When program analysis meets bytecode search: Targeted and efficient inter-procedural analysis of modern Android apps in BackDroid
Widely-used Android static program analysis tools,e.g., Amandroid and FlowDroid, perform the whole-app interprocedural analysis that is comprehensive but fundamentallydifficult to handle modern (large) apps. The average app size hasincreased three to four times over five years. In this paper, weexpl...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2021
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/6540 https://ink.library.smu.edu.sg/context/sis_research/article/7543/viewcontent/When_program_analysis_meets_bytecode_search_Targeted_and_efficient_inter_procedural_analysis_of_modern_Android_apps_in_BackDroid__1_.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-7543 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-75432022-01-10T03:44:34Z When program analysis meets bytecode search: Targeted and efficient inter-procedural analysis of modern Android apps in BackDroid WU, Daoyuan GAO, Debin DENG, Robert H. CHANG, Rocky Widely-used Android static program analysis tools,e.g., Amandroid and FlowDroid, perform the whole-app interprocedural analysis that is comprehensive but fundamentallydifficult to handle modern (large) apps. The average app size hasincreased three to four times over five years. In this paper, weexplore a new paradigm of targeted inter-procedural analysis thatcan skip irrelevant code and focus only on the flows of securitysensitive sink APIs. To this end, we propose a technique calledon-the-fly bytecode search, which searches the disassembled appbytecode text just in time when a caller needs to be located. In thisway, it guides targeted (and backward) inter-procedural analysisstep by step until reaching entry points, without relying on awhole-app graph. Such search-based inter-procedural analysis,however, is challenging due to Java polymorphism, callbacks,asynchronous flows, static initializers, and inter-component communication in Android apps. We overcome these unique obstaclesin our context by proposing a set of bytecode search mechanismsthat utilize flexible searches and forward object taint analysis.Atop this new inter-procedural analysis, we further adjust thetraditional backward slicing and forward constant propagation toprovide the complete dataflow tracking of sink API calls. We haveimplemented a prototype called BackDroid and compared it withAmandroid in analyzing 3,178 modern popular apps for cryptoand SSL misconfigurations. The evaluation shows that for suchsink-based problems, BackDroid is 37 times faster (2.13 v.s. 78.15minutes) and has no timed-out failure (v.s. 35% in Amandroid)while maintaining close or even better detection effectiveness. 2021-06-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/6540 info:doi/10.1109/DSN48987.2021.00063 https://ink.library.smu.edu.sg/context/sis_research/article/7543/viewcontent/When_program_analysis_meets_bytecode_search_Targeted_and_efficient_inter_procedural_analysis_of_modern_Android_apps_in_BackDroid__1_.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University application programs computer aided software engineering data flow analysis Artificial Intelligence and Robotics Computer and Systems Architecture Graphics and Human Computer Interfaces Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
application programs computer aided software engineering data flow analysis Artificial Intelligence and Robotics Computer and Systems Architecture Graphics and Human Computer Interfaces Information Security |
| spellingShingle |
application programs computer aided software engineering data flow analysis Artificial Intelligence and Robotics Computer and Systems Architecture Graphics and Human Computer Interfaces Information Security WU, Daoyuan GAO, Debin DENG, Robert H. CHANG, Rocky When program analysis meets bytecode search: Targeted and efficient inter-procedural analysis of modern Android apps in BackDroid |
| description |
Widely-used Android static program analysis tools,e.g., Amandroid and FlowDroid, perform the whole-app interprocedural analysis that is comprehensive but fundamentallydifficult to handle modern (large) apps. The average app size hasincreased three to four times over five years. In this paper, weexplore a new paradigm of targeted inter-procedural analysis thatcan skip irrelevant code and focus only on the flows of securitysensitive sink APIs. To this end, we propose a technique calledon-the-fly bytecode search, which searches the disassembled appbytecode text just in time when a caller needs to be located. In thisway, it guides targeted (and backward) inter-procedural analysisstep by step until reaching entry points, without relying on awhole-app graph. Such search-based inter-procedural analysis,however, is challenging due to Java polymorphism, callbacks,asynchronous flows, static initializers, and inter-component communication in Android apps. We overcome these unique obstaclesin our context by proposing a set of bytecode search mechanismsthat utilize flexible searches and forward object taint analysis.Atop this new inter-procedural analysis, we further adjust thetraditional backward slicing and forward constant propagation toprovide the complete dataflow tracking of sink API calls. We haveimplemented a prototype called BackDroid and compared it withAmandroid in analyzing 3,178 modern popular apps for cryptoand SSL misconfigurations. The evaluation shows that for suchsink-based problems, BackDroid is 37 times faster (2.13 v.s. 78.15minutes) and has no timed-out failure (v.s. 35% in Amandroid)while maintaining close or even better detection effectiveness. |
| format |
text |
| author |
WU, Daoyuan GAO, Debin DENG, Robert H. CHANG, Rocky |
| author_facet |
WU, Daoyuan GAO, Debin DENG, Robert H. CHANG, Rocky |
| author_sort |
WU, Daoyuan |
| title |
When program analysis meets bytecode search: Targeted and efficient inter-procedural analysis of modern Android apps in BackDroid |
| title_short |
When program analysis meets bytecode search: Targeted and efficient inter-procedural analysis of modern Android apps in BackDroid |
| title_full |
When program analysis meets bytecode search: Targeted and efficient inter-procedural analysis of modern Android apps in BackDroid |
| title_fullStr |
When program analysis meets bytecode search: Targeted and efficient inter-procedural analysis of modern Android apps in BackDroid |
| title_full_unstemmed |
When program analysis meets bytecode search: Targeted and efficient inter-procedural analysis of modern Android apps in BackDroid |
| title_sort |
when program analysis meets bytecode search: targeted and efficient inter-procedural analysis of modern android apps in backdroid |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2021 |
| url |
https://ink.library.smu.edu.sg/sis_research/6540 https://ink.library.smu.edu.sg/context/sis_research/article/7543/viewcontent/When_program_analysis_meets_bytecode_search_Targeted_and_efficient_inter_procedural_analysis_of_modern_Android_apps_in_BackDroid__1_.pdf |
| _version_ |
1770575984049782784 |