On-the-fly Android static analysis with applications in vulnerability discovery
Static analysis is a common program analysis technique extensively used in the software security field. Widely-used static analysis tools for Android, e.g., Amandroid and FlowDroid, perform the whole-app analysis which is comprehensive yet at the cost of huge overheads. In this dissertation, we make...
Saved in:
| Main Author: | |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2019
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/etd_coll/204 https://ink.library.smu.edu.sg/cgi/viewcontent.cgi?article=1204&context=etd_coll |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| Summary: | Static analysis is a common program analysis technique extensively used in the software security field. Widely-used static analysis tools for Android, e.g., Amandroid and FlowDroid, perform the whole-app analysis which is comprehensive yet at the cost of huge overheads. In this dissertation, we make a first attempt to explore a novel on-demand analysis that creatively leverages bytecode search to guide inter-procedural analysis on the fly or just in time, and develop such on-the-fly analysis into a tool, called BackDroid, for Android apps. We further explore how the core technique of on-the-fly static analysis in BackDroid can enable different vulnerability studies on Android and their corresponding new findings. To this end, we select three vulnerability analysis problems on Android as three representatives, since they require different extents of BackDroid customization in their methodology.
First, we explore how BackDroid can be applied to detect crypto and SSL/TLS misconfigurations in modern Android apps, and compare it with the state-of-the-art Amandroid tool. Second, we explore how an enhanced version of BackDroid and on-device crowdsourcing can facilitate a systematic security study of open ports in Android apps. Third, we explore how a lightweight version of BackDroid with SDK conditional statement checking can benefit a SDK-API inconsistency study that involves the control-flow analysis of multiple sink APIs. With all these works, this dissertation shows that on-the-fly Android static analysis guided by bytecode search can efficiently and effectively analyze the security of modern apps. |
|---|