Effective real-time android application auditing

Proceedings - IEEE Symposium on Security and Privacy

Volumn 2015-July, Issue , 2015, Pages 899-914

  Xia, Mingyuan ^a   Gong, Lu ^b   Lyu, Yuanhao ^b   Qi, Zhengwei ^b   Liu, Xue ^a  

^a MCGILL UNIVERSITY   (Canada)

^b SHANGHAI JIAO TONG UNIVERSITY   (China)

Author keywords

android; approximated execution; data leak; program analysis

Indexed keywords

ANDROID (OPERATING SYSTEM); APPLICATION PROGRAMS; COMMERCE; DATA FLOW ANALYSIS; MALWARE; STATIC ANALYSIS;

ANDROID; ANDROID APPLICATIONS; APPROXIMATED EXECUTION; DATA LEAK; MARKET OPERATORS; MOBILE APPLICATIONS; PROGRAM ANALYSIS; STATIC AND DYNAMIC ANALYSIS;

MOBILE SECURITY;

EID: 84945177621     PISSN: 10816011     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SP.2015.60     Document Type: Conference Paper

References (47)

1. M. C. Grace, W. Zhou, X. Jiang, and A.-R. Sadeghi, "Unsafe exposure analysis of mobile in-app advertisements," in Proceedings of the Fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks, ser. WISEC '12. New York, NY, USA: ACM, 2012, pp. 101-112.
2. W. Enck, D. Octeau, P. McDaniel, and S. Chaudhuri, "A study of android application security," in Proceedings of the 20th USENIX Conference on Security, ser. SEC'11. Berkeley, CA, USA: USENIX Association, 2011, pp. 21-21.
3. Z. Yang, M. Yang, Y. Zhang, G. Gu, P. Ning, and X. S. Wang, "Appintent: analyzing sensitive data transmission in android for privacy leakage detection," in Proceedings of the 2013 ACM Conference on Computer and Communications Security, ser. CCS '13. New York, NY, USA: ACM, 2013, pp. 1043-1054.
4. S. Arzt, S. Rasthofer, C. Fritz, E. Bodden, A. Bartel, J. Klein, Y. Le Traon, D. Octeau, and P. McDaniel, "Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps," in Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, ser. PLDI '14. New York, NY, USA: ACM, 2013, pp. 259-269.
5. M. Egele, C. Kruegel, E. Kirda, and G. Vigna, "Pios: Detecting privacy leaks in ios applications," in Proceedings of the 18th Network and Distributed System Security, ser. NDSS '11, 2011.
6. Y. Zhou and X. Jiang, "Detecting passive content leaks and pollution in android applications," in Proceedings of the 20th Network and Distributed System Security, ser. NDSS '13, 2013.
7. Y. Zhang, M. Yang, B. Xu, Z. Yang, G. Gu, P. Ning, X. S. Wang, and B. Zang, "Vetting undesirable behaviors in android apps with permission use analysis," in Proceedings of the 2013 ACM Conference on Computer and Communications Security, ser. CCS '13. New York, NY, USA: ACM, 2013, pp. 611-622.
8. W. Enck, P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. Mc-Daniel, and A. N. Sheth, "Taintdroid: an information-flow tracking system for realtime privacy monitoring on smart-phones," in Proceedings of the 9th USENIX Conference on Operating systems Design and Implementation, ser. OSDI'10. Berkeley, CA, USA: USENIX Association, 2010, pp. 1-6.
9. K. Ali and O. Lhoták, "Application-only call graph construction," in Proceedings of the 26th European Conference on Object-Oriented Programming, ser. ECOOP'12. Berlin, Heidelberg: Springer-Verlag, 2012, pp. 688-712.
10. "Android callbacks (flowdroid project)," https://github.com/secure-software-engineering/soot-infoflow-android/blob/develop/AndroidCallbacks.txt.
11. D. Song, D. Brumley, H. Yin, J. Caballero, I. Jager, M. G. Kang, Z. Liang, J. Newsome, P. Poosankam, and P. Saxena, "Bitblaze: A new approach to computer security via binary analysis," in Proceedings of the 4th International Conference on Information Systems Security, ser. ICISS '08. Berlin, Heidelberg: Springer-Verlag, 2008, pp. 1-25.
12. E. J. Schwartz, T. Avgerinos, and D. Brumley, "All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask)," in Proceedings of the 2010 IEEE Symposium on Security and Privacy, ser. SP '10. Washington, DC, USA: IEEE Computer Society, 2010, pp. 317-331.
13. G. Sarwar, O. Mehani, R. Boreli, and D. Kaafar, "On the effectiveness of dynamic taint analysis for protecting against private information leaks on android-based devices," in Proceedings of the 10th International Conference on Security and Cryptography, July 2013, pp. 461-467.
14. "Scrubdroid/antitaintdroid project," http://gsbabil.github.io/AntiTaintDroid/.
15. "dex2jar: Tools to work with android.dex and java.class files," https://code.google.com/p/dex2jar/.
16. "Xml apk parser," https://code.google.com/p/xml-apk-parser/.
17. "Android dynamic java virtual machine: Bytecode instruction set," https://source.android.com/devices/tech/dalvik/dalvik-bytecode.html.
18. "Droidbench, an open test suite for evaluating the effectiveness of taint-analysis," https://github.com/secure-software-engineering/DroidBench.
19. Y. Zhou and X. Jiang, "Dissecting android malware: Characterization and evolution," in Proceedings of the 2012 IEEE Symposium on Security and Privacy, ser. SP '12. Washington, DC, USA: IEEE Computer Society, 2012, pp. 95-109. [Online]. Available: http://dx.doi.org/10.1109/SP.2012.16
20. "Lookout mobile security," https://www.lookout.com/.
21. "Avg mobile security," http://www.avgmobilation.com/.
22. "Sophos security," http://www.sophos.com/en-us.aspx.
23. "Nviso apkscan," http://apkscan.nviso.be/.
24. "Semantec mobile security," http://www.symantec.com/mobile-security.
25. "Fortiguard virus encyclopedia," http://www.fortiguard.com/encyclopedia/.
26. "Trendlabs security intelligence blog," http://blog.trendmicro. com/trendlabs-security-intelligence/.
27. "An evaluation of the application verification service in android 4.2," http://www.cs.ncsu.edu/faculty/jiang/appverify/.
28. "Virustotal: Free online virus, malware and url scanner," https://www.virustotal.com/.
29. X. Jiang, "Security alert: New beanbot sms trojan discovered," http://www.csc.ncsu.edu/faculty/jiang/BeanBot/.
30. M. X. Lu Gong, "Beanbot analysis report," https://github.com/mingyuan-xia/AppAudit/wiki/BeanBot-analysis-report.
31. A. P. Felt, E. Chin, S. Hanna, D. Song, and D. Wagner, "Android permissions demystified," in Proceedings of the 18th ACM Conference on Computer and Communications Security, ser. CCS '11. New York, NY, USA: ACM, 2011, pp. 627-638.
32. "Free apps used to spy on millions of phones: Flashlight program can be used to secretly record location of phone and content of text messages," http://www.dailymail.co.uk/news/article-2808007/Free-apps-used-spy-millions-phones-Flashlight-program-used-secretly-record-location-phone-content-text-messages.html.
33. P. Pearce, A. P. Felt, G. Nunez, and D. Wagner, "Ad-droid: Privilege separation for applications and advertisers in android," in Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, ser. ASIACCS '12. New York, NY, USA: ACM, 2012, pp. 71-72.
34. S. Lee, E. L. Wong, D. Goel, M. Dahlin, and V. Shmatikov, "πbox: A platform for privacy-preserving apps," in Proceedings of the 10th USENIX Symposium on Networked Systems Design and Implementation, ser. NSDI '13, 2013, pp. 501-514.
35. X. Zhang, A. Ahlawat, and W. Du, "Aframe: Isolating advertisements from mobile applications in android," in Proceedings of the 29th Annual Computer Security Applications Conference, ser. ACSAC '13. New York, NY, USA: ACM, 2013, pp. 9-18.
36. G. Russello, A. B. Jimenez, H. Naderi, and W. van der Mark, "Firedroid: Hardening security in almost-stock android," in Proceedings of the 29th Annual Computer Security Applications Conference, ser. ACSAC '13. New York, NY, USA: ACM, 2013, pp. 319-328.
37. Y. Huang, P. Chapman, and D. Evans, "Privacy-preserving applications on smartphones," in Proceedings of the 6th USENIX Conference on Hot Topics in Security, ser. Hot-Sec'11. Berkeley, CA, USA: USENIX Association, 2011, pp. 4-4.
38. R. Xu, H. Säidi, and R. Anderson, "Aurasium: Practical policy enforcement for android applications," in Proceedings of the 21st USENIX Conference on Security Symposium, ser. SEC'12. Berkeley, CA, USA: USENIX Association, 2012, pp. 27-27.
39. S. Bugiel, S. Heuser, and A.-R. Sadeghi, "Flexible and finegrained mandatory access control on android for diverse security and privacy policies," in Proceedings of the 22Nd USENIX Conference on Security, ser. SEC'13. Berkeley, CA, USA: USENIX Association, 2013, pp. 131-146.
40. M. D. Ernst, "Static and dynamic analysis: Synergy and du-ality," in WODA 2003: ICSE Workshop on Dynamic Analysis, Portland, OR, May 9, 2003, pp. 24-27.
41. Y. Zhou, Z. Wang, W. Zhou, and X. Jiang, "Hey, you, get off of my market: Detecting malicious apps in official and alternative android markets," in Proceedings of the 19th Network and Distributed System Security, ser. NDSS '12, 2012.
42. W. Enck, M. Ongtang, and P. McDaniel, "On lightweight mobile phone application certification," in Proceedings of the 16th ACM Conference on Computer and Communications Security, ser. CCS '09. New York, NY, USA: ACM, 2009, pp. 235-245.
43. M. Grace, Y. Zhou, Q. Zhang, S. Zou, and X. Jiang, "Riskranker: scalable and accurate zero-day android malware detection," in Proceedings of the 10th International Conference on Mobile systems, Applications, and Services, ser. MobiSys '12. New York, NY, USA: ACM, 2012, pp. 281-294.
44. P. Hornyack, S. Han, J. Jung, S. Schechter, and D. Wetherall, "These aren't the droids you're looking for: Retrofitting android to protect data from imperious applications," in Proceedings of the 18th ACM Conference on Computer and Communications Security, ser. CCS '11. New York, NY, USA: ACM, 2011, pp. 639-652.
45. W. R. Bush, J. D. Pincus, and D. J. Sielaff, "A static analyzer for finding dynamic programming errors," Softw. Pract. Exper., vol. 30, no. 7, pp. 775-802, Jun. 2000.
46. K.-K. Ma, K. Y. Phang, J. S. Foster, and M. Hicks, "Directed symbolic execution," in Proceedings of the 18th International Conference on Static Analysis, ser. SAS'11. Berlin, Heidelberg: Springer-Verlag, 2011, pp. 95-111.
47. M. Gorbovitski, Y. A. Liu, S. D. Stoller, T. Rothamel, and T. K. Tekle, "Alias analysis for optimization of dynamic languages," in Proceedings of the 6th Symposium on Dynamic Languages, ser. DLS '10. New York, NY, USA: ACM, 2010, pp. 27-42.