Ripple: Reflection Analysis for Android Apps in Incomplete Information Environments
Size: px
Start display at page:

Download "Ripple: Reflection Analysis for Android Apps in Incomplete Information Environments"

Transcription

1 Ripple: Reflection Analysis for Android Apps in Incomplete Information Environments Yifei Zhang, Tian Tan, Yue Li and Jingling Xue Programming Languages and Compilers Group University of New South Wales March 30, 2017

2 How do static Android security analyses work? 2

3 Android Apps Security Analysis dex Files Intermediate Represetations Call Graph Android Manifest Layout Files Intent Filters Callbacks... Decompilation Inter-procedural Control-flow Graph Pointer Analysis Resources Files File Extraction 3

4 Android Apps Security Analysis dex Files Intermediate Represetations Call Graph Android Manifest Layout Files Intent Filters Callbacks... Decompilation Inter-procedural Control-flow Graph Pointer Analysis Resources Files File Extraction 4

5 Android Apps Security Analysis dex Files Intermediate Represetations Call Graph Android Manifest Layout Files Intent Filters Callbacks... Decompilation Inter-procedural Control-flow Graph Pointer Analysis Resources Files File Extraction 5

6 Android Apps Security Analysis dex Files Intermediate Represetations Call Graph Android Manifest Layout Files Intent Filters Callbacks... Decompilation Inter-procedural Control-flow Graph Pointer Analysis Resources Files File Extraction ICSE CCS Usenix Security PLDI ASE FSE CCS NDSS POPL FSE Taint Analysis, API Misuse Analysis, Intent Injection Detection... 6

7 Taint Analysis: Goal Sensitive Data Sources User Identity, Private Information Data-flows Sinks Internet, Log Files 7

8 Taint Analysis: Method Enter main Enter foo Call foo Return foo Exit foo Exit main 8

9 Taint Analysis: Method Enter main Source Enter foo Call foo Sink Return foo Exit foo Exit main 9

10 Reflection: An Obstacle of Security Analysis Enter main Source method.invoke(o, args) Exit main 10

11 Reflection: An Obstacle of Security Analysis Enter main Source Arguments method.invoke(o, args) Method Meta-object Receiver Object Exit main 11

12 Reflection: An Obstacle of Security Analysis Enter main Source method.invoke(o, args) Enter bar Method bar Return bar Sink Exit main Exit bar 12

13 Reflection: An Obstacle of Security Analysis Enter main Source method.invoke(o, args) Enter bar Method bar Return bar Sink Exit main Exit bar 13

14 Ripple: Static Reflection analysis for Android Apps Enter main Source method.invoke(o, args) Enter bar Taint Analysis, API Misuse Analysis, Intent Injection Detection... Method bar Exit main Return bar Sink Exit bar Ripple ICSE CCS Usenix Security PLDI ASE FSE CCS NDSS POPL FSE 14

15 Backgrounds of Reflection 15

16 What is reflection? A dynamic programming language feature Enable developers to create objects and invoke methods by their names 16

17 Why Do We Use Reflection? A dynamic programming language feature Enable developers to create objects and invoke methods by their names Intensively being used to Provide plugin and external library support Invoke hidden APIs 17

18 Goals of Static Reflection Analysis Static reflection Analysis aims to Find reflective call targets: the type of the objects and methods being reflectively created and invoked 18

19 Goals of Static Reflection Analysis Static reflection Analysis aims to Find reflective call targets: the type of the objects and methods being reflectively created and invoked Enter main Source method.invoke(o, args) Enter bar Method bar Return bar Sink Exit bar Exit main Ripple 19

20 State-of-the-art Reflection Analysis for Android: String Constant Resolution Method: Using constant class and method names 20

21 State-of-the-art Reflection Analysis for Android: String Constant Resolution Method: Using constant class and method names Weakness The nature of reflection: providing flexibility. Sting constants do not always present Obfuscation: encrypted class and method names 21

22 Insight: Incomplete Information Environments (IIE) IIEs cause missing data-flows, which exacerbates static reflection analysis Undetermined Intents Unresolved Containers Sources of IIEs Behavior-Unknown Libraries Unmodeled Services IIE-Aware Reflection Analysis String Constant Reflection Resolution Type Inference Reflection Resolution Client Analyses 22

23 Insight: Incomplete Information Environments (IIE) IIEs cause missing data-flows, which exacerbates static reflection analysis Undetermined Intents Unresolved Containers Sources of IIEs Behavior-Unknown Libraries Unmodeled Services IIE-Aware Reflection Analysis String Constant Reflection Resolution Type Inference Reflection Resolution Client Analyses 23

24 Methodology An example to illustrate how Ripple works 24

25 Ripple: IIE-aware Reflection Analysis 1 String mname = getintent().getstringextra("methodname"); 2 Method logmtd = Log.class.getMethod(mName, String.class, String.class); 3 String tag = "..."; 4 String msg = "..."; 5 logmtd.invoke(null, tag, msg); } } 25

26 Ripple: IIE-aware Reflection Analysis IIE 1 String mname = getintent().getstringextra("methodname"); 2 Method logmtd = Log.class.getMethod(null, String.class, String.class); 3 String tag = "..."; 4 String msg = "..."; 5 logmtd.invoke(null, tag, msg); } } 26

27 Ripple: IIE-aware Reflection Analysis Method { Class Type: Log Name: Unknown } IIE 1 String mname = getintent().getstringextra("methodname"); 2 Method logmtd = Log.class.getMethod(null, String.class, String.class); 3 String tag = "..."; 4 String msg = "..."; 5 logmtd.invoke(null, tag, msg); } } 27

28 Ripple: IIE-aware Reflection Analysis Method { Class Type: Log Name: Unknown } Static (String, String) IIE 1 String mname = getintent().getstringextra("methodname"); 2 Method logmtd = Log.class.getMethod(null, String.class, String.class); 3 String tag = "..."; 4 String msg = "..."; 5 logmtd.invoke(null, tag, msg); } } 28

29 Ripple: IIE-aware Reflection Analysis Method { Class Type: Log Name: Unknown } Static (String, String) IIE 1 String mname = getintent().getstringextra("methodname"); 2 Method logmtd = Log.class.getMethod(null, String.class, String.class); 3 String tag = "..."; 4 String msg = "..."; 5 logmtd.invoke(null, tag, msg); } } 1 public class Log { 2 public static int i(string tag, String msg) {} 3 public static int d(string tag, String msg) {} 4 public static int w(string tag, String msg) {} 5 public static int e(string tag, String msg) {} 6 public static int v(string tag, String msg) {} 7 public static int wtf(string tag, String msg) {} Other 11 methods... } 29

30 Ripple: IIE-aware Reflection Analysis Method { Class Type: Log Name: Unknown } Static (String, String) IIE 1 String mname = getintent().getstringextra("methodname"); 2 Method logmtd = Log.class.getMethod(null, String.class, String.class); 3 String tag = "..."; 4 String msg = "..."; 5 logmtd.invoke(null, tag, msg); } } 1 public class Log { 2 public static int i(string tag, String msg) {} 3 public static int d(string tag, String msg) {} Sink 4 public static int w(string tag, String msg) {} Calls 5 public static int e(string tag, String msg) {} 6 public static int v(string tag, String msg) {} 7 public static int wtf(string tag, String msg) {} Other 11 methods... } 30

31 Ripple: IIE-aware Reflection Analysis Method { Class Type: Log Name: Unknown } Static (String, String) IIE 1 String mname = getintent().getstringextra("methodname"); 2 Method logmtd = Log.class.getMethod(null, String.class, String.class); 3 String tag = "..."; 4 String msg = "..."; 5 logmtd.invoke(null, tag, msg); } } 1 public class Log { 2 public static int i(string tag, String msg) {} 3 public static int d(string tag, String msg) {} Sink 4 public static int w(string tag, String msg) {} Calls 5 public static int e(string tag, String msg) {} 6 public static int v(string tag, String msg) {} 7 public static int wtf(string tag, String msg) {} Other 11 methods... } In one of the top-chart Android app named Twist, resolving logmtd.invoke() causes 12 more data leaks to be reported by FlowDroid. 31

32 Implementation & Evaluation 32

33 Implementation Ripple is built upon SOOT analysis framework Ripple works with SPARK pointer analysis Most significant reflective APIs that affect the static analysis are handled Entry methods: Class.forName() Member-instrospecting Methods: Method.getMethod(), Method.getDeclaredMethod(), Method.getMethods(), and Method.getDeclaredMethods() Side-effect methods: Class.newInstance(), Method.invoke() 33

34 Evaluation: Precision Real-world Apps: 17 top-chart Android apps from Google Play 34

35 Evaluation: Precision Real-world Apps: 17 top-chart Android apps from Google Play Ripple: 232 true targets with a low false positive rate 21.9% String inference: 160 true targets A net gain of 72 true targets are yielded and thus a 45% increase in soundness on reflection analysis 35

36 Evaluation: Effectiveness Integrate Ripple into FlowDroid, a taint analysis framework for Android apps More sound callgraph: 13 out of the 17 apps being evaluated Data leaks detected: 310 more sensitive data leakages are detected by FlowDroid 36

37 Android Security Analyses: A Revisit 37

38 Revisit Android Apps Security Analysis dex Files Intermediate Represetations Call Graph Android Manifest Layout Files Intent Filters Callbacks... Decompilation Inter-procedural Control-flow Graph Pointer Analysis Resources Files File Extraction Taint Analysis, API Misuse Analysis, Intent Injection Detection... 38

39 Revisit Android Apps Security Analysis dex Files Intermediate Represetations Call Graph Android Manifest Layout Files Intent Filters Callbacks... Decompilation Inter-procedural Control-flow Graph Pointer Analysis Ripple Resources Files File Extraction Taint Analysis, API Misuse Analysis, Intent Injection Detection... 39

40 Yifei Zhang Mail: Homepage: cse.unsw.edu.au/~yzhang Open source program analysis tools on Java, C and C++ shared by our group can be found at cse.unsw.edu.au/~jingling/tools.html

Similar documents

arxiv: v1 [cs.cr] 16 Dec 2016

arxiv: v1 [cs.cr] 16 Dec 2016 This is an extended version of Yifei Zhang, Tian Tan, Yue Li and Jingling Xue, Ripple: Reflection Analysis for Android Apps in Incomplete Information Environments, CODASPY 17. Ripple: Reflection Analysis

More information

Ripple: Reflection Analysis for Android Apps in Incomplete Information Environments

Ripple: Reflection Analysis for Android Apps in Incomplete Information Environments Ripple: Reflection Analysis for Android Apps in Incomplete Information Environments Yifei Zhang, Tian Tan, Yue Li and Jingling Xue School of Computer Science and Engineering, UNSW Australia ABSTRACT Despite

More information

Ripple: Reflection analysis for Android apps in incomplete information environments

Ripple: Reflection analysis for Android apps in incomplete information environments Received: 20 November 2017 Revised: 21 February 2018 Accepted: 5 March 2018 DOI: 10.1002/spe.2577 EXTENDED CONFERENCE PAPER Ripple: Reflection analysis for Android apps in incomplete information environments

More information

Interactively Verifying Absence of Explicit Information Flows in Android Apps

Interactively Verifying Absence of Explicit Information Flows in Android Apps Interactively Verifying Absence of Explicit Information Flows in Android Apps Osbert Bastani, Saswat Anand, and Alex Aiken Stanford University OOPSLA 2015 Problem Google Play Store > 1 million apps on

More information

Tackling runtime-based obfuscation in Android with TIRO

Tackling runtime-based obfuscation in Android with TIRO Tackling runtime-based obfuscation in Android with Michelle Wong and David Lie University of Toronto Usenix Security 2018 Android malware and analysis Mobile devices are a valuable target for malware developers

More information

Detecting Advanced Android Malware by Data Flow Analysis Engine. Xu Hao & pll

Detecting Advanced Android Malware by Data Flow Analysis Engine. Xu Hao & pll Detecting Advanced Android Malware by Data Flow Analysis Engine Xu Hao & pll 2013.09 Content Background adfaer - Android Data Flow Analyzer Janus - Detect Reflection Experiment Future Work Android Security

More information

Collaborative Verification of Information Flow for a High-Assurance App Store

Collaborative Verification of Information Flow for a High-Assurance App Store Collaborative Verification of Information Flow for a High-Assurance App Store Michael D. Ernst, René Just, Suzanne Millstein, Werner Dietl*, Stuart Pernsteiner, Franziska Roesner, Karl Koscher, Paulo Barros,

More information

Information-Flow Analysis of Android Applications in DroidSafe

Information-Flow Analysis of Android Applications in DroidSafe Information-Flow Analysis of Android Applications in DroidSafe Michael I. Gordon, Deokhwan Kim, Jeff Perkins, and Martin Rinard MIT CSAIL Limei Gilham Kestrel Institute Nguyen Nguyen Global InfoTek, Inc.

More information

Finding Architectural Flaws in Android Apps Is Easy

Finding Architectural Flaws in Android Apps Is Easy Finding Architectural Flaws in Android Apps Is Easy By Radu Vanciu and Marwan Abi-Antoun Department of Computer Science Wayne State University Detroit, Michigan, USA This work was supported in part by

More information

2 Lecture Embedded System Security A.-R. Darmstadt, Android Security Extensions

2 Lecture Embedded System Security A.-R. Darmstadt, Android Security Extensions 2 Lecture Embedded System Security A.-R. Sadeghi, @TU Darmstadt, 2011-2014 Android Security Extensions App A Perm. P 1 App B Perm. P 2 Perm. P 3 Kirin [2009] Reference Monitor Prevents the installation

More information

Using Deep Links for Growth. Phillip Nelson Director of Product, Quixey

Using Deep Links for Growth. Phillip Nelson Director of Product, Quixey Using Deep Links for Growth Phillip Nelson Director of Product, Quixey Mobile Deep Linking What are deep links? Why are deep links useful for developers? For users? How do I implement deep linking? What

More information

Uranine: Real-time Privacy Leakage Monitoring without System Modification for Android

Uranine: Real-time Privacy Leakage Monitoring without System Modification for Android Uranine: Real-time Privacy Leakage Monitoring without System Modification for Android Vaibhav Rastogi 1, Zhengyang Qu 2, Jedidiah McClurg 3, Yinzhi Cao 4, and Yan Chen 2 1 University of Wisconsin and Pennsylvania

More information

Building SDKs. Ty Smith & Javier Soto Code

Building SDKs. Ty Smith & Javier Soto Code Building SDKs Ty Smith & Javier Soto Code Monkeys @tsmith & @javi How to make great SDKs EASY TO USE STABLE LIGHTWEIGHT FLEXIBLE WELL SUPPORTED Easy to Use Easy To Integrate Fabric.with(this, new Crashlytics());

More information

Amandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps

Amandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps Amandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps FENGGUO WEI, University of South Florida SANKARDAS ROY, Bowling Green State University

More information

ReDroid: Prioritizing Data Flows and Sinks for App Security Transformation

ReDroid: Prioritizing Data Flows and Sinks for App Security Transformation FEAST 2017 ReDroid: Prioritizing Data Flows and Sinks for App Security Transformation Ke Tian*, Gang Tan^, Daphne Yao*, Barbara Ryder* *Department of Computer Science Virginia Tech ^Department of CSE Penn

More information

Towards Verifying Android Apps for the Absence of No-Sleep Energy Bugs

Towards Verifying Android Apps for the Absence of No-Sleep Energy Bugs Towards Verifying Android Apps for the Absence of No-Sleep Energy Bugs Panagiotis Vekris Ranjit Jhala, Sorin Lerner, Yuvraj Agarwal University of California, San Diego 1 2 Software Energy Bugs 3 Software

More information

The Checker Framework: pluggable static analysis for Java

The Checker Framework: pluggable static analysis for Java The Checker Framework: pluggable static analysis for Java http://checkerframework.org/ Werner Dietl University of Waterloo https://ece.uwaterloo.ca/~wdietl/ Joint work with Michael D. Ernst and many others.

More information

Amandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps

Amandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps 1 Amandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps FENGGUO WEI, University of South Florida SANKARDAS ROY, Bowling Green State University

More information

Using DidFail to Analyze Flow of Sensitive Information in Sets of Android Apps

Using DidFail to Analyze Flow of Sensitive Information in Sets of Android Apps Using DidFail to Analyze Flow of Sensitive Information in Sets of Android Apps Will Klieber*, Lori Flynn*, Amar Bhosale, Limin Jia, and Lujo Bauer *presenting June 2015 Copyright 2015 Carnegie Mellon University

More information

SHIFTLEFT OCULAR THE CODE PROPERTY GRAPH

SHIFTLEFT OCULAR THE CODE PROPERTY GRAPH SHIFTLEFT OCULAR INTRODUCTION ShiftLeft Ocular offers code auditors the full range of capabilities of ShiftLeft s best-in-class static code analysis 1, ShiftLeft Inspect. Ocular enables code auditors to

More information

WHOLE-SYSTEM ANALYSIS FOR UNDERSTANDING PUBLICLY ACCESSIBLE FUNCTIONS IN ANDROID

WHOLE-SYSTEM ANALYSIS FOR UNDERSTANDING PUBLICLY ACCESSIBLE FUNCTIONS IN ANDROID WHOLE-SYSTEM ANALYSIS FOR UNDERSTANDING PUBLICLY ACCESSIBLE FUNCTIONS IN ANDROID Nguyen Huu Hoang () (2) *, Lingxiao Jiang (2), Quan Thanh Tho () () Ho Chi Minh City University of Technology, Viet Nam

More information

An Empirical Study of Web Resource Manipulation in Real-world Mobile Applications

An Empirical Study of Web Resource Manipulation in Real-world Mobile Applications An Empirical Study of Web Resource Manipulation in Real-world Mobile Applications Xiaohan Zhang, Yuan Zhang, Qianqian Mo, Hao Xia, Zhemin Yang, Min Yang XiaoFeng Wang, Long Lu, and Haixin Duan Background

More information

CSCE 548 Building Secure Software Software Analysis Basics

CSCE 548 Building Secure Software Software Analysis Basics CSCE 548 Building Secure Software Software Analysis Basics Professor Lisa Luo Spring 2018 Previous Class Ø Android Background Ø Two Android Security Problems: 1. Android App Repackaging o Very easy to

More information

Adaptive Android Kernel Live Patching

Adaptive Android Kernel Live Patching USENIX Security Symposium 2017 Adaptive Android Kernel Live Patching Yue Chen 1, Yulong Zhang 2, Zhi Wang 1, Liangzhao Xia 2, Chenfu Bao 2, Tao Wei 2 Florida State University 1 Baidu X-Lab 2 Android Kernel

More information

Things You May Not Know About Android (Un)Packers: A Systematic Study based on Whole- System Emulation

Things You May Not Know About Android (Un)Packers: A Systematic Study based on Whole- System Emulation Things You May Not Know About Android (Un)Packers: A Systematic Study based on Whole- System Emulation Yue Duan, Mu Zhang, Abhishek Vasisht Bhaskar, Heng Yin, Xiaorui Pan, Tongxin Li, Xueqiang Wang, XiaoFeng

More information

5) Attacker causes damage Different to gaining control. For example, the attacker might quit after gaining control.

5) Attacker causes damage Different to gaining control. For example, the attacker might quit after gaining control. Feb 23, 2009 CSE, 409/509 Mitigation of Bugs, Life of an exploit 1) Bug inserted into code 2) Bug passes testing 3) Attacker triggers bug 4) The Attacker gains control of the program 5) Attacker causes

More information

Kratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework

Kratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework Kratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework Yuru Shao, Jason Ott, Qi Alfred Chen, Zhiyun Qian, Z. Morley Mao University of Michigan, University of California Riverside

More information

A Framework for Evaluating Mobile App Repackaging Detection Algorithms

A Framework for Evaluating Mobile App Repackaging Detection Algorithms A Framework for Evaluating Mobile App Repackaging Detection Algorithms Heqing Huang, PhD Candidate. Sencun Zhu, Peng Liu (Presenter) & Dinghao Wu, PhDs Repackaging Process Downloaded APK file Unpack Repackaged

More information

Secure Programming Lecture 15: Information Leakage

Secure Programming Lecture 15: Information Leakage Secure Programming Lecture 15: Information Leakage David Aspinall 21st March 2017 Outline Overview Language Based Security Taint tracking Information flow security by type-checking Summary Recap We have

More information

Androsia Securing 'data in process' for your Android Apps

Androsia Securing 'data in process' for your Android Apps Androsia Securing 'data in process' for your Android Apps C:\>whoami Samit Anwer Product Security Team @Citrix R&D India Pvt Ltd Web/Mobile App Security Enthusiast Speaker: AppSec USA (Orlando, USA) 2017,

More information

Binary Static Analysis. Chris Wysopal, CTO and Co-founder March 7, 2012 Introduction to Computer Security - COMP 116

Binary Static Analysis. Chris Wysopal, CTO and Co-founder March 7, 2012 Introduction to Computer Security - COMP 116 Binary Static Analysis Chris Wysopal, CTO and Co-founder March 7, 2012 Introduction to Computer Security - COMP 116 Bio Chris Wysopal, Veracode s CTO and Co- Founder, is responsible for the company s software

More information

OWASP German Chapter Stammtisch Initiative/Ruhrpott. Android App Pentest Workshop 101

OWASP German Chapter Stammtisch Initiative/Ruhrpott. Android App Pentest Workshop 101 OWASP German Chapter Stammtisch Initiative/Ruhrpott Android App Pentest Workshop 101 About What we will try to cover in the first session: Setup of a Mobile Application Pentest Environment Basics of Mobile

More information

6.858 Quiz 2 Review. Android Security. Haogang Chen Nov 24, 2014

6.858 Quiz 2 Review. Android Security. Haogang Chen Nov 24, 2014 6.858 Quiz 2 Review Android Security Haogang Chen Nov 24, 2014 1 Security layers Layer Role Reference Monitor Mandatory Access Control (MAC) for RPC: enforce access control policy for shared resources

More information

Android System Architecture. Android Application Fundamentals. Applications in Android. Apps in the Android OS. Program Model 8/31/2015

Android System Architecture. Android Application Fundamentals. Applications in Android. Apps in the Android OS. Program Model 8/31/2015 Android System Architecture Android Application Fundamentals Applications in Android All source code, resources, and data are compiled into a single archive file. The file uses the.apk suffix and is used

More information

Finding Clues For Your Secrets: Semantics-Driven, Learning-Based Privacy Discovery in Mobile Apps

Finding Clues For Your Secrets: Semantics-Driven, Learning-Based Privacy Discovery in Mobile Apps Finding Clues For Your Secrets: Semantics-Driven, Learning-Based Privacy Discovery in Mobile Apps Yuhong Nan, Zhemin Yang, Yuan Zhang, Donglai Zhu and Min Yang Fudan University Xiaofeng Wang Indiana University

More information

Android App Development. Muhammad Sharjeel COMSATS Institute of Information Technology, Lahore

Android App Development. Muhammad Sharjeel COMSATS Institute of Information Technology, Lahore Android App Development Muhammad Sharjeel COMSATS Institute of Information Technology, Lahore Mobile devices (e.g., smartphone, tablet PCs, etc.) are increasingly becoming an essential part of human life

More information

Don t let data Go astray

Don t let data Go astray Don t let data Go astray A Context-Sensitive Taint Analysis for Concurrent Programs in Go Volker Stolz Bergen University College, Norway & University of Oslo, Norway 28 th Nordic Workshop on Programming

More information

Refinement-Based Context-Sensitive Points-To Analysis for Java

Refinement-Based Context-Sensitive Points-To Analysis for Java Refinement-Based Context-Sensitive Points-To Analysis for Java Manu Sridharan, Rastislav Bodík UC Berkeley PLDI 2006 1 What Does Refinement Buy You? Increased scalability: enable new clients Memory: orders

More information

Formal Security Analysis of Android Apps

Formal Security Analysis of Android Apps Formal Security Analysis of Android Apps Matteo Maffei S&P Security and Privacy Group Exploits extremely slow patching process Exploits OS vulnerabilities Breaks sandbox separation logic by notifications

More information

Sta$c Analysis Dataflow Analysis

Sta$c Analysis Dataflow Analysis Sta$c Analysis Dataflow Analysis Roadmap Overview. Four Analysis Examples. Analysis Framework Soot. Theore>cal Abstrac>on of Dataflow Analysis. Inter- procedure Analysis. Taint Analysis. Overview Sta>c

More information

Understanding and Detecting Wake Lock Misuses for Android Applications

Understanding and Detecting Wake Lock Misuses for Android Applications Understanding and Detecting Wake Lock Misuses for Android Applications Artifact Evaluated by FSE 2016 Yepang Liu, Chang Xu, Shing-Chi Cheung, and Valerio Terragni Code Analysis, Testing and Learning Research

More information

Finding Vulnerabilities in Web Applications

Finding Vulnerabilities in Web Applications Finding Vulnerabilities in Web Applications Christopher Kruegel, Technical University Vienna Evolving Networks, Evolving Threats The past few years have witnessed a significant increase in the number of

More information

Understanding and Detecting Wake Lock Misuses for Android Applications

Understanding and Detecting Wake Lock Misuses for Android Applications Understanding and Detecting Wake Lock Misuses for Android Applications Artifact Evaluated Yepang Liu, Chang Xu, Shing-Chi Cheung, and Valerio Terragni Code Analysis, Testing and Learning Research Group

More information

Static and Dynamic Program Analysis: Synergies and Applications

Static and Dynamic Program Analysis: Synergies and Applications Static and Dynamic Program Analysis: Synergies and Applications Mayur Naik Intel Labs, Berkeley CS 243, Stanford University March 9, 2011 Today s Computing Platforms Trends: parallel cloud mobile Traits:

More information

Formal methods for software security

Formal methods for software security Formal methods for software security Thomas Jensen, INRIA Forum "Méthodes formelles" Toulouse, 31 January 2017 Formal methods for software security Formal methods for software security Confidentiality

More information

L.C.Smith. Privacy-Preserving Offloading of Mobile App to the Public Cloud

L.C.Smith. Privacy-Preserving Offloading of Mobile App to the Public Cloud Privacy-Preserving Offloading of Mobile App to the Public Cloud Yue Duan, Mu Zhang, Heng Yin and Yuzhe Tang Department of EECS Syracuse University L.C.Smith College of Engineering 1 and Computer Science

More information

VirtualSwindle: An Automated Attack Against In-App Billing on Android

VirtualSwindle: An Automated Attack Against In-App Billing on Android Northeastern University Systems Security Lab VirtualSwindle: An Automated Attack Against In-App Billing on Android ASIACCS 2014 Collin Mulliner, William Robertson, Engin Kirda {crm,wkr,ek}[at]ccs.neu.edu

More information

SHWETANK KUMAR GUPTA Only For Education Purpose

SHWETANK KUMAR GUPTA Only For Education Purpose Introduction Android: INTERVIEW QUESTION AND ANSWER Android is an operating system for mobile devices that includes middleware and key applications, and uses a modified version of the Linux kernel. It

More information

Honours/Master/PhD Thesis Projects Supervised by Dr. Yulei Sui

Honours/Master/PhD Thesis Projects Supervised by Dr. Yulei Sui Honours/Master/PhD Thesis Projects Supervised by Dr. Yulei Sui Projects 1 Information flow analysis for mobile applications 2 2 Machine-learning-guide typestate analysis for UAF vulnerabilities 3 3 Preventing

More information

Tackling runtime-based obfuscation in Android with TIRO

Tackling runtime-based obfuscation in Android with TIRO Tackling runtime-based obfuscation in Android with TIRO Michelle Y. Wong and David Lie University of Toronto Abstract Obfuscation is used in malware to hide malicious activity from manual or automatic

More information

File System Interpretation

File System Interpretation File System Interpretation Part III. Advanced Techniques and Tools for Digital Forensics CSF: Forensics Cyber-Security Fall 2018 Nuno Santos Previously: Introduction to Android forensics! How does Android

More information

Lab5. Wooseok Kim

Lab5. Wooseok Kim Lab5 Wooseok Kim wkim3@albany.edu www.cs.albany.edu/~wooseok/201 Question Answer Points 1 A or B 8 2 A 8 3 D 8 4 20 5 for class 10 for main 5 points for output 5 D or E 8 6 B 8 7 1 15 8 D 8 9 C 8 10 B

More information

Statically Detecting Likely Buffer Overflow Vulnerabilities

Statically Detecting Likely Buffer Overflow Vulnerabilities Overflow Vulnerabilities The Harvard community has made this article openly available. Please share how this access benefits you. Your story matters. Citation Published Version Accessed Citable Link Terms

More information

Static Analysis for Android: GUIs, Callbacks, and Beyond

Static Analysis for Android: GUIs, Callbacks, and Beyond Static Analysis for Android: GUIs, Callbacks, and Beyond Atanas (Nasko) Rountev Ohio State University Program Analyses and Software Tools Research Group Joint with my students Dacong Yan, Shengqian Yang,

More information

Android Application Development Course Code: AND-401 Version 7 Duration: 05 days

Android Application Development Course Code: AND-401 Version 7 Duration: 05 days Let s Reach For Excellence! TAN DUC INFORMATION TECHNOLOGY SCHOOL JSC Address: 103 Pasteur, Dist.1, HCMC Tel: 08 38245819; 38239761 Email: traincert@tdt-tanduc.com Website: www.tdt-tanduc.com; www.tanducits.com

More information

ANDROID APPS (NOW WITH JELLY BEANS!) Jordan Jozwiak November 11, 2012

ANDROID APPS (NOW WITH JELLY BEANS!) Jordan Jozwiak November 11, 2012 ANDROID APPS (NOW WITH JELLY BEANS!) Jordan Jozwiak November 11, 2012 AGENDA Android v. ios Design Paradigms Setup Application Framework Demo Libraries Distribution ANDROID V. IOS Android $25 one-time

More information

Lecture 1 Introduction to Android. App Development for Mobile Devices. App Development for Mobile Devices. Announcement.

Lecture 1 Introduction to Android. App Development for Mobile Devices. App Development for Mobile Devices. Announcement. CSCE 315: Android Lectures (1/2) Dr. Jaerock Kwon App Development for Mobile Devices Jaerock Kwon, Ph.D. Assistant Professor in Computer Engineering App Development for Mobile Devices Jaerock Kwon, Ph.D.

More information

System Software Assignment 1 Runtime Support for Procedures

System Software Assignment 1 Runtime Support for Procedures System Software Assignment 1 Runtime Support for Procedures Exercise 1: Nested procedures Some programming languages like Oberon and Pascal support nested procedures. 1. Find a run-time structure for such

More information

1. GOALS and MOTIVATION

1. GOALS and MOTIVATION AppSeer: Discovering Interface Defects among Android Components Vincenzo Chiaramida, Francesco Pinci, Ugo Buy and Rigel Gjomemo University of Illinois at Chicago 4 September 2018 Slides by: Vincenzo Chiaramida

More information

Computer Programming, I. Laboratory Manual. Final Exam Solution

Computer Programming, I. Laboratory Manual. Final Exam Solution Think Twice Code Once The Islamic University of Gaza Engineering Faculty Department of Computer Engineering Fall 2017 ECOM 2005 Khaleel I. Shaheen Computer Programming, I Laboratory Manual Final Exam Solution

More information

CS378 -Mobile Computing. Intents

CS378 -Mobile Computing. Intents CS378 -Mobile Computing Intents Intents Allow us to use applications and components that are part of Android System and allow other applications to use the components of the applications we create Examples

More information

Formalisation and Analysis of Dalvik Bytecode

Formalisation and Analysis of Dalvik Bytecode Formalisation and Analysis of Dalvik Bytecode Erik Ramsgaard Wognsen Department of Computer Science Aalborg University DANSAS 12, 24 August 2012 Joint work with Henrik Karlsen, Mads Chr. Olesen, and René

More information

AceDroid: Normalizing Diverse Android

AceDroid: Normalizing Diverse Android AceDroid: Normalizing Diverse Android Access Control Checks for Inconsistency Detection Yousra Aafer*, Jianjun Huang*, Yi Sun*, Xiangyu Zhang*, Ninghui Li* and Chen Tian *Purdue University Futurewei Technologies

More information

A Method-Based Ahead-of-Time Compiler For Android Applications

A Method-Based Ahead-of-Time Compiler For Android Applications A Method-Based Ahead-of-Time Compiler For Android Applications Fatma Deli Computer Science & Software Engineering University of Washington Bothell November, 2012 2 Introduction This paper proposes a method-based

More information

Static Analysis for Android: GUIs, Callbacks, and Beyond

Static Analysis for Android: GUIs, Callbacks, and Beyond Static Analysis for Android: GUIs, Callbacks, and Beyond Atanas (Nasko) Rountev Joint work with Dacong Yan Shengqian Yang Haowei Wu Yan Wang Hailong Zhang Ohio State University PRESTO: Program Analyses

More information

Profile-Guided Program Simplification for Effective Testing and Analysis

Profile-Guided Program Simplification for Effective Testing and Analysis Profile-Guided Program Simplification for Effective Testing and Analysis Lingxiao Jiang Zhendong Su Program Execution Profiles A profile is a set of information about an execution, either succeeded or

More information

ATC Android Application Development

ATC Android Application Development ATC Android Application Development 1. Android Framework and Android Studio b. Android Platform Architecture i. Linux Kernel ii. Hardware Abstraction Layer(HAL) iii. Android runtime iv. Native C/C++ Libraries

More information

3/18/18. Program Analysis. CYSE 411/AIT 681 Secure Software Engineering. Learning Goal. Program Analysis on Security. Why Program Representations

3/18/18. Program Analysis. CYSE 411/AIT 681 Secure Software Engineering. Learning Goal. Program Analysis on Security. Why Program Representations Program Analysis CYSE 411/AIT 681 Secure Software Engineering Topic #14. Program Analysis Instructor: Dr. Kun Sun The process of automatically analyzing the behavior of computer programs regarding a property

More information

RUNTIME PERMISSIONS IN ANDROID 6.0 Lecture 10a

RUNTIME PERMISSIONS IN ANDROID 6.0 Lecture 10a RUNTIME PERMISSIONS IN ANDROID 6.0 Lecture 10a COMPSCI 702 Security for Smart-Devices Muhammad Rizwan Asghar March 20, 2018 2 ANDROID 6.0 A version of the Android mobile operating system officially released

More information

Static Analysis in Practice

Static Analysis in Practice in Practice 15-313: Foundations of Software Engineering Jonathan Aldrich 1 Outline: in Practice Case study: Analysis at ebay Case study: Analysis at Microsoft Analysis Results and Process Example: Standard

More information

EMBEDDED SYSTEMS PROGRAMMING Android NDK

EMBEDDED SYSTEMS PROGRAMMING Android NDK EMBEDDED SYSTEMS PROGRAMMING 2014-15 Android NDK WHAT IS THE NDK? The Android NDK is a set of cross-compilers, scripts and libraries that allows to embed native code into Android applications Native code

More information

Soot, a Tool for Analyzing and Transforming Java Bytecode

Soot, a Tool for Analyzing and Transforming Java Bytecode Soot, a Tool for Analyzing and Transforming Java Bytecode Laurie Hendren, Patrick Lam, Jennifer Lhoták, Ondřej Lhoták and Feng Qian McGill University Special thanks to John Jorgensen and Navindra Umanee

More information

Ariadnima - Android Component Flow Reconstruction and Visualization

Ariadnima - Android Component Flow Reconstruction and Visualization 2017 IEEE 31st International Conference on Advanced Information Networking and Applications Ariadnima - Android Component Flow Reconstruction and Visualization Dennis Titze, Konrad Weiss, Julian Schütte

More information

QuantDroid: Quantitative Approach towards Mitigating Privilege Escalation on Android

QuantDroid: Quantitative Approach towards Mitigating Privilege Escalation on Android QuantDroid: Quantitative Approach towards Mitigating Privilege Escalation on Android Tobias Markmann 1 Dennis Gessner 2 Dirk Westhoff 3 1 HAW Hamburg, Germany 2 NEC Laboratories Europe, Heidelberg, Germany

More information

Wanted: Students to participate in a user study

Wanted: Students to participate in a user study Wanted: Students to participate in a user study Requirements: Know how to use the Eclipse IDE Knowledge in Java development Knowledge of static analysis is not required, but it is a plus Time: 2-3 hours

More information

Identifying and Analyzing Pointer Misuses for Sophisticated Memory-corruption Exploit Diagnosis

Identifying and Analyzing Pointer Misuses for Sophisticated Memory-corruption Exploit Diagnosis Identifying and Analyzing Pointer Misuses for Sophisticated Memory-corruption Exploit Diagnosis Mingwei Zhang ( ) Aravind Prakash ( ) Xiaolei Li ( ) Zhenkai Liang ( ) Heng Yin ( ) ( ) School of Computing,

More information

droidcon Greece Thessaloniki September 2015

droidcon Greece Thessaloniki September 2015 droidcon Greece Thessaloniki 10-12 September 2015 Reverse Engineering in Android Countermeasures and Tools $ whoami > Dario Incalza (@h4oxer) > Application Security Engineering Analyst > Android Developer

More information

CYSE 411/AIT 681 Secure Software Engineering Topic #14. Program Analysis

CYSE 411/AIT 681 Secure Software Engineering Topic #14. Program Analysis CYSE 411/AIT 681 Secure Software Engineering Topic #14. Program Analysis Instructor: Dr. Kun Sun Program Analysis The process of automatically analyzing the behavior of computer programs regarding a property

More information

Dynamic Detection of Inter- Application Communication Vulnerabilities in Android. Daniel Barton

Dynamic Detection of Inter- Application Communication Vulnerabilities in Android. Daniel Barton Dynamic Detection of Inter- Application Communication Vulnerabilities in Android Daniel Barton Authors/Paper Metadata Roee Hay IBM Security Omer Tripp IBM T.J. Watson Research Center Marco Pistoia IBM

More information

엄현상 (Eom, Hyeonsang) School of Computer Science and Engineering Seoul National University COPYRIGHTS 2017 EOM, HYEONSANG ALL RIGHTS RESERVED

엄현상 (Eom, Hyeonsang) School of Computer Science and Engineering Seoul National University COPYRIGHTS 2017 EOM, HYEONSANG ALL RIGHTS RESERVED 엄현상 (Eom, Hyeonsang) School of Computer Science and Engineering Seoul National University COPYRIGHTS 2017 EOM, HYEONSANG ALL RIGHTS RESERVED Outline - Questionnaire Results - Java Overview - Java Examples

More information

Rubicon: Scalable Bounded Verification of Web Applications

Rubicon: Scalable Bounded Verification of Web Applications Joseph P. Near Research Statement My research focuses on developing domain-specific static analyses to improve software security and reliability. In contrast to existing approaches, my techniques leverage

More information

Vulnerability Discovery in Closed Source / Bytecode Encrypted PHP Applications

Vulnerability Discovery in Closed Source / Bytecode Encrypted PHP Applications Vulnerability Discovery in Closed Source / Bytecode Encrypted PHP Applications Stefan Esser Power Of Community November 2008 Seoul Who am I? Stefan Esser from Cologne/Germany 10 years in Information Security

More information

Specifying Callback Control Flow of Mobile Apps Using Finite Automata

Specifying Callback Control Flow of Mobile Apps Using Finite Automata Specifying Callback Control Flow of Mobile Apps Using Finite Automata Danilo Dominguez Perez and Wei Le 1 Abstract Given the event-driven and framework-based architecture of Android apps, finding the ordering

More information

CS 2340 Objects and Design - Scala

CS 2340 Objects and Design - Scala CS 2340 Objects and Design - Scala Objects and Operators Christopher Simpkins chris.simpkins@gatech.edu Chris Simpkins (Georgia Tech) CS 2340 Objects and Design - Scala Objects and Operators 1 / 13 Classes

More information

John Hancock RealChoice Benefits App User Guide. I. How to download the RealChoice Benefits app using an iphone device...2

John Hancock RealChoice Benefits App User Guide. I. How to download the RealChoice Benefits app using an iphone device...2 John Hancock RealChoice Benefits App User Guide I. How to download the RealChoice Benefits app using an iphone device...2 II. How to download the RealChoice Benefits app using an Android device.7 III.

More information

SOFTWARE MAINTENANCE AND EVOLUTION --- REFACTORING FOR ASYNC --- CS563 WEEK 3 - THU

SOFTWARE MAINTENANCE AND EVOLUTION --- REFACTORING FOR ASYNC --- CS563 WEEK 3 - THU SOFTWARE MAINTENANCE AND EVOLUTION --- REFACTORING FOR ASYNC --- CS563 WEEK 3 - THU Danny Dig Course Objectives: Project Practice a research or novel-industrial project through all its stages: - formulate

More information

Security Philosophy. Humans have difficulty understanding risk

Security Philosophy. Humans have difficulty understanding risk Android Security Security Philosophy Humans have difficulty understanding risk Safer to assume that Most developers do not understand security Most users do not understand security Security philosophy

More information

Procedure and Object- Oriented Abstraction

Procedure and Object- Oriented Abstraction Procedure and Object- Oriented Abstraction Scope and storage management cs5363 1 Procedure abstractions Procedures are fundamental programming abstractions They are used to support dynamically nested blocks

More information

ON AUTOMATICALLY DETECTING SIMILAR ANDROID APPS. By Michelle Dowling

ON AUTOMATICALLY DETECTING SIMILAR ANDROID APPS. By Michelle Dowling ON AUTOMATICALLY DETECTING SIMILAR ANDROID APPS By Michelle Dowling Motivation Searching for similar mobile apps is becoming increasingly important Looking for substitute apps Opportunistic code reuse

More information

Checking System Rules Using System-Specific, Programmer- Written Compiler Extensions

Checking System Rules Using System-Specific, Programmer- Written Compiler Extensions Motivation for using Checking System Rules Using System-Specific, Programmer- Written Compiler Extensions Dawson Engler Benjamin Chelf Andy Chou Seth Hallem 1 Computer Systems Laboratory Stanford University

More information

Android Fundamentals - Part 1

Android Fundamentals - Part 1 Android Fundamentals - Part 1 Alexander Nelson September 1, 2017 University of Arkansas - Department of Computer Science and Computer Engineering Reminders Projects Project 1 due Wednesday, September 13th

More information

Applications Mobiles et Internet des Objets Introduction a l architecture d Android

Applications Mobiles et Internet des Objets Introduction a l architecture d Android Applications Mobiles et Internet des Objets Introduction a l architecture d Android Thibault CHOLEZ - thibault.cholez@loria.fr TELECOM Nancy - Universite de Lorraine LORIA - INRIA Nancy Grand-Est From

More information

XFindBugs: extended FindBugs for AspectJ

XFindBugs: extended FindBugs for AspectJ XFindBugs: extended FindBugs for AspectJ Haihao Shen, Sai Zhang, Jianjun Zhao, Jianhong Fang, Shiyuan Yao Software Theory and Practice Group (STAP) Shanghai Jiao Tong University, China A code Is there

More information

Making Context-sensitive Points-to Analysis with Heap Cloning Practical For The Real World

Making Context-sensitive Points-to Analysis with Heap Cloning Practical For The Real World Making Context-sensitive Points-to Analysis with Heap Cloning Practical For The Real World Chris Lattner Apple Andrew Lenharth UIUC Vikram Adve UIUC What is Heap Cloning? Distinguish objects by acyclic

More information

Lecture 2: Control Flow Analysis

Lecture 2: Control Flow Analysis COM S/CPRE 513 x: Foundations and Applications of Program Analysis Spring 2018 Instructor: Wei Le Lecture 2: Control Flow Analysis 2.1 What is Control Flow Analysis Given program source code, control flow

More information

Obfuscation-Resilient Privacy Leak Detection for Mobile Apps Through Differential Analysis

Obfuscation-Resilient Privacy Leak Detection for Mobile Apps Through Differential Analysis Obfuscation-Resilient Privacy Leak Detection for Mobile Apps Through Differential Analysis Andrea Continella, Yanick Fratantonio, Martina Lindorfer, Alessandro Puccetti, Ali Zand, Christopher Kruegel,

More information

SieveDroid: Intercepting Undesirable Private-Data Transmissions in Android Applications at Runtime

SieveDroid: Intercepting Undesirable Private-Data Transmissions in Android Applications at Runtime SieveDroid: Intercepting Undesirable Private-Data Transmissions in Android Applications at Runtime Jianmeng Huang 2017,1,12 Outline 1 Motivation Intro Current solutions Our goals 2 SieveDroid Our solution

More information

Syllabus- Java + Android. Java Fundamentals

Syllabus- Java + Android. Java Fundamentals Introducing the Java Technology Syllabus- Java + Android Java Fundamentals Key features of the technology and the advantages of using Java Using an Integrated Development Environment (IDE) Introducing

More information

Operating Systems CMPSCI 377, Lec 2 Intro to C/C++ Prashant Shenoy University of Massachusetts Amherst

Operating Systems CMPSCI 377, Lec 2 Intro to C/C++ Prashant Shenoy University of Massachusetts Amherst Operating Systems CMPSCI 377, Lec 2 Intro to C/C++ Prashant Shenoy University of Massachusetts Amherst Department of Computer Science Why C? Low-level Direct access to memory WYSIWYG (more or less) Effectively

More information

SCAnDroid: Automated Side-Channel Analysis of Android APIs

SCAnDroid: Automated Side-Channel Analysis of Android APIs S C I E N C E P A S S I O N T E C H N O L O G Y SCAnDroid: Automated Side-Channel Analysis of Android APIs Raphael Spreitzer, Gerald Palfinger, Stefan Mangard IAIK, Graz University of Technology, Austria

More information
2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback