that, the method produceUser
sApksReport() of the
class ComManager is called.



Preconditions


the server is running, the manager is logged in.



Post
-
conditions


the report data is sent back from the server.

produceRollbacksReport();



Description


this
method is called when the manager

wants to produce the rollbacks
report, in order to do that, the method produceRollbacksReport() of the class
ComManager is called.



Preconditions


the server is running, the manager is logged in.



Post
-
conditions


the report data is sent back from the ser
ver.

produceMalwaresReport();



Description


this
method is called when the manager wants to produce the malwares
report, in order to do that, the method
produceMalwaresReport()

of the class
ComManager is called.



Preconditions


the server is running, the m
anager is logged in.



Post
-
conditions


the report data is sent back from the server.

Login(String name, String password);



Description


this
method is called when the manager tries to login. This method
calls the login(String username, String password) of
the ComManager class.



Preconditions


the server is running.



Post
-
conditions


the manager is logged in

(marked in the database)
, or an error
message is sent if the login data is incorrect.


4.3 Packages


The backup and recovery project will have the foll
owing packages:


(every

is a package
, every

is a stand
-
alone application
.

Inside every package a


is a class
).



4.4 Unit Testing


Class Cl
i
e
ntAgent

Num

Method
Name

Test scenario

Expected output

0

Register

User information

OK

1

Register

User in
formation with missing fields

An appropriate
error report

2

Register

User name of an already registered
user

An appropriate
error message

3

L
ogin

User name and password of an existing
user

OK

4

L
ogin

User name and password of a non
existing user

Error

message

5

Login

Wrong User name or password of an
existing user

Error message

6

backupAPK

install a
new apk that was never
installed on the client and is
unfamiliar

to the server

The server ask
s to
get the apk from
the client.

7

backupAPK

Install a

ne
w apk that was never
installed on the client and is
familiar

to
the server

Server sends an
OK message.

8

backupAPK

Run a

new apk that was previously
Server sends an
installed on the client.

OK message.

9

doRecovery

Installing an app, deleting it, asking
for
recovery

A list of apps to
recover including
the one deleted.

10

chooseApps

Ask for recovery, choose a program
from the list

The program is
installed on the
android machine

11

checkUpdates

+ alert
user

Install an app, set the application to be
"mali
cious" , check for updates,

Get the
appropriate msg.

12

AlertB
ackup

See that the agent is c
onfigure
d the
client to manual

backups,

and

install a

new application
.

Get
an alert about
new application
being installed.

13

getBackedUpA
pks

Install some apk's,

ask to see the
backed up apk's

Get a list of the
APK's that were
backed up.

14

getBackedUpA
pks

ask to see the backed up apk's on a
machine were no apk's were backed up

Get an empty list


Class
AgentComManager

Num

Method
Name

Test scenario

Expected out
put

0

Register

User information

OK

1

Register

User information with missing fields

An appropriate
error report

2

Register

User name of an already registered
user

An appropriate
error message

3

L
ogin

User name and password of an existing
user

OK

4

L
og
in

User name and password of a non
existing user

Error message

5

Login

Wrong User name or password of an
existing user

Error message

6

SendSignature

Send a signature of an APK that exist
on the server

False

7

SendSignature

Send a signature of an APK th
at exist
on the server

True

8

sendAp
k

Send apk to the server

APK exists on the
server.

9

getA
pk

Send an unknown signature to the
server

Null

10

getA
pk

Send an a known signature to the
server

Get the APK.

11

checkUpdates

+ alert
user

Install an app, se
t the application to be
"malicious" , check for updates,

Get the
appropriate msg.

12

checkUpdates

Send a check updates message

Get a list of
updates.

13

getBackedupApks
()

Install some apks, run
getBackedupApks


A list of the APKs .



Class Managment
Logic

Num

Method
Name

Test scenario

Expected output

1

L
ogin

User name and password of an
existing
manager

OK

2

L
ogin

User name and

password of a non
existing manager

Error message

3

Login

Wrong User name or password of
an existing
manager

Error mess
age

4

Add manager

Login, add a manager already in the
Error message

system

5

Add manager

Login, add a manager, log in with
the newly created manager

The correct GUI
screen

For the following tests we will prepare a well known DB:

6

ProduceUserReport

Pro
duceUserReport

Get back the
expected report

7

ProduceAPKsReport

ProduceAPKsReport

Get back the
expected report

8

ProduceUserAPKSReports

ProduceUserAPKSReports

Get back the
expected report

9

ProduceRollbackReports

ProduceRollbackReports

Get back the
expe
cted report

10

ProducemalwareReports

ProducemalwareReports

Get back the
expected report

For the following tests
there will be an empty DB

11

ProduceUserReport

ProduceUserReport

Get back an
empty Report

12

ProduceAPKsReport

ProduceAPKsReport

Get back an

empty Report

13

ProduceUserAPKSReports

ProduceUserAPKSReports

Get back an
empty Report

14

ProduceRollbackReports

ProduceRollbackReports

Get back an
empty Report

15

ProducemalwareReports

ProducemalwareReports

Get back an
empty Report


Class ComManager

Num

Name

Test scenario

Expected output

1

L
ogin

User name and password of an
existing
manager

OK

2

L
ogin

User name and

password of a non
existing manager

Error message

3

Login

Wrong User name or password of
an existing
manager

Error message

4

Add ma
nager

Login, add a manager already in the
system

Error message

5

Add manager

Login, add a manager, log in with
the newly created manager

T
rue

For the following tests we will prepare a well known DB:

6

ProduceUserReport

ProduceUserReport

A list of users

7

ProduceAPKsReport

ProduceAPKsReport

A list of apks

8

ProduceUserAPKSReports

ProduceUserAPKSReports

A list of pairs
<apk,user>

9

ProduceRollbackReports

ProduceRollbackReports

A list of rollbacks

10

ProducemalwareReports

ProducemalwareReports

A list o
f malicious
APK's

For the following tests
there will be an empty DB

11

ProduceUserReport

ProduceUserReport

Empty list

12

ProduceAPKsReport

ProduceAPKsReport

Empty list

13

ProduceUserAPKSReports

ProduceUserAPKSReports

Empty list

14

ProduceRollbackRepor
ts

ProduceRollbackReports

Empty list

15

ProducemalwareReports

ProducemalwareReports

Empty list


Class SQL
Interface:

For the following tests we will prepare a well known DB:

Num

Name

Test scenario

Expected output

1

QueryIsExist

Signature of a known ap
k

T
rue

2

QueryIsExist

Signature of an unknown
F
lase

apk

3

QueryAddApkUser +
QueryGetAppList

Add an apk not existing
yet, get app list.

The installed APK is in the
list.

4

QueryAddApkUser +
QueryGetAppList

Add an apk that is already
in the user list ,
get app list.

The installed APK is in the
list only once.

5

QueryAddUser

Add an already existing
user

F
alse

6

QueryAddUser

Add a new user

T
rue

7

queryLogin

Try to login with wrong
password

F
alse

8

queryLogin

Try to login with a wrong
username

F
alse

9

queryLogin

Try to login with a correct
user and password

T
rue

10

queryAdminLogin

Try to login with wrong
password

F
alse

11

queryAdminLogin

Try to login with a wrong
username

F
alse

12

queryAdminLogin

Try to login with a correct
user and password

T
rue

1
3

QuerryUserReport

QueryUserReport on
empty DB

Empty list

14

QuerryAPKsReport

QueryAPKsReport on
empty DB

Empty list

15

QuerryUserAPKSReports

QueryUserAPKSReports
on empty DB

Empty list

16

QuerryRollbackReports

QueryRollbackReports on
empty DB

Empty lis
t

17

QuerryUserReport

QueryUserReport

The expected list

18

QuerryAPKsReport

QueryAPKsReport

The expected list

19

QuerryUserAPKSReports

QueryUserAPKSReports

The expected list

20

QuerryRollbackReports

QueryRollbackReports

The expected list

21

QuerryGet
App

QuerryGetApp with a non
existing apk name

N
ull

22

QuerryGetApp

QuerryGetApp with an
existing apk name

Get the correct apk

23

queryApplist

QueryApplist with a non
existing user name

N
ull

24

queryApplist

QueryApplist with a user
that has no backed u
p
apps

Empty list

25

queryApplist

QueryApplist with a user
with some backed app

The correct list.

26

QueryAlertAboutApk

QueryAlertAboutApk with
an apk name

The field in the apk has
changed..



5

System Architecture

Sql Server:

The sql server is a ser
ver that runs mySql .

Android recovery server:

This server is deployed on a designated computer that
is accessible from the internet.
and can
communicate with the sql server (the two can be in the same or different computers).

This server also holds all th
e APK files that were backed up

Client:

The client is installed on every android device that wishes to use the recovery server utilities.
The installation is done by using an APK file.

Management interface:

An application installed on a manager’s computer
. The application communicate with the
server and allow the manager to produce reports and statistics.

6 User Interface Draft


Client

GUI
:

The client GUI enables the device user

to control the behavior of the backup and recovery service.

The service is al
lows manual configuration of it features.


This is a sketch of the main service screen:


This screen allows the user to navigate and control a
ll of the applications features.

Inputs: the user selects the desired feature.

Outputs: the desired screen is pre
sented

(following is a description of each screen)


This is a sketch of the configuration screen:


Inputs:
the user can use the radio buttons in order to set the service to auto
-
backup of applications, he
can also enable/disable the agent, change his pas
sword


This is a sk
etch of the registration screen:


Inputs: the user enters username and password and hit the “register” button.

Outputs: a confirmation message is presented.

The agent connects to the server and sends the registration data.


This is a sk
etch of the login screen:


Inputs: the user enters username and password and hit the “login” button.

Outputs: a confirmation message is presented.

The agent connects to the server and sends the
login

data.

The login option will normally be used in case th
at the user switched devices or had to set his device to
factory settings. The user installs the backup and recovery service and then logins (since he is already
registered).


This is a sketch of the recovery screen:


Inputs:
once the user selects the “r
ecovery” feature in the main service screen, the agent connects to the
server and gets a list of all of the applications which were backed
-
up on the server for him. The user
can manually select/unselect which applications he would like to recover.

Outputs
: a confirmation message is sent, all of the selected applications becomes re
-
installed on the
device.


This is a sketch of the applications list screen:





Manager

GUI
:


The
Manager

GUI is used by the system managers, and enables them management operat
ions, such as:

-

adding new user (manager)

-

producing reports


This is a sketch of the login screen:


Inputs: Username, password

Output: In case that the username and password were correct the main screen is presented, otherwise an
alert is shown
.


This is
a
sketch of the main screen:


Inputs: the user selects the desired action

Outputs: the desired screen is presented


This is the manager addition screen:


Inputs: username, password

Outputs: a success message


This is the reports screen:


Inputs: the use
r selects the desired report

Outputs: the report is presented


The reports










.

7

Testing


NoN
-
Functional requirements:

The following requirements that were declared on the ARD document will be checked:

Speed, Capacity & Throughput



Ninety five
percent of all backup transaction will be completed within 10
seconds.

Reliability



The system will support data recovery, including transmission
-
error
correction.

Availability



The server will be active at all times, waiting for agents requests or
notific
ations from the Threats Detection System.


In order to test the system for its ability to comply with those requirements we will build a simulation
environment that will simulate multiple connections to the server including the transmission of APK's
to/fro
m the server, the system will run for a significant time and will save relevant data such as
transmission time, response time, failed connection and so on
,

which will enable us to see if the server
comply with the demands.


The other non
-
functional requir
ements
could not

be tested as they are either subjective by nature (The
system would be extremely user
-
friendly)

or facts

that are

easy to asses
(The information sent between
the server and the agents will be encrypted
)
.


If the threat detecting software w
ill not be ready on time, we will simulate such a system.


8 Task List

ID

Title

Est.

Start
date

Est
.

Finish

Date

Description

Real
start

date

Real
Finish

date

subtasks

1

Server
Communication

1.4

15.4

Handles the connection
with the client, and with
the
manager via TCP/IP.



1) Server
protocol

2) server
Reactor

2

Manager Gui

15.4

30.4

The Manger interface for
work with the server



1. Stand
alone
interface for
managers

2. Facade

3

Server SQL

1.5

5.5

Creating a database + The
server methods which
com
municate with the sql,
these methods wrap
queries to the sql



1. Creating
a My Sql
DB

2. creating
an interface
to sql

4.

Agent

6.5

20.5

The agent installed on the
android machine.



1.GUI

2.Listener

3. Restorer

5

Prototype

In parallel

With tasks 1
-

4

Th
e Prototype consist of
partial functionality of the
system. All of the major
components will be
available. (See details in
the section 9 of this
document).




1.1

Server protocol

1.4

8.4

Parses the messages
rec
e
ived from the client or
the manager (via the

Manager Gui
)




1.2

Server reactor

9.4

15.4

Handles the connection to
different clients
simultaneously via the
Reactor design pattern




2.1

Stand alone
interface for
managers

15.4

20.4

Creating a stand alone
program to be used on
managers computers
wh
ich will have a GUI for
the manager to use and
will c
ommunicate with the
server via
Façade 2.2.




2.2

Façade

20.4

23.4

Creating a Façade that will
bridge between the
manager program (2.1)
GUI and will send the
appropriate messages to
the server.




2.3

Reports

24.4

30.4

Getting reports and
showing them to the user.




3.1

My Sql DB

1.5

3.5

Creating a DB with the
appropriate Tables and
fields




3.2

SQL Interface

4.5

5.5

Creating methods which
will wrap sql queries and
will be used to gather or



insert
information into the
db

4.1

Gui

6.5

8.5

Gui for the user of the
android




4.2

Listener

9.5

15.5

A process that runs in the
background and identify
APK installation and
communicate with the
server for backup



1.listener

2.backup
handler

4.2.1

List
ener

9.5

12.5

A process that runs in the
background and identify
APK's Installations.




4.2.2

Backup handler

13.5

15.5

Han
dles the
communication with ser
ver
and backup of APKs'




4.3

Restorer

16.5

20.5

Handles

the restoration of
APK's from the server





9

Prototype


The prototype of the project will contain the major components of the project:

The server will have full functionality, meaning that the MySql DB will be available,

and the
server will be able to handle requests from users.


Besides the se
rver the prototype will enable:



Backup:

The prototype application will

support full scenario of installation
detection by the agent: the ag
ent will detect an installation
intent, and send
the apk to the server in order to backup, and associate it with the u
ser
backup
-
list.



Recovery:

The agent will ask for restoration of an apk that is stored on the
server.

At this stage the application recovery request will be hard coded
(meaning that the user will not be able to ask for a recovery list from the
server and s
elect the desired apks from it).



Gui:



a. Management Gui
-

there will be a simple report presenting what




applications had been backedup and for which users.



b. Agent Gui


All of the Gui screens will exist, but some will have deprecated



fu
nctionality.