Android Application Analysis using Reverse Engineering Techniques and Taint-Aware Slicing
Syed Arshad and Ashwin Kumar. Article: Android Application Analysis using Reverse Engineering Techniques and Taint-Aware Slicing. IJCA Proceedings on International Conference on Information and Communication Technologies ICICT(4):5-8, October 2014. Full text available. BibTeX
@article{key:article,
author = {Syed Arshad and Ashwin Kumar},
title = {Article: Android Application Analysis using Reverse Engineering Techniques and Taint-Aware Slicing},
journal = {IJCA Proceedings on International Conference on Information and Communication Technologies},
year = {2014},
volume = {ICICT},
number = {4},
pages = {5-8},
month = {October},
note = {Full text available}
}
Abstract
Android is a victim of its own success, not just in the way it has attracted malicious attention, but in its very nature. One of the reasons the OS has succeeded in gaining market share so rapidly is that it is open source; it is essentially free for manufacturers to implement. Android platform provide only coarse-grained permissions to users with regard to how third party applications use sensitive private data. Malicious applications pose a threat to the security of the Android platform. The growing amount and diversity of these applications render conventional defenses largely ineffective and thus Android smartphones often remain unprotected from novel malware. In this paper, we propose AT2: "Android Taint Analysis Tool", a lightweight tool uses static method for analyzing Android applications (APKs) and generating a detailed report of the analysis performed. AT2 is a tool which performs a static analysis, gathering as many features of an application as possible. AT2 analyzes Smali code, a disassembled version of the DEX format used by Android's Java VM implementation. The provided application is sliced in order to perform data-flow analyses to backtrack parameters used by a given method. This helps to identify suspicious code regions in an automated way. Several other analysis techniques such as visualization of control flow graphs or identification of ad-related code is also possible.
References
- Researcher to demo hack for logging Android, iOS touchscreen movements - January 30, 2014
- http://www. scmagazine. com/researcher-to-demo-hack-for-logging-android-ios-touchscreen-movements/article/331894/
- Bytecode for the Dalvik VM, https://source. android. com/devices/tech/dalvik/dalvik-bytecode. html
- Your Apps Are Watching You - http://online. wsj. com/news/articles/SB10001424052748704694004576020083703574602
- Google Play - https://play. google. com/store?hl=en
- APKdownloads - http://www. apkdownloads. com
- The Effectiveness of Application Permissions - Usenix - www. usenix. org/event/webapps11/tech/final_files/Felt. pdf
- Yajin Zhou and Xuxian Jiang. Dissecting Android Malware: Characterization and Evolution. In Proceedings of the 2012 IEEE Symposium on Security and Privacy, SP '12, pages 95–109, Washington, DC, USA, 2012. IEEE Computer Society.
- F. E. Allen and J. Cocke. A program data flow analysis procedure. Commun. ACM, 19(3), Mar. 1976.
- L. D. Fosdick and L. J. Osterweil. Data flow analysis in software reliability. ACM Comput. Surv. , 8(3), Sept. 1976.
- H. Agrawal and J. R. Horgan. Dynamic Program Slicing. SIGPLAN Not. , 25(6), June 1990.
- W. Enck, D. Octeau, P. McDaniel, and S. Chaudhuri. A Study of Android Application Security. In USENIX Security Symposium, 2011
- G. Ramalingam. The undecidability of aliasing. ACM Trans. Program. Lang. Syst. , 16(5), Sept. 1994.
- Soot: a Java Optimization Framework - http://www. sable. mcgill. ca/soot/
- Highly Precise Taint Analysis for Android Applications 2013 - Christian Fritz, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves le Traon, Damien Octeau and Patrick McDaniel - Secure Software Engineering Group, EC SPRIDE,SnT, University of Luxembourg - Penn State University
- All You Ever Wanted to Know About - Dynamic Taint Analysis and Forward Symbolic Execution(but might have been afraid to ask) 2009 - Edward J. Schwartz, Thanassis Avgerinos, David Brumley - Carnegie Mellon University Pittsburgh, PA
- Moutaz Alazab, Veelasha Monsamy, Lynn Batten, Patrik Lantz, andRonghua Tian. Analysis of malicious and benign android applications. In Distributed Computing Systems Workshops (ICDCSW), 2012 32nd International Conference on, pages 608–616. IEEE, 2012.
- Glenn Ammons, Rastislav Bod´?k, and James R Larus. Mining specifications. In ACM Sigplan Notices, volume 37, pages 4–16. ACM, 2002.
- Sven Bugiel, Lucas Davi, Alexandra Dmitrienko, Thomas Fischer, andAhmad-Reza Sadeghi. Xmandroid: A new android evolution to mitigateprivilege escalation attacks. Technische Universit¨at Darmstadt, TechnicalReport TR-2011-04, 2011.
- Patrick PF Chan, Lucas CK Hui, and SM Yiu. Droidchecker: analyzingandroid applications for capability leak. In Proceedings of the fifth ACMconference on Security and Privacy in Wireless and Mobile Networks,pages 125–136. ACM, 2012.