zafodB/2021-GSOC.md

## 2021-GSOC.md

      
    Raw
  

              2021-GSOC.md
            
          
    Google Summer of Code 2021 with HosTaGe

Written on 19 August 2021 by Filip Adamík
Introduction

A honeypot is a system that acts as a trap for cyber-attackers by simulating a real system. It contains no useful data
for the attacker but is closely monitored and analysed by its operators. HosTage is an Android implementation of a
honeypot that provides emulation of several network protocols. It has been developed jointly by Aalborg University
(Denmark) and Technische Universität Darmstadt (Germany) and is a part of the Honeynet Project.
GSOC'21

In the 2021 edition of GSOC, the focus was put on addressing several outdated aspects of the application. It was
necessary to adapt the code to changes in the latest Android APIs to improve the usability and stability, but also to
allow HosTage to be re-listed on Google Play Store, after it was removed in February 2021.
My main contributions were in the areas of UI changes, Location permission and Log storage.
UI Changes and Dark Mode

In the state before GSOC started, the app supported dark mode partially and inconsistently. This resulted in some text
being illegible if the device used a dark theme. Furthermore, some elements of
the user interface were outdated, did not scale properly, or were unusable.
Several of my contributions addressed this. I have replaced the code behind a scrollable list of emulation profiles.
I have replaced several custom buttons and layouts with their respective out-of-the-box versions (such as the date and
time pickers, action buttons, switches...) I have adopted a more consistent style scheme, defining primary accent, and
several supporting colours. I have then applied this style scheme uniformly across both Light and Dark themes.
Location Permissions

Android 11 introduces several changes to how applications can request access to the device location.
My contributions include a reworked approach to requesting location permission from the user and providing the location
to various app components. This new approach supports both older and newer API versions.
Log Storage

One of the features of the app is the export of network logs, captured in a PCAP format. The user should be able to
turn this feature on or off and select the output location of these logs. This was not working as intended and logs
were always written to the same hard-coded location on devices with newer Android versions.
My work addresses this. Allowing the user to select the log output location reliably, regardless of their Android version,
required a completely new approach to save the PCAP logs. The improved logging code includes changes to obtaining
storage permissions from the user, as well as changes to how the logs are captured with tcpdump and moved to the desired
output folder.
Conclusion

GSOC'21 was an amazing learning journey. I certainly improved my command of Java and Android and
I hope the code produced in these three months will be put to good use.
A new HosTaGe release has been published in the project's repository
on GitHub and the application was submitted to Google Play Store. It is undergoing review at the time
of writing.
After a late-summer break, I plan to return to HosTaGe and tackle the next challenges,
further improving the code quality and hopefully implementing a new monitoring protocol. As the Android platform keeps
evolving, there will certainly be enough work for us to do!
I would like to extend my warmest thanks to my mentors Shreyas Srinivasa and
Emmanouil Vasilomanolakis for their kind and thoughtful guidance.

Pull requests

The following pull requests summarise my work on HosTaGe during GSOC'21. They represent my ~115 commits between
25 May 2021 and 18 August 2021.
Major changes


Replace old swipelistview in the Profile selector fragment with RecyclerView: #169
Adopt Dark mode and optimise UI accessibility: #174 and #202
Adjust Location permission flow and Storage permission flow: #177
Rework and optimise saving of PCAP logs on rooted devices: #203

Bug fixes and smaller changes


App crash when protocols are not initialised: #173
App crash when user clicked on Attacks on the Home fragment: #190
Replace Toasts with Snackbars: #188 and #204
App crash when user turned on monitoring before the app was fully initialised: #199
App crash when an attack is detected: #201

Formatting, code quality and housekeeping


Update library versions: #166
Extract Strings: #168
Remove generic exceptions, adjust profiles, code formatting: #186
Fix typos in code and comments (this was my first contribution!): #159
Replace checkboxes in settings with switches: #206
Remove obsolete, unused code: #198, #204 and #207

Commits


04d695b491ce48cbc1a4055b0a7b73801909ce9e
a7bdaa13ddeed4f2e0166624e76e235cf6e0e448
0d8514021becdb81a30d5a584d11b8721865e1ef
a54a3ad8c76828eba3e08ad1f4acc58a089c1222
965246eff51a6c4c345d7dee46a4b824cd5d2217
906f14b2698994f983a6231a944fc20cfe66fe51
281a097d8d1bbfc46ed0b9d8f1dce2aa7c28b4a6
ffaffafbcb82fbf65a7a6f81f47fee9604528705
ee90bba18ba18692f461f313d0cd6b72a1e451a3
1d3f3b73ecab2942675930a5145595314d23fa9a
5e7454ec10548b92aa32fa43ed37a586565b9103
dbea58c127b308496c2344d41b6b4c3f1335427b
5834d81f0f35f420fc65b95d18c9c5be8aebee0a
99daa3abde663cde8656cce56e234e087b00f257
db7dfa363aec18f8be549a0c50d8e0e8880625ff
892079436d92c452926a596f0b7cca1891247254
bc526f07433170d3ceb27848faa4bbe9e1f7886f
5822efeada6f9ce1d1b0ed6d0849ef63e6aedfb6
daeb17e0a20a578ca9e2f7c11eb140992d8bd24c
470bb99abffc246f70374a4ad0f2de96239dca77
90750a20fe06c360c236c4a261a1e09b708c167d
94d3251a3a1377883d3feb31b6bff8bd6be1329c
f8ecfa005764f0fe216bee1ebb8162c5df59c237
3717604b39a9a137148801daa5034bc5ebc6407b
b277e92a542e8fe3952fc290f55457b3ba87b37c
f239ddd177caee659366ed5ef4cece584c605d76
f2e30b79d9f91004ddd8d7832af36a88bdfee788
73f8681102b525b263d2444acd39e4fcbf27e59b
114380fc01fcef00b3db944e66fdeae03ce9ba30
111faef4848788ef70fcaab92a97ccc4149039d8
7966a586dfeef7861919e534e117dc05857c708f
c06e134d55c674df59d607874e8481a0966ee4ad
b41a935e5241ccdd240fa6cfcc7a3b0d22da7542
d4ae044a4801210be43312a13bec0aa62deb317d
59f9a3cd9e15735c32a70b03173cb829789f8b20
0f60c0e8a8337c382b2cdb847ccb3670a0c442e7
5c8340fd45fd35794a291fac8ac88ba1f82d27e3
655a9d374edca98989a11d48486c1b850fd59b01
ffd31c607861fe3807fc5ddc2e5d38ed4e64d4a2
2432f11b67af0b36b1d3a71dcc9d07585b92ec8d
e2572b081596c4c9c58de4ba1d6a02edf4c00d91
ea2d95d3bec30685ac522cf9ab077dca8a195577
8de396988228a693cca44d505356147ee3f09374
512267f34d2d214042fc1ee3a04bed9110158d8b
6c2ce16baeac5f4bd7bbe61ee619673c54fe8846
ac1aeb4b39b207212a36b3a86d3f5ab630294522
05a6e2af82d3c5089207ec3b0224cc7cfbcba651
f11eb49a3a1b426a0806a11302dfe1c29ae973b9
13fa8aacb2b1734d5145b8ec5d83d7bac157e9c6
6ad68777e6fb98fd10375558b839a36c8bf2f10a
2bd498354db963103e609de605dc103de115eb1f
5920125d94abab33551f317981357c193e6da0d9
e7ef243575e34def3a5af7edebb20ae675f80fea
c70c22bd066693bab53e1362311a77414e58c115
284760b082e2e81e652db4072a30c1e6d87f384c
21ae072db4bcfac14760612afce1fa69a42b5e4e
88e81d30fffb28a23e7f18b6bcde604d32ef456c
5495d60597eae3b19463a5f5320a9f7bdf62fcdf
e5e2a8ba7fdc8e1c249687a39157b5a33ebc66ee
92e2ea49e71d7d3a47539bef2e69f7dd6af753b8
d86cb154d4db801048bb93fd3fbb0a4fc8a7d24e
fb7c6f772395e3b1d05cb11166f7ac0fbf8111c9
c0dda70f7cb236f13fa87c06903af8899d56e7a6
b20c8d1396b546848140a8ccfe99e7c4183aa6f3
1097c145d3272ae29c4deb14711683fe13f3b967
ae1e04921b61d7d122dde85cbd023bd1736f22d8
55b250461ac43bae035b3be3f9494244dbc2d5ed
705311d0a058c8e57b7cb884117e58a92ee092e1
827be2f8b365cdbd350136510ef00d58c2daaae9
1061ab16a64d9be13a5f1576524e262eaddfe4fc
9900ef739b04c1afbe3afe8bf4bf8bfc1383f125
62c6af74b2d38c8800b2489c34c326fd9ed29e0e
8a918f23689abe42449131fb2e75f8cd9f779992
8f43605a2cbadbfc91767b32142fc5bf3af02cd6
ee3adbcf5e2489ab54441ba10d220ae9c7d17f72
f641fa7712b9a23e6f3ca47c646c641970bb8c14
08663ac6dfc74f8ccf0e42949f9fdc2d6ab87dba
e4bd39aa3d27df3947a3bd9c5632ddbfd881ccf5
8abdd4a455d91d563c9b47194305d92d5f966c01
b030ce59e0cc26a8b5c0b10c17761b2430ccd0b4
5c88602f5df96a91b27c7100e2f3117fc2c0cff8
5d124973d11bb5bba49e5e866da4a801e1321e9b
366dcd837b1e9eb9e8c97d543e9709f9cc0d55da
6d7cd9c693e2b28b939d0e819bff8ea03803c5d7
b2e896e27f28fbdcf2b7c0074169d68cf0091b41
144add1453f9861adda792cbe314e905db428b67
ddd44a0c8af093a0e39f58ebc4ab152ac98b1a66
a22cf168ba36d53b3a8b6f7e7df6e05477a0c10b
a4fdc95c62d8e3b68f216a7b690059b23a2cf4d6
5b01e002ad074545c3701e1fd20aa9aca7f6c0a1
c401e12c26f90fd3b1cd1442918a94c8ea177eb4
a47df2ca053899161996a746316cd495cc6205c5
0cc89da3bfa971d06adfbdcce6657cf744588110
f445eb5a16bfdb80dd2a2bba232b4ffb77a2303a
b9df6fdd36830c8e55ca140691f18dab118d76c8
6b8d7d5cdbd6834f4f9e2d0f956b40ade99f039e
e765b895025721046f5edbb35838c024398f7254
897b8e91c2ba098d7513cfc44741d9984caa2599
461529a483e6277ba064a4ab86319ea05205359c
a81df58a6b14bc9abf4a403dd1a1e510d88d6eac
7cabdd105259e7b11ab21c005e98e4ec0e1f4d0c
7a4e4f801578641c9b778ab64f9b43e7477f8704
8d7588abe66cf78db40cfd7c1595db611fd8998f
2388ece9f90c685a93802d7787dbc50692468819
c958f22d2b859b614999931e7fea82d7288c0f87
464596f5abe58b3fb7e5579ca16e74f1dec01cb8
e126085063a7d6b4aebb9e18bbda43bfb83c0967
c1c22c38460467bd69c7ae2a9bfe90ffd64d2509
1241a3831a336f9df070c7c1085f597e7f7b4763
6d5b4c1b80b61a1fdbe922b0e3e43e010b957dcb
b972a3e4c5c6822e14d3a2f7ebe4619190bbf19c
e2038a72b8c18f9a961e4f020e34a615b0a109d2
7418180f45e8053cc0c467c85dabbcc6e983e8c0
8b68d2d4dcf599c1285d70703c1d97224d60f8dd
a72aa3f329a63cd6e5d17b9ae1a93774b66497c3
8713a12c08bac7bfa2d4f013b7a6e21ae19aaf66
445fd75d947443a5db56fbe709b180af1fbfea55


## ic_launcher.png

      
    Raw
  

              ic_launcher.png