TU Darmstadt / ULB / TUbiblio

Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps

Arzt, Steven ; Rasthofer, Siegfried ; Fritz, Christian ; Bodden, Eric ; Bartel, Alexandre ; Klein, Jacques ; Le Traon, Yves ; Octeau, Damien ; McDaniel, Patrick (2014)
Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps.
Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation. Edinburgh
Konferenzveröffentlichung, Bibliographie

Kurzbeschreibung (Abstract)

Today’s smartphones are a ubiquitous source of private and confidential data. At the same time, smartphone users are plagued by carelessly programmed apps that leak important data by accident, and by malicious apps that exploit their given privileges to copy such data intentionally. While existing static taint-analysis approaches have the potential of detecting such data leaks ahead of time, all approaches for Android use a number of coarse-grain approximations that can yield high numbers of missed leaks and false alarms.

In this work we thus present FLOWDROID, a novel and highly precise static taint analysis for Android applications. A precise model of Android’s lifecycle allows the analysis to properly handle callbacks invoked by the Android Framework, while context, flow, field and object-sensitivity allows the analysis to reduce the number of false alarms. Novel on-demand algorithms help FLOWDROID maintain high efficiency and precision at the same time.

We also propose DROIDBENCH, an open test suite for evaluating the effectiveness and accuracy of taint-analysis tools specifically for Android apps. As we show through a set of experiments using SecuriBench Micro, DROIDBENCH, and a set of well-known Android test applications, FLOWDROID finds a very high fraction of data leaks while keeping the rate of false positives low. On DROIDBENCH, FLOWDROID achieves 93% recall and 86% precision, greatly outperforming the commercial tools IBM AppScan Source and Fortify SCA. FLOWDROID successfully finds leaks in a subset of 500 apps from Google Play and about 1,000 malware apps from the VirusShare project.

Typ des Eintrags: Konferenzveröffentlichung
Erschienen: 2014
Autor(en): Arzt, Steven ; Rasthofer, Siegfried ; Fritz, Christian ; Bodden, Eric ; Bartel, Alexandre ; Klein, Jacques ; Le Traon, Yves ; Octeau, Damien ; McDaniel, Patrick
Art des Eintrags: Bibliographie
Titel: Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps
Sprache: Englisch
Publikationsjahr: 2014
Veranstaltungstitel: Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation
Veranstaltungsort: Edinburgh
Kurzbeschreibung (Abstract):

Today’s smartphones are a ubiquitous source of private and confidential data. At the same time, smartphone users are plagued by carelessly programmed apps that leak important data by accident, and by malicious apps that exploit their given privileges to copy such data intentionally. While existing static taint-analysis approaches have the potential of detecting such data leaks ahead of time, all approaches for Android use a number of coarse-grain approximations that can yield high numbers of missed leaks and false alarms.

In this work we thus present FLOWDROID, a novel and highly precise static taint analysis for Android applications. A precise model of Android’s lifecycle allows the analysis to properly handle callbacks invoked by the Android Framework, while context, flow, field and object-sensitivity allows the analysis to reduce the number of false alarms. Novel on-demand algorithms help FLOWDROID maintain high efficiency and precision at the same time.

We also propose DROIDBENCH, an open test suite for evaluating the effectiveness and accuracy of taint-analysis tools specifically for Android apps. As we show through a set of experiments using SecuriBench Micro, DROIDBENCH, and a set of well-known Android test applications, FLOWDROID finds a very high fraction of data leaks while keeping the rate of false positives low. On DROIDBENCH, FLOWDROID achieves 93% recall and 86% precision, greatly outperforming the commercial tools IBM AppScan Source and Fortify SCA. FLOWDROID successfully finds leaks in a subset of 500 apps from Google Play and about 1,000 malware apps from the VirusShare project.

Freie Schlagworte: FlowDroid, Android, Java, Taint Analysis, Lifecycle
Fachbereich(e)/-gebiet(e): LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Fachbereich Informatik > EC SPRIDE
20 Fachbereich Informatik > EC SPRIDE > Secure Software Engineering
Zentrale Einrichtungen
LOEWE
20 Fachbereich Informatik
LOEWE > LOEWE-Zentren
Hinterlegungsdatum: 24 Nov 2014 14:19
Letzte Änderung: 24 Nov 2014 14:19
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen