Update paper references in README

Dockerfile

@@ -22,7 +22,7 @@ RUN apt-get update && \
 # Define JAVA_HOME environment variable
 ENV JAVA_HOME /usr/lib/jvm/java-8-oracle
 
-# Copy SSL certificates (only when enabling SSL on the server).
+# Copy SSL certificates (only when enabling SSL on the server)
 # COPY riskindroid.pem /etc/ssl/
 
 # Setup Nginx

README.md

@@ -11,27 +11,46 @@
 * Gradient Boosting (GB)
 * Logistic Regression (LR)
 
-Unlike other tools, **RiskInDroid** doesn't consider only the permissions declared into apps' manifest, but carries out reverse engineering on the apps to retrieve the bytecode and then infers (through static analysis) which permissions are actually used and which not, extracting in this way 4 sets of permissions for every analyzed app:
-* Declared permissions - extracted from app's manifest
-* Exploited permissions - declared and actually used inside bytecode
-* Ghost permissions - not declared but with usages inside bytecode
-* Useless permissions - declared but never used inside bytecode
-
-From the above sets of permissions (and considering only the official list of Android permissions), feature vectors (made by `0`s and `1`s) are built and given to the classifiers, which then compute a risk value. The precision and the reliability of **RiskInDroid** are empirically tested on a dataset made of more than 6K malware samples and 112K apps.
-
-Further information can be found in this [paper](https://github.com/ClaudiuGeorgiu/RiskInDroid/blob/master/RiskInDroid_paper.pdf) ([citation](https://github.com/ClaudiuGeorgiu/RiskInDroid/blob/master/DESCRIPTION.md#citation)).
+Unlike other tools, **RiskInDroid** does not take into consideration only the permissions declared into the app manifest, but carries out reverse engineering on the apps to retrieve the bytecode and then infers (through static analysis) which permissions are actually used and which not, extracting in this way 4 sets of permissions for every analyzed app:
+* Declared permissions - extracted from the app manifest
+* Exploited permissions - declared and actually used in the bytecode
+* Ghost permissions - not declared but with usages in the bytecode
+* Useless permissions - declared but never used in the bytecode
+
+From the above sets of permissions (and considering only the official list of Android permissions), feature vectors (made by `0`s and `1`s) are built and given to the classifiers, which then compute a risk value. The precision and the reliability of **RiskInDroid** have been empirically tested on a dataset made of more than 6K malware samples and 112K apps.
+
+### Publication
+
+More details about **RiskInDroid** can be found in the paper "[RiskInDroid: Machine Learning-based Risk Analysis on Android](https://github.com/ClaudiuGeorgiu/RiskInDroid/blob/master/RiskInDroid_paper.pdf)" ([official pubblication link](https://link.springer.com/chapter/10.1007/978-3-319-58469-0_36)). You can cite the paper as follows:
+
+> A. Merlo, G.C. Georgiu. "RiskInDroid: Machine Learning-based Risk Analysis on Android", in *Proceedings of the 32nd International Conference on ICT Systems Security and Privacy Protection* ([IFIP-SEC 2017](http://www.ifipsec.org/)).
+
+```TeX
+@Inbook{RiskInDroid,
+  author="Merlo, Alessio and Georgiu, Gabriel Claudiu",
+  editor="De Capitani di Vimercati, Sabrina and Martinelli, Fabio",
+  title="RiskInDroid: Machine Learning-Based Risk Analysis on Android",
+  bookTitle="ICT Systems Security and Privacy Protection: 32nd IFIP TC 11 International Conference, SEC 2017, Rome, Italy, May 29-31, 2017, Proceedings",
+  year="2017",
+  publisher="Springer International Publishing",
+  pages="538--552",
+  isbn="978-3-319-58469-0",
+  doi="10.1007/978-3-319-58469-0_36",
+  url="https://doi.org/10.1007/978-3-319-58469-0_36"
+}
+```
 
 ### Demo
 
-If you want to quickly see the tool in action, you can visit [this link](http://46.101.119.244/) where you can browse the full experimental results and calculate the risk of other apps, otherwise continue reading for instructions on how to install it on your own computer. Below you can see a screenshot of **RiskInDroid**:
+If you want to quickly see the tool in action, visit [https://www.riskindroid.com](https://www.riskindroid.com) to browse the full experimental results and calculate the risk of other apps, otherwise continue reading for instructions on how to install it on your own computer. Below you can see a screenshot of the live demo of **RiskInDroid**:
 
 ![Screenshot](screenshot.png)
 
 
 
 ## Usage
 
-There are two ways of getting a working copy of **RiskInDroid** on your own computer: either by using Docker or by using a Python 3 environment. In both cases, the first thing to do is to get a local copy of this repository, so open up a terminal in the directory where you want to save the project and clone the repository:
+There are two ways of getting a working copy of **RiskInDroid** on your own computer: either by using Docker or by using a `Python 3.5` environment. In both cases, the first thing to do is to get a local copy of this repository, so open up a terminal in the directory where you want to save the project and clone the repository:
 
 ```Shell
 # This could take quite a lot of time since the repository contains a 25 MB compressed database
@@ -50,9 +69,15 @@ $ docker run -p 8080:80 riskindroid
 # Now open http://localhost:8080/ in your browser
 ```
 
+The live demo at [https://www.riskindroid.com](https://www.riskindroid.com) is just a Docker container deployed with the following command:
+
+```Shell
+$ docker run -d --restart=always -p 80:80 -p 443:443 -v "$PWD/app/upload":/var/www/app/upload/ riskindroid
+```
+
 #### Using Python
 
-This method was tested and works on Ubuntu 16.04. Python 3 and Java must be installed on your computer, optionally you can install `p7zip-full` in order to extract the database archive automatically, but this can also be done manually by using any other compatible tool to extract the content of `RiskInDroid/app/database/permission_db.7z` in the `RiskInDroid/app/database` directory. Make sure to execute the following commands in the previously created `RiskInDroid` directory:
+This method was tested and works on Ubuntu 16.04. `Python 3.5` and Java must be installed on your computer, optionally you can install `p7zip-full` in order to extract the database archive automatically, but this can also be done manually by using any other compatible tool to extract the content of `RiskInDroid/app/database/permission_db.7z` in the `RiskInDroid/app/database` directory. Make sure to execute the following commands in the previously created `RiskInDroid` directory:
 
 ```Shell
 # If not using virtualenv (https://virtualenv.pypa.io/), skip the next 2 lines