Steven Arzt
ABSTRACT
Smartphone users suffer from insufficient information on how commercial as well as malicious apps handle sensitive data stored on their phones. Automated taint analyses address this problem by allowing users to detect and investigate how applications access and handle this data. A current problem with virtually all those analysis approaches is, though, that they rely on explicit models of the Android runtime library. In most cases, the existence of those models is taken for granted, despite the fact that the models are hard to come by: Given the size and evolution speed of a modern smartphone operating system it is prohibitively expensive to derive models manually from code or documentation.
In this work, we therefore present StubDroid, the first fully automated approach for inferring precise and efficient library models for taint-analysis problems. StubDroid automatically constructs these summaries from a binary distribution of the library. In our experiments, we use StubDroid-inferred models to prevent the static taint analysis FlowDroid from having to re-analyze the Android runtime library over and over again for each analyzed app. As the results show, the models make it possible to analyze apps in seconds whereas most complete re-analyses would time out after 30 minutes. Yet, StubDroid yields comparable precision. In comparison to manually crafted summaries, StubDroid's cause the analysis to be more precise and to use less time and memory.
- S. Arzt, S. Rasthofer, C. Fritz, E. Bodden, A. Bartel, J. Klein, Y. Le Traon, D. Octeau, and P. McDaniel. Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. In Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, page 29. ACM, 2014. Google Scholar
Digital Library
- W. Enck, P. Gilbert, B. gon Chun, L. P. Cox, J. Jung, P. McDaniel, and A. Sheth. Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In OSDI, pages 393--407, 2010. Google ScholarDigital Library
- Y. Feng, S. Anand, I. Dillig, and A. Aiken. Apposcopy: Semantics-based detection of android malware. Technical report, Stanford University, 2013. submitted for publication.Google Scholar
- A. P. Fuchs, A. Chaudhuri, and J. S. Foster. Scandroid: Automated security certification of android applications. Manuscript, Univ. of Maryland, http://www.cs.umd.edu/avik/projects/scandroidascaa, 2(3), 2009.Google Scholar
- M. I. Gordon, D. Kim, J. Perkins, L. Gilham, N. Nguyen, and M. Rinard. Information-flow analysis of android applications in droidsafe. In Proc. of the Network and Distributed System Security Symposium (NDSS). The Internet Society, 2015.Google ScholarCross Ref
- W. Huang, Y. D. A. Milanova, and J. Dolby. Scalable and precise taint analysis for android. Technical report, Technical report, Department of Computer Science, Rensselaer Polytechnic Institute, 2015.Google Scholar
- International Data Corporation. Worldwide quarterly mobile phone tracker 3q12, Nov. 2012. http://www.idc.com/tracker/showproductinfo.jsp?prod\_id=37.Google Scholar
- J. Kim, Y. Yoon, K. Yi, and J. Shin. ScanDal: Static analyzer for detecting privacy leaks in android applications. In H. Chen, L. Koved, and D. S. Wallach, editors, MoST 2012: Mobile Security Technologies 2012, Los Alamitos, CA, USA, May 2012. IEEE.Google Scholar
- D. King, B. Hicks, M. Hicks, and T. Jaeger. Implicit flows: Can't live with 'em, can't live without 'em. In R. Sekar and A. Pujari, editors, Information Systems Security, volume 5352 of Lecture Notes in Computer Science, pages 56--70. Springer Berlin Heidelberg, 2008. Google ScholarDigital Library
- P. Lam, E. Bodden, O. Lhoták, and L. Hendren. The soot framework for java program analysis: a retrospective. In Cetus Users and Compiler Infastructure Workshop (CETUS 2011), 2011.Google Scholar
- G. T. Leavens, A. L. Baker, and C. Ruby. Jml: A notation for detailed design. In Behavioral specifications of Businesses and Systems, pages 175--188. Springer, 1999.Google ScholarCross Ref
- S. Lortz, H. Mantel, A. Starostin, T. Bähr, D. Schneider, and A. Weber. Cassandra: Towards a certifying app store for android. In Proceedings of the 4th ACM Workshop on Security and Privacy in Smartphones & Mobile Devices, pages 93--104. ACM, 2014. Google ScholarDigital Library
- L. Lu, Z. Li, Z. Wu, W. Lee, and G. Jiang. Chex: Statically vetting android apps for component hijacking vulnerabilities. In Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS '12, pages 229--240, New York, NY, USA, 2012. ACM. Google ScholarDigital Library
- N. A. Naeem and O. Lhoták. Faster alias set analysis using summaries. In J. Knoop, editor, Compiler Construction, volume 6601 of Lecture Notes in Computer Science, pages 82--103. Springer Berlin Heidelberg, 2011. Google ScholarDigital Library
- T. Reps, S. Horwitz, and M. Sagiv. Precise interprocedural dataflow analysis via graph reachability. In POPL '95, pages 49--61, 1995. Google ScholarDigital Library
- A. Rountev, M. Sharp, and G. Xu. Ide dataflow analysis in the presence of large object-oriented libraries. In L. Hendren, editor, Compiler Construction, volume 4959 of Lecture Notes in Computer Science, pages 53--68. Springer Berlin Heidelberg, 2008. Google ScholarCross Ref
- M. Sagiv, T. Reps, and S. Horwitz. Precise interprocedural dataflow analysis with applications to constant propagation. In TAPSOFT '95, pages 131--170, 1996. Google ScholarDigital Library
- M. Sridharan, S. Artzi, M. Pistoia, S. Guarnieri, O. Tripp, and R. Berg. F4f: Taint analysis of framework-based web applications. In Proceedings of the 2011 ACM International Conference on Object Oriented Programming Systems Languages and Applications, OOPSLA '11, pages 1053--1068, New York, NY, USA, 2011. ACM. Google ScholarDigital Library
- O. Tripp, M. Pistoia, P. Cousot, R. Cousot, and S. Guarnieri. Andromeda: Accurate and scalable security analysis of web applications. In FASE 2013, pages 210--225, 2013. Google ScholarDigital Library
- M. Zhang and H. Yin. Appsealer: Automatic generation of vulnerability-specific patches for preventing component hijacking attacks in android applications. Proceedings of the 21st Network and Distributed System Security (NDSS) Symposium, 2014.Google ScholarCross Ref
- Y. Zhou and X. Jiang. Dissecting android malware: Characterization and evolution. In SP '12, pages 95--109, Washington, DC, USA, 2012. IEEE Computer Society. Google ScholarDigital Library
- H. Zhu, T. Dillig, and I. Dillig. Automated inference of library specifications for source-sink property verification. In C.-c. Shan, editor, Programming Languages and Systems, volume 8301 of Lecture Notes in Computer Science, pages 290--306. Springer International Publishing, 2013. Google ScholarDigital Library
Index Terms
- StubDroid: automatic inference of precise data-flow summaries for the android framework
Recommendations
Rethinking Soot for summary-based whole-program analysis
SOAP '12: Proceedings of the ACM SIGPLAN International Workshop on State of the Art in Java Program analysisWhole-program static analysis has been extensively studied and widely used in the past few decades. For modern object-oriented programs, scalability has become an important issue for using whole-program analysis in real-world tools. In addition, the ...
JN-SAF: Precise and Efficient NDK/JNI-aware Inter-language Static Analysis Framework for Security Vetting of Android Applications with Native Code
CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications SecurityAndroid allows application developers to use native language (C/C++) to implement a part or the complete program. Recent research and our own statistics show that native payloads are commonly used in both benign and malicious apps. Current state-of-the-...
Relda2: an effective static analysis tool for resource leak detection in Android apps
ASE '16: Proceedings of the 31st IEEE/ACM International Conference on Automated Software EngineeringResource leak is a common bug in Android applications (apps for short). In general, it is caused by missing release operations of the resources provided by Android (like Camera, Media Player and Sensors) that require programmers to explicitly release ...
Comments