Ripple: Reflection Analysis for Android Apps in Incomplete Information Environments
|
|
- Millicent Sullivan
- 5 years ago
- Views:
Transcription
1 Ripple: Reflection Analysis for Android Apps in Incomplete Information Environments Yifei Zhang, Tian Tan, Yue Li and Jingling Xue Programming Languages and Compilers Group University of New South Wales March 30, 2017
2 How do static Android security analyses work? 2
3 Android Apps Security Analysis dex Files Intermediate Represetations Call Graph Android Manifest Layout Files Intent Filters Callbacks... Decompilation Inter-procedural Control-flow Graph Pointer Analysis Resources Files File Extraction 3
4 Android Apps Security Analysis dex Files Intermediate Represetations Call Graph Android Manifest Layout Files Intent Filters Callbacks... Decompilation Inter-procedural Control-flow Graph Pointer Analysis Resources Files File Extraction 4
5 Android Apps Security Analysis dex Files Intermediate Represetations Call Graph Android Manifest Layout Files Intent Filters Callbacks... Decompilation Inter-procedural Control-flow Graph Pointer Analysis Resources Files File Extraction 5
6 Android Apps Security Analysis dex Files Intermediate Represetations Call Graph Android Manifest Layout Files Intent Filters Callbacks... Decompilation Inter-procedural Control-flow Graph Pointer Analysis Resources Files File Extraction ICSE CCS Usenix Security PLDI ASE FSE CCS NDSS POPL FSE Taint Analysis, API Misuse Analysis, Intent Injection Detection... 6
7 Taint Analysis: Goal Sensitive Data Sources User Identity, Private Information Data-flows Sinks Internet, Log Files 7
8 Taint Analysis: Method Enter main Enter foo Call foo Return foo Exit foo Exit main 8
9 Taint Analysis: Method Enter main Source Enter foo Call foo Sink Return foo Exit foo Exit main 9
10 Reflection: An Obstacle of Security Analysis Enter main Source method.invoke(o, args) Exit main 10
11 Reflection: An Obstacle of Security Analysis Enter main Source Arguments method.invoke(o, args) Method Meta-object Receiver Object Exit main 11
12 Reflection: An Obstacle of Security Analysis Enter main Source method.invoke(o, args) Enter bar Method bar Return bar Sink Exit main Exit bar 12
13 Reflection: An Obstacle of Security Analysis Enter main Source method.invoke(o, args) Enter bar Method bar Return bar Sink Exit main Exit bar 13
14 Ripple: Static Reflection analysis for Android Apps Enter main Source method.invoke(o, args) Enter bar Taint Analysis, API Misuse Analysis, Intent Injection Detection... Method bar Exit main Return bar Sink Exit bar Ripple ICSE CCS Usenix Security PLDI ASE FSE CCS NDSS POPL FSE 14
15 Backgrounds of Reflection 15
16 What is reflection? A dynamic programming language feature Enable developers to create objects and invoke methods by their names 16
17 Why Do We Use Reflection? A dynamic programming language feature Enable developers to create objects and invoke methods by their names Intensively being used to Provide plugin and external library support Invoke hidden APIs 17
18 Goals of Static Reflection Analysis Static reflection Analysis aims to Find reflective call targets: the type of the objects and methods being reflectively created and invoked 18
19 Goals of Static Reflection Analysis Static reflection Analysis aims to Find reflective call targets: the type of the objects and methods being reflectively created and invoked Enter main Source method.invoke(o, args) Enter bar Method bar Return bar Sink Exit bar Exit main Ripple 19
20 State-of-the-art Reflection Analysis for Android: String Constant Resolution Method: Using constant class and method names 20
21 State-of-the-art Reflection Analysis for Android: String Constant Resolution Method: Using constant class and method names Weakness The nature of reflection: providing flexibility. Sting constants do not always present Obfuscation: encrypted class and method names 21
22 Insight: Incomplete Information Environments (IIE) IIEs cause missing data-flows, which exacerbates static reflection analysis Undetermined Intents Unresolved Containers Sources of IIEs Behavior-Unknown Libraries Unmodeled Services IIE-Aware Reflection Analysis String Constant Reflection Resolution Type Inference Reflection Resolution Client Analyses 22
23 Insight: Incomplete Information Environments (IIE) IIEs cause missing data-flows, which exacerbates static reflection analysis Undetermined Intents Unresolved Containers Sources of IIEs Behavior-Unknown Libraries Unmodeled Services IIE-Aware Reflection Analysis String Constant Reflection Resolution Type Inference Reflection Resolution Client Analyses 23
24 Methodology An example to illustrate how Ripple works 24
25 Ripple: IIE-aware Reflection Analysis 1 String mname = getintent().getstringextra("methodname"); 2 Method logmtd = Log.class.getMethod(mName, String.class, String.class); 3 String tag = "..."; 4 String msg = "..."; 5 logmtd.invoke(null, tag, msg); } } 25
26 Ripple: IIE-aware Reflection Analysis IIE 1 String mname = getintent().getstringextra("methodname"); 2 Method logmtd = Log.class.getMethod(null, String.class, String.class); 3 String tag = "..."; 4 String msg = "..."; 5 logmtd.invoke(null, tag, msg); } } 26
27 Ripple: IIE-aware Reflection Analysis Method { Class Type: Log Name: Unknown } IIE 1 String mname = getintent().getstringextra("methodname"); 2 Method logmtd = Log.class.getMethod(null, String.class, String.class); 3 String tag = "..."; 4 String msg = "..."; 5 logmtd.invoke(null, tag, msg); } } 27
28 Ripple: IIE-aware Reflection Analysis Method { Class Type: Log Name: Unknown } Static (String, String) IIE 1 String mname = getintent().getstringextra("methodname"); 2 Method logmtd = Log.class.getMethod(null, String.class, String.class); 3 String tag = "..."; 4 String msg = "..."; 5 logmtd.invoke(null, tag, msg); } } 28
29 Ripple: IIE-aware Reflection Analysis Method { Class Type: Log Name: Unknown } Static (String, String) IIE 1 String mname = getintent().getstringextra("methodname"); 2 Method logmtd = Log.class.getMethod(null, String.class, String.class); 3 String tag = "..."; 4 String msg = "..."; 5 logmtd.invoke(null, tag, msg); } } 1 public class Log { 2 public static int i(string tag, String msg) {} 3 public static int d(string tag, String msg) {} 4 public static int w(string tag, String msg) {} 5 public static int e(string tag, String msg) {} 6 public static int v(string tag, String msg) {} 7 public static int wtf(string tag, String msg) {} Other 11 methods... } 29
30 Ripple: IIE-aware Reflection Analysis Method { Class Type: Log Name: Unknown } Static (String, String) IIE 1 String mname = getintent().getstringextra("methodname"); 2 Method logmtd = Log.class.getMethod(null, String.class, String.class); 3 String tag = "..."; 4 String msg = "..."; 5 logmtd.invoke(null, tag, msg); } } 1 public class Log { 2 public static int i(string tag, String msg) {} 3 public static int d(string tag, String msg) {} Sink 4 public static int w(string tag, String msg) {} Calls 5 public static int e(string tag, String msg) {} 6 public static int v(string tag, String msg) {} 7 public static int wtf(string tag, String msg) {} Other 11 methods... } 30
31 Ripple: IIE-aware Reflection Analysis Method { Class Type: Log Name: Unknown } Static (String, String) IIE 1 String mname = getintent().getstringextra("methodname"); 2 Method logmtd = Log.class.getMethod(null, String.class, String.class); 3 String tag = "..."; 4 String msg = "..."; 5 logmtd.invoke(null, tag, msg); } } 1 public class Log { 2 public static int i(string tag, String msg) {} 3 public static int d(string tag, String msg) {} Sink 4 public static int w(string tag, String msg) {} Calls 5 public static int e(string tag, String msg) {} 6 public static int v(string tag, String msg) {} 7 public static int wtf(string tag, String msg) {} Other 11 methods... } In one of the top-chart Android app named Twist, resolving logmtd.invoke() causes 12 more data leaks to be reported by FlowDroid. 31
32 Implementation & Evaluation 32
33 Implementation Ripple is built upon SOOT analysis framework Ripple works with SPARK pointer analysis Most significant reflective APIs that affect the static analysis are handled Entry methods: Class.forName() Member-instrospecting Methods: Method.getMethod(), Method.getDeclaredMethod(), Method.getMethods(), and Method.getDeclaredMethods() Side-effect methods: Class.newInstance(), Method.invoke() 33
34 Evaluation: Precision Real-world Apps: 17 top-chart Android apps from Google Play 34
35 Evaluation: Precision Real-world Apps: 17 top-chart Android apps from Google Play Ripple: 232 true targets with a low false positive rate 21.9% String inference: 160 true targets A net gain of 72 true targets are yielded and thus a 45% increase in soundness on reflection analysis 35
36 Evaluation: Effectiveness Integrate Ripple into FlowDroid, a taint analysis framework for Android apps More sound callgraph: 13 out of the 17 apps being evaluated Data leaks detected: 310 more sensitive data leakages are detected by FlowDroid 36
37 Android Security Analyses: A Revisit 37
38 Revisit Android Apps Security Analysis dex Files Intermediate Represetations Call Graph Android Manifest Layout Files Intent Filters Callbacks... Decompilation Inter-procedural Control-flow Graph Pointer Analysis Resources Files File Extraction Taint Analysis, API Misuse Analysis, Intent Injection Detection... 38
39 Revisit Android Apps Security Analysis dex Files Intermediate Represetations Call Graph Android Manifest Layout Files Intent Filters Callbacks... Decompilation Inter-procedural Control-flow Graph Pointer Analysis Ripple Resources Files File Extraction Taint Analysis, API Misuse Analysis, Intent Injection Detection... 39
40 Yifei Zhang Mail: Homepage: cse.unsw.edu.au/~yzhang Open source program analysis tools on Java, C and C++ shared by our group can be found at cse.unsw.edu.au/~jingling/tools.html
arxiv: v1 [cs.cr] 16 Dec 2016
This is an extended version of Yifei Zhang, Tian Tan, Yue Li and Jingling Xue, Ripple: Reflection Analysis for Android Apps in Incomplete Information Environments, CODASPY 17. Ripple: Reflection Analysis
More informationRipple: Reflection Analysis for Android Apps in Incomplete Information Environments
Ripple: Reflection Analysis for Android Apps in Incomplete Information Environments Yifei Zhang, Tian Tan, Yue Li and Jingling Xue School of Computer Science and Engineering, UNSW Australia ABSTRACT Despite
More informationRipple: Reflection analysis for Android apps in incomplete information environments
Received: 20 November 2017 Revised: 21 February 2018 Accepted: 5 March 2018 DOI: 10.1002/spe.2577 EXTENDED CONFERENCE PAPER Ripple: Reflection analysis for Android apps in incomplete information environments
More informationInteractively Verifying Absence of Explicit Information Flows in Android Apps
Interactively Verifying Absence of Explicit Information Flows in Android Apps Osbert Bastani, Saswat Anand, and Alex Aiken Stanford University OOPSLA 2015 Problem Google Play Store > 1 million apps on
More informationTackling runtime-based obfuscation in Android with TIRO
Tackling runtime-based obfuscation in Android with Michelle Wong and David Lie University of Toronto Usenix Security 2018 Android malware and analysis Mobile devices are a valuable target for malware developers
More informationDetecting Advanced Android Malware by Data Flow Analysis Engine. Xu Hao & pll
Detecting Advanced Android Malware by Data Flow Analysis Engine Xu Hao & pll 2013.09 Content Background adfaer - Android Data Flow Analyzer Janus - Detect Reflection Experiment Future Work Android Security
More informationCollaborative Verification of Information Flow for a High-Assurance App Store
Collaborative Verification of Information Flow for a High-Assurance App Store Michael D. Ernst, René Just, Suzanne Millstein, Werner Dietl*, Stuart Pernsteiner, Franziska Roesner, Karl Koscher, Paulo Barros,
More informationInformation-Flow Analysis of Android Applications in DroidSafe
Information-Flow Analysis of Android Applications in DroidSafe Michael I. Gordon, Deokhwan Kim, Jeff Perkins, and Martin Rinard MIT CSAIL Limei Gilham Kestrel Institute Nguyen Nguyen Global InfoTek, Inc.
More informationFinding Architectural Flaws in Android Apps Is Easy
Finding Architectural Flaws in Android Apps Is Easy By Radu Vanciu and Marwan Abi-Antoun Department of Computer Science Wayne State University Detroit, Michigan, USA This work was supported in part by
More information2 Lecture Embedded System Security A.-R. Darmstadt, Android Security Extensions
2 Lecture Embedded System Security A.-R. Sadeghi, @TU Darmstadt, 2011-2014 Android Security Extensions App A Perm. P 1 App B Perm. P 2 Perm. P 3 Kirin [2009] Reference Monitor Prevents the installation
More informationUsing Deep Links for Growth. Phillip Nelson Director of Product, Quixey
Using Deep Links for Growth Phillip Nelson Director of Product, Quixey Mobile Deep Linking What are deep links? Why are deep links useful for developers? For users? How do I implement deep linking? What
More informationUranine: Real-time Privacy Leakage Monitoring without System Modification for Android
Uranine: Real-time Privacy Leakage Monitoring without System Modification for Android Vaibhav Rastogi 1, Zhengyang Qu 2, Jedidiah McClurg 3, Yinzhi Cao 4, and Yan Chen 2 1 University of Wisconsin and Pennsylvania
More informationBuilding SDKs. Ty Smith & Javier Soto Code
Building SDKs Ty Smith & Javier Soto Code Monkeys @tsmith & @javi How to make great SDKs EASY TO USE STABLE LIGHTWEIGHT FLEXIBLE WELL SUPPORTED Easy to Use Easy To Integrate Fabric.with(this, new Crashlytics());
More informationAmandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps
Amandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps FENGGUO WEI, University of South Florida SANKARDAS ROY, Bowling Green State University
More informationReDroid: Prioritizing Data Flows and Sinks for App Security Transformation
FEAST 2017 ReDroid: Prioritizing Data Flows and Sinks for App Security Transformation Ke Tian*, Gang Tan^, Daphne Yao*, Barbara Ryder* *Department of Computer Science Virginia Tech ^Department of CSE Penn
More informationTowards Verifying Android Apps for the Absence of No-Sleep Energy Bugs
Towards Verifying Android Apps for the Absence of No-Sleep Energy Bugs Panagiotis Vekris Ranjit Jhala, Sorin Lerner, Yuvraj Agarwal University of California, San Diego 1 2 Software Energy Bugs 3 Software
More informationThe Checker Framework: pluggable static analysis for Java
The Checker Framework: pluggable static analysis for Java http://checkerframework.org/ Werner Dietl University of Waterloo https://ece.uwaterloo.ca/~wdietl/ Joint work with Michael D. Ernst and many others.
More informationAmandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps
1 Amandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps FENGGUO WEI, University of South Florida SANKARDAS ROY, Bowling Green State University
More informationUsing DidFail to Analyze Flow of Sensitive Information in Sets of Android Apps
Using DidFail to Analyze Flow of Sensitive Information in Sets of Android Apps Will Klieber*, Lori Flynn*, Amar Bhosale, Limin Jia, and Lujo Bauer *presenting June 2015 Copyright 2015 Carnegie Mellon University
More informationSHIFTLEFT OCULAR THE CODE PROPERTY GRAPH
SHIFTLEFT OCULAR INTRODUCTION ShiftLeft Ocular offers code auditors the full range of capabilities of ShiftLeft s best-in-class static code analysis 1, ShiftLeft Inspect. Ocular enables code auditors to
More informationWHOLE-SYSTEM ANALYSIS FOR UNDERSTANDING PUBLICLY ACCESSIBLE FUNCTIONS IN ANDROID
WHOLE-SYSTEM ANALYSIS FOR UNDERSTANDING PUBLICLY ACCESSIBLE FUNCTIONS IN ANDROID Nguyen Huu Hoang () (2) *, Lingxiao Jiang (2), Quan Thanh Tho () () Ho Chi Minh City University of Technology, Viet Nam
More informationAn Empirical Study of Web Resource Manipulation in Real-world Mobile Applications
An Empirical Study of Web Resource Manipulation in Real-world Mobile Applications Xiaohan Zhang, Yuan Zhang, Qianqian Mo, Hao Xia, Zhemin Yang, Min Yang XiaoFeng Wang, Long Lu, and Haixin Duan Background
More informationCSCE 548 Building Secure Software Software Analysis Basics
CSCE 548 Building Secure Software Software Analysis Basics Professor Lisa Luo Spring 2018 Previous Class Ø Android Background Ø Two Android Security Problems: 1. Android App Repackaging o Very easy to
More informationAdaptive Android Kernel Live Patching
USENIX Security Symposium 2017 Adaptive Android Kernel Live Patching Yue Chen 1, Yulong Zhang 2, Zhi Wang 1, Liangzhao Xia 2, Chenfu Bao 2, Tao Wei 2 Florida State University 1 Baidu X-Lab 2 Android Kernel
More informationThings You May Not Know About Android (Un)Packers: A Systematic Study based on Whole- System Emulation
Things You May Not Know About Android (Un)Packers: A Systematic Study based on Whole- System Emulation Yue Duan, Mu Zhang, Abhishek Vasisht Bhaskar, Heng Yin, Xiaorui Pan, Tongxin Li, Xueqiang Wang, XiaoFeng
More information5) Attacker causes damage Different to gaining control. For example, the attacker might quit after gaining control.
Feb 23, 2009 CSE, 409/509 Mitigation of Bugs, Life of an exploit 1) Bug inserted into code 2) Bug passes testing 3) Attacker triggers bug 4) The Attacker gains control of the program 5) Attacker causes
More informationKratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework
Kratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework Yuru Shao, Jason Ott, Qi Alfred Chen, Zhiyun Qian, Z. Morley Mao University of Michigan, University of California Riverside
More informationA Framework for Evaluating Mobile App Repackaging Detection Algorithms
A Framework for Evaluating Mobile App Repackaging Detection Algorithms Heqing Huang, PhD Candidate. Sencun Zhu, Peng Liu (Presenter) & Dinghao Wu, PhDs Repackaging Process Downloaded APK file Unpack Repackaged
More informationSecure Programming Lecture 15: Information Leakage
Secure Programming Lecture 15: Information Leakage David Aspinall 21st March 2017 Outline Overview Language Based Security Taint tracking Information flow security by type-checking Summary Recap We have
More informationAndrosia Securing 'data in process' for your Android Apps
Androsia Securing 'data in process' for your Android Apps C:\>whoami Samit Anwer Product Security Team @Citrix R&D India Pvt Ltd Web/Mobile App Security Enthusiast Speaker: AppSec USA (Orlando, USA) 2017,
More informationBinary Static Analysis. Chris Wysopal, CTO and Co-founder March 7, 2012 Introduction to Computer Security - COMP 116
Binary Static Analysis Chris Wysopal, CTO and Co-founder March 7, 2012 Introduction to Computer Security - COMP 116 Bio Chris Wysopal, Veracode s CTO and Co- Founder, is responsible for the company s software
More informationOWASP German Chapter Stammtisch Initiative/Ruhrpott. Android App Pentest Workshop 101
OWASP German Chapter Stammtisch Initiative/Ruhrpott Android App Pentest Workshop 101 About What we will try to cover in the first session: Setup of a Mobile Application Pentest Environment Basics of Mobile
More information6.858 Quiz 2 Review. Android Security. Haogang Chen Nov 24, 2014
6.858 Quiz 2 Review Android Security Haogang Chen Nov 24, 2014 1 Security layers Layer Role Reference Monitor Mandatory Access Control (MAC) for RPC: enforce access control policy for shared resources
More informationAndroid System Architecture. Android Application Fundamentals. Applications in Android. Apps in the Android OS. Program Model 8/31/2015
Android System Architecture Android Application Fundamentals Applications in Android All source code, resources, and data are compiled into a single archive file. The file uses the.apk suffix and is used
More informationFinding Clues For Your Secrets: Semantics-Driven, Learning-Based Privacy Discovery in Mobile Apps
Finding Clues For Your Secrets: Semantics-Driven, Learning-Based Privacy Discovery in Mobile Apps Yuhong Nan, Zhemin Yang, Yuan Zhang, Donglai Zhu and Min Yang Fudan University Xiaofeng Wang Indiana University
More informationAndroid App Development. Muhammad Sharjeel COMSATS Institute of Information Technology, Lahore
Android App Development Muhammad Sharjeel COMSATS Institute of Information Technology, Lahore Mobile devices (e.g., smartphone, tablet PCs, etc.) are increasingly becoming an essential part of human life
More informationDon t let data Go astray
Don t let data Go astray A Context-Sensitive Taint Analysis for Concurrent Programs in Go Volker Stolz Bergen University College, Norway & University of Oslo, Norway 28 th Nordic Workshop on Programming
More informationRefinement-Based Context-Sensitive Points-To Analysis for Java
Refinement-Based Context-Sensitive Points-To Analysis for Java Manu Sridharan, Rastislav Bodík UC Berkeley PLDI 2006 1 What Does Refinement Buy You? Increased scalability: enable new clients Memory: orders
More informationFormal Security Analysis of Android Apps
Formal Security Analysis of Android Apps Matteo Maffei S&P Security and Privacy Group Exploits extremely slow patching process Exploits OS vulnerabilities Breaks sandbox separation logic by notifications
More informationSta$c Analysis Dataflow Analysis
Sta$c Analysis Dataflow Analysis Roadmap Overview. Four Analysis Examples. Analysis Framework Soot. Theore>cal Abstrac>on of Dataflow Analysis. Inter- procedure Analysis. Taint Analysis. Overview Sta>c
More informationUnderstanding and Detecting Wake Lock Misuses for Android Applications
Understanding and Detecting Wake Lock Misuses for Android Applications Artifact Evaluated by FSE 2016 Yepang Liu, Chang Xu, Shing-Chi Cheung, and Valerio Terragni Code Analysis, Testing and Learning Research
More informationFinding Vulnerabilities in Web Applications
Finding Vulnerabilities in Web Applications Christopher Kruegel, Technical University Vienna Evolving Networks, Evolving Threats The past few years have witnessed a significant increase in the number of
More informationUnderstanding and Detecting Wake Lock Misuses for Android Applications
Understanding and Detecting Wake Lock Misuses for Android Applications Artifact Evaluated Yepang Liu, Chang Xu, Shing-Chi Cheung, and Valerio Terragni Code Analysis, Testing and Learning Research Group
More informationStatic and Dynamic Program Analysis: Synergies and Applications
Static and Dynamic Program Analysis: Synergies and Applications Mayur Naik Intel Labs, Berkeley CS 243, Stanford University March 9, 2011 Today s Computing Platforms Trends: parallel cloud mobile Traits:
More informationFormal methods for software security
Formal methods for software security Thomas Jensen, INRIA Forum "Méthodes formelles" Toulouse, 31 January 2017 Formal methods for software security Formal methods for software security Confidentiality
More informationL.C.Smith. Privacy-Preserving Offloading of Mobile App to the Public Cloud
Privacy-Preserving Offloading of Mobile App to the Public Cloud Yue Duan, Mu Zhang, Heng Yin and Yuzhe Tang Department of EECS Syracuse University L.C.Smith College of Engineering 1 and Computer Science
More informationVirtualSwindle: An Automated Attack Against In-App Billing on Android
Northeastern University Systems Security Lab VirtualSwindle: An Automated Attack Against In-App Billing on Android ASIACCS 2014 Collin Mulliner, William Robertson, Engin Kirda {crm,wkr,ek}[at]ccs.neu.edu
More informationSHWETANK KUMAR GUPTA Only For Education Purpose
Introduction Android: INTERVIEW QUESTION AND ANSWER Android is an operating system for mobile devices that includes middleware and key applications, and uses a modified version of the Linux kernel. It
More informationHonours/Master/PhD Thesis Projects Supervised by Dr. Yulei Sui
Honours/Master/PhD Thesis Projects Supervised by Dr. Yulei Sui Projects 1 Information flow analysis for mobile applications 2 2 Machine-learning-guide typestate analysis for UAF vulnerabilities 3 3 Preventing
More informationTackling runtime-based obfuscation in Android with TIRO
Tackling runtime-based obfuscation in Android with TIRO Michelle Y. Wong and David Lie University of Toronto Abstract Obfuscation is used in malware to hide malicious activity from manual or automatic
More informationFile System Interpretation
File System Interpretation Part III. Advanced Techniques and Tools for Digital Forensics CSF: Forensics Cyber-Security Fall 2018 Nuno Santos Previously: Introduction to Android forensics! How does Android
More informationLab5. Wooseok Kim
Lab5 Wooseok Kim wkim3@albany.edu www.cs.albany.edu/~wooseok/201 Question Answer Points 1 A or B 8 2 A 8 3 D 8 4 20 5 for class 10 for main 5 points for output 5 D or E 8 6 B 8 7 1 15 8 D 8 9 C 8 10 B
More informationStatically Detecting Likely Buffer Overflow Vulnerabilities
Overflow Vulnerabilities The Harvard community has made this article openly available. Please share how this access benefits you. Your story matters. Citation Published Version Accessed Citable Link Terms
More informationStatic Analysis for Android: GUIs, Callbacks, and Beyond
Static Analysis for Android: GUIs, Callbacks, and Beyond Atanas (Nasko) Rountev Ohio State University Program Analyses and Software Tools Research Group Joint with my students Dacong Yan, Shengqian Yang,
More informationAndroid Application Development Course Code: AND-401 Version 7 Duration: 05 days
Let s Reach For Excellence! TAN DUC INFORMATION TECHNOLOGY SCHOOL JSC Address: 103 Pasteur, Dist.1, HCMC Tel: 08 38245819; 38239761 Email: traincert@tdt-tanduc.com Website: www.tdt-tanduc.com; www.tanducits.com
More informationANDROID APPS (NOW WITH JELLY BEANS!) Jordan Jozwiak November 11, 2012
ANDROID APPS (NOW WITH JELLY BEANS!) Jordan Jozwiak November 11, 2012 AGENDA Android v. ios Design Paradigms Setup Application Framework Demo Libraries Distribution ANDROID V. IOS Android $25 one-time
More informationLecture 1 Introduction to Android. App Development for Mobile Devices. App Development for Mobile Devices. Announcement.
CSCE 315: Android Lectures (1/2) Dr. Jaerock Kwon App Development for Mobile Devices Jaerock Kwon, Ph.D. Assistant Professor in Computer Engineering App Development for Mobile Devices Jaerock Kwon, Ph.D.
More informationSystem Software Assignment 1 Runtime Support for Procedures
System Software Assignment 1 Runtime Support for Procedures Exercise 1: Nested procedures Some programming languages like Oberon and Pascal support nested procedures. 1. Find a run-time structure for such
More information1. GOALS and MOTIVATION
AppSeer: Discovering Interface Defects among Android Components Vincenzo Chiaramida, Francesco Pinci, Ugo Buy and Rigel Gjomemo University of Illinois at Chicago 4 September 2018 Slides by: Vincenzo Chiaramida
More informationComputer Programming, I. Laboratory Manual. Final Exam Solution
Think Twice Code Once The Islamic University of Gaza Engineering Faculty Department of Computer Engineering Fall 2017 ECOM 2005 Khaleel I. Shaheen Computer Programming, I Laboratory Manual Final Exam Solution
More informationCS378 -Mobile Computing. Intents
CS378 -Mobile Computing Intents Intents Allow us to use applications and components that are part of Android System and allow other applications to use the components of the applications we create Examples
More informationFormalisation and Analysis of Dalvik Bytecode
Formalisation and Analysis of Dalvik Bytecode Erik Ramsgaard Wognsen Department of Computer Science Aalborg University DANSAS 12, 24 August 2012 Joint work with Henrik Karlsen, Mads Chr. Olesen, and René
More informationAceDroid: Normalizing Diverse Android
AceDroid: Normalizing Diverse Android Access Control Checks for Inconsistency Detection Yousra Aafer*, Jianjun Huang*, Yi Sun*, Xiangyu Zhang*, Ninghui Li* and Chen Tian *Purdue University Futurewei Technologies
More informationA Method-Based Ahead-of-Time Compiler For Android Applications
A Method-Based Ahead-of-Time Compiler For Android Applications Fatma Deli Computer Science & Software Engineering University of Washington Bothell November, 2012 2 Introduction This paper proposes a method-based
More informationStatic Analysis for Android: GUIs, Callbacks, and Beyond
Static Analysis for Android: GUIs, Callbacks, and Beyond Atanas (Nasko) Rountev Joint work with Dacong Yan Shengqian Yang Haowei Wu Yan Wang Hailong Zhang Ohio State University PRESTO: Program Analyses
More informationProfile-Guided Program Simplification for Effective Testing and Analysis
Profile-Guided Program Simplification for Effective Testing and Analysis Lingxiao Jiang Zhendong Su Program Execution Profiles A profile is a set of information about an execution, either succeeded or
More informationATC Android Application Development
ATC Android Application Development 1. Android Framework and Android Studio b. Android Platform Architecture i. Linux Kernel ii. Hardware Abstraction Layer(HAL) iii. Android runtime iv. Native C/C++ Libraries
More information3/18/18. Program Analysis. CYSE 411/AIT 681 Secure Software Engineering. Learning Goal. Program Analysis on Security. Why Program Representations
Program Analysis CYSE 411/AIT 681 Secure Software Engineering Topic #14. Program Analysis Instructor: Dr. Kun Sun The process of automatically analyzing the behavior of computer programs regarding a property
More informationRUNTIME PERMISSIONS IN ANDROID 6.0 Lecture 10a
RUNTIME PERMISSIONS IN ANDROID 6.0 Lecture 10a COMPSCI 702 Security for Smart-Devices Muhammad Rizwan Asghar March 20, 2018 2 ANDROID 6.0 A version of the Android mobile operating system officially released
More informationStatic Analysis in Practice
in Practice 15-313: Foundations of Software Engineering Jonathan Aldrich 1 Outline: in Practice Case study: Analysis at ebay Case study: Analysis at Microsoft Analysis Results and Process Example: Standard
More informationEMBEDDED SYSTEMS PROGRAMMING Android NDK
EMBEDDED SYSTEMS PROGRAMMING 2014-15 Android NDK WHAT IS THE NDK? The Android NDK is a set of cross-compilers, scripts and libraries that allows to embed native code into Android applications Native code
More informationSoot, a Tool for Analyzing and Transforming Java Bytecode
Soot, a Tool for Analyzing and Transforming Java Bytecode Laurie Hendren, Patrick Lam, Jennifer Lhoták, Ondřej Lhoták and Feng Qian McGill University Special thanks to John Jorgensen and Navindra Umanee
More informationAriadnima - Android Component Flow Reconstruction and Visualization
2017 IEEE 31st International Conference on Advanced Information Networking and Applications Ariadnima - Android Component Flow Reconstruction and Visualization Dennis Titze, Konrad Weiss, Julian Schütte
More informationQuantDroid: Quantitative Approach towards Mitigating Privilege Escalation on Android
QuantDroid: Quantitative Approach towards Mitigating Privilege Escalation on Android Tobias Markmann 1 Dennis Gessner 2 Dirk Westhoff 3 1 HAW Hamburg, Germany 2 NEC Laboratories Europe, Heidelberg, Germany
More informationWanted: Students to participate in a user study
Wanted: Students to participate in a user study Requirements: Know how to use the Eclipse IDE Knowledge in Java development Knowledge of static analysis is not required, but it is a plus Time: 2-3 hours
More informationIdentifying and Analyzing Pointer Misuses for Sophisticated Memory-corruption Exploit Diagnosis
Identifying and Analyzing Pointer Misuses for Sophisticated Memory-corruption Exploit Diagnosis Mingwei Zhang ( ) Aravind Prakash ( ) Xiaolei Li ( ) Zhenkai Liang ( ) Heng Yin ( ) ( ) School of Computing,
More informationdroidcon Greece Thessaloniki September 2015
droidcon Greece Thessaloniki 10-12 September 2015 Reverse Engineering in Android Countermeasures and Tools $ whoami > Dario Incalza (@h4oxer) > Application Security Engineering Analyst > Android Developer
More informationCYSE 411/AIT 681 Secure Software Engineering Topic #14. Program Analysis
CYSE 411/AIT 681 Secure Software Engineering Topic #14. Program Analysis Instructor: Dr. Kun Sun Program Analysis The process of automatically analyzing the behavior of computer programs regarding a property
More informationDynamic Detection of Inter- Application Communication Vulnerabilities in Android. Daniel Barton
Dynamic Detection of Inter- Application Communication Vulnerabilities in Android Daniel Barton Authors/Paper Metadata Roee Hay IBM Security Omer Tripp IBM T.J. Watson Research Center Marco Pistoia IBM
More information엄현상 (Eom, Hyeonsang) School of Computer Science and Engineering Seoul National University COPYRIGHTS 2017 EOM, HYEONSANG ALL RIGHTS RESERVED
엄현상 (Eom, Hyeonsang) School of Computer Science and Engineering Seoul National University COPYRIGHTS 2017 EOM, HYEONSANG ALL RIGHTS RESERVED Outline - Questionnaire Results - Java Overview - Java Examples
More informationRubicon: Scalable Bounded Verification of Web Applications
Joseph P. Near Research Statement My research focuses on developing domain-specific static analyses to improve software security and reliability. In contrast to existing approaches, my techniques leverage
More informationVulnerability Discovery in Closed Source / Bytecode Encrypted PHP Applications
Vulnerability Discovery in Closed Source / Bytecode Encrypted PHP Applications Stefan Esser Power Of Community November 2008 Seoul Who am I? Stefan Esser from Cologne/Germany 10 years in Information Security
More informationSpecifying Callback Control Flow of Mobile Apps Using Finite Automata
Specifying Callback Control Flow of Mobile Apps Using Finite Automata Danilo Dominguez Perez and Wei Le 1 Abstract Given the event-driven and framework-based architecture of Android apps, finding the ordering
More informationCS 2340 Objects and Design - Scala
CS 2340 Objects and Design - Scala Objects and Operators Christopher Simpkins chris.simpkins@gatech.edu Chris Simpkins (Georgia Tech) CS 2340 Objects and Design - Scala Objects and Operators 1 / 13 Classes
More informationJohn Hancock RealChoice Benefits App User Guide. I. How to download the RealChoice Benefits app using an iphone device...2
John Hancock RealChoice Benefits App User Guide I. How to download the RealChoice Benefits app using an iphone device...2 II. How to download the RealChoice Benefits app using an Android device.7 III.
More informationSOFTWARE MAINTENANCE AND EVOLUTION --- REFACTORING FOR ASYNC --- CS563 WEEK 3 - THU
SOFTWARE MAINTENANCE AND EVOLUTION --- REFACTORING FOR ASYNC --- CS563 WEEK 3 - THU Danny Dig Course Objectives: Project Practice a research or novel-industrial project through all its stages: - formulate
More informationSecurity Philosophy. Humans have difficulty understanding risk
Android Security Security Philosophy Humans have difficulty understanding risk Safer to assume that Most developers do not understand security Most users do not understand security Security philosophy
More informationProcedure and Object- Oriented Abstraction
Procedure and Object- Oriented Abstraction Scope and storage management cs5363 1 Procedure abstractions Procedures are fundamental programming abstractions They are used to support dynamically nested blocks
More informationON AUTOMATICALLY DETECTING SIMILAR ANDROID APPS. By Michelle Dowling
ON AUTOMATICALLY DETECTING SIMILAR ANDROID APPS By Michelle Dowling Motivation Searching for similar mobile apps is becoming increasingly important Looking for substitute apps Opportunistic code reuse
More informationChecking System Rules Using System-Specific, Programmer- Written Compiler Extensions
Motivation for using Checking System Rules Using System-Specific, Programmer- Written Compiler Extensions Dawson Engler Benjamin Chelf Andy Chou Seth Hallem 1 Computer Systems Laboratory Stanford University
More informationAndroid Fundamentals - Part 1
Android Fundamentals - Part 1 Alexander Nelson September 1, 2017 University of Arkansas - Department of Computer Science and Computer Engineering Reminders Projects Project 1 due Wednesday, September 13th
More informationApplications Mobiles et Internet des Objets Introduction a l architecture d Android
Applications Mobiles et Internet des Objets Introduction a l architecture d Android Thibault CHOLEZ - thibault.cholez@loria.fr TELECOM Nancy - Universite de Lorraine LORIA - INRIA Nancy Grand-Est From
More informationXFindBugs: extended FindBugs for AspectJ
XFindBugs: extended FindBugs for AspectJ Haihao Shen, Sai Zhang, Jianjun Zhao, Jianhong Fang, Shiyuan Yao Software Theory and Practice Group (STAP) Shanghai Jiao Tong University, China A code Is there
More informationMaking Context-sensitive Points-to Analysis with Heap Cloning Practical For The Real World
Making Context-sensitive Points-to Analysis with Heap Cloning Practical For The Real World Chris Lattner Apple Andrew Lenharth UIUC Vikram Adve UIUC What is Heap Cloning? Distinguish objects by acyclic
More informationLecture 2: Control Flow Analysis
COM S/CPRE 513 x: Foundations and Applications of Program Analysis Spring 2018 Instructor: Wei Le Lecture 2: Control Flow Analysis 2.1 What is Control Flow Analysis Given program source code, control flow
More informationObfuscation-Resilient Privacy Leak Detection for Mobile Apps Through Differential Analysis
Obfuscation-Resilient Privacy Leak Detection for Mobile Apps Through Differential Analysis Andrea Continella, Yanick Fratantonio, Martina Lindorfer, Alessandro Puccetti, Ali Zand, Christopher Kruegel,
More informationSieveDroid: Intercepting Undesirable Private-Data Transmissions in Android Applications at Runtime
SieveDroid: Intercepting Undesirable Private-Data Transmissions in Android Applications at Runtime Jianmeng Huang 2017,1,12 Outline 1 Motivation Intro Current solutions Our goals 2 SieveDroid Our solution
More informationSyllabus- Java + Android. Java Fundamentals
Introducing the Java Technology Syllabus- Java + Android Java Fundamentals Key features of the technology and the advantages of using Java Using an Integrated Development Environment (IDE) Introducing
More informationOperating Systems CMPSCI 377, Lec 2 Intro to C/C++ Prashant Shenoy University of Massachusetts Amherst
Operating Systems CMPSCI 377, Lec 2 Intro to C/C++ Prashant Shenoy University of Massachusetts Amherst Department of Computer Science Why C? Low-level Direct access to memory WYSIWYG (more or less) Effectively
More informationSCAnDroid: Automated Side-Channel Analysis of Android APIs
S C I E N C E P A S S I O N T E C H N O L O G Y SCAnDroid: Automated Side-Channel Analysis of Android APIs Raphael Spreitzer, Gerald Palfinger, Stefan Mangard IAIK, Graz University of Technology, Austria
More information