TU Darmstadt / ULB / TUbiblio

Interprocedural Graph-based Object Usage Model Generation for Detecting Anomalous Usage of Cryptographic APIs

Benz, Manuel :
Interprocedural Graph-based Object Usage Model Generation for Detecting Anomalous Usage of Cryptographic APIs.
Technische Universität Darmstadt
[Masterarbeit], (2016)

Kurzbeschreibung (Abstract)

Security of modern applications is oftentimes flawed due to incorrect usage of cryptographic APIs. Re- searchers have shown that such incorrect usages can automatically be identified using graph-based ap- proaches to detect API usage anomalies. However, these approaches suffer from large amounts of false positives. We have conducted experiments that aim at detecting such API usage anomalies in Android applications utilizing the Java Cryptography Extension (JCE). After manual investigation, we were able to identify 70% of the detected anomalies as false positives caused by the intraprocedural nature of the graph model. This thesis proposes an approach for generating interprocedural graph models of library usage by inlining method calls on the graph level. For this purpose, an augmentation of the previous model that carries necessary information for the inlining process is presented. Furthermore, several heuristics which allow for fine-grained selection of methods that should be inlined are introduced and evaluated. Our experiments on 50 Android applications utilizing the JCE show that the interprocedural model yields a reduction of those false positives by up to 42.86% with an overall reduction of detected anomalies by 30.37%.

Typ des Eintrags: Masterarbeit
Erschienen: 2016
Autor(en): Benz, Manuel
Titel: Interprocedural Graph-based Object Usage Model Generation for Detecting Anomalous Usage of Cryptographic APIs
Sprache: Englisch
Kurzbeschreibung (Abstract):

Security of modern applications is oftentimes flawed due to incorrect usage of cryptographic APIs. Re- searchers have shown that such incorrect usages can automatically be identified using graph-based ap- proaches to detect API usage anomalies. However, these approaches suffer from large amounts of false positives. We have conducted experiments that aim at detecting such API usage anomalies in Android applications utilizing the Java Cryptography Extension (JCE). After manual investigation, we were able to identify 70% of the detected anomalies as false positives caused by the intraprocedural nature of the graph model. This thesis proposes an approach for generating interprocedural graph models of library usage by inlining method calls on the graph level. For this purpose, an augmentation of the previous model that carries necessary information for the inlining process is presented. Furthermore, several heuristics which allow for fine-grained selection of methods that should be inlined are introduced and evaluated. Our experiments on 50 Android applications utilizing the JCE show that the interprocedural model yields a reduction of those false positives by up to 42.86% with an overall reduction of detected anomalies by 30.37%.

Fachbereich(e)/-gebiet(e): 20 Fachbereich Informatik
20 Fachbereich Informatik > Softwaretechnik
Hinterlegungsdatum: 18 Apr 2017 08:42
Gutachter / Prüfer: Mezini, Prof. Dr. Mira
Export:

Optionen (nur für Redakteure)

Eintrag anzeigen Eintrag anzeigen