POSTER: Detection of Information Leaks via Reflection in Android Apps

Gajrani, Jyoti; Li, Li; Laxmi, Vijay; Tripathi, Meenakshi; Singh Gaur, Manoj; Conti, Mauro

Request a copy

Paper published in a book (Scientific congresses, symposiums and conference proceedings)

POSTER: Detection of Information Leaks via Reflection in Android Apps

Gajrani, Jyoti; Li, Li; Laxmi, Vijay et al.

2017 • In The 2017 ACM on Asia Conference on Computer and Communications Security (AsiaCCS 2017)

Peer reviewed

Permalink
https://hdl.handle.net/10993/31609

Files (1)Send to Details Statistics Bibliography Similar publications

Files

Full Text

gajrani2017poster.pdf

Publisher postprint (630.92 kB)

Request a copy

All documents in ORBilu are protected by a user license.

Send to

RIS BibTex APA Chicago Permalink X Linkedin

Details

Abstract :

[en] Reflection is a language feature which allows to analyze and transform the behavior of classes at the runtime. Reflection is used for software debugging and testing. Malware authors can leverage reflection to subvert the malware detection by static analyzers. Reflection initializes the class, invokes any method of class, or accesses any field of class. But, instead of utilizing usual programming language syntax, reflection passes classes/methods etc. as parameters to reflective APIs. As a consequence, these parameters can be constructed dynamically or can be encrypted by malware. These cannot be detected by state-of-the-art static tools. We propose EspyDroid, a system that combines dynamic analysis with code instrumentation for a more precise and automated detection of malware employing reflection. We evaluate EspyDroid on 28 benchmark apps employing major reflection categories. Our technique show improved results over FlowDroid via detection of additional undetected flows. These flows have potential to leak sensitive and private information of the users, through various sinks.

Disciplines :

Computer science

Author, co-author :

Gajrani, Jyoti

Li, Li ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

Laxmi, Vijay

Tripathi, Meenakshi

Singh Gaur, Manoj

Conti, Mauro

External co-authors :

yes

Language :

English

Title :

POSTER: Detection of Information Leaks via Reflection in Android Apps

Publication date :

2017

Event name :

The 2017 ACM on Asia Conference on Computer and Communications Security (AsiaCCS 2017)

Event date :

from 02-04-2017 to 06-04-2017

Audience :

International

Main work title :

The 2017 ACM on Asia Conference on Computer and Communications Security (AsiaCCS 2017)

Peer reviewed :

Peer reviewed

Available on ORBilu :

since 04 July 2017

Statistics

Number of views

97 (6 by Unilu)

Number of downloads

1 (1 by Unilu)

More statistics

Scopus citations^®

Scopus citations^®
without self-citations

Bibliography

APIMonitor. https://code.google.com/archive/p/droidbox/wikis/APIMonitor.wiki.
DroidBench. https://github.com/secure-software-engineering/DroidBench/tree/develop.
Robotium. https://github.com/RobotiumTech/robotium.
The soot framework for java program analysis: A retrospective. In Cetus Users and Compiler Infastructure Workshop (CETUS 2011), 2011.
S. Arzt et al. Flowdroid: Precise context, ow, field, object-sensitive and lifecycle-aware taint analysis for android apps. ACM SIGPLAN Notices, 2014.
P. Faruki et al. Android security: A survey of issues, malware penetration, and defenses. IEEE Communications Surveys & Tutorials, 17(2), 2015.
J. Gajrani et al. spectra: A precise framework for analyzing cryptographic vulnerabilities in android apps. In to be published in 2017 14th IEEE Annual Consumer Communications & Networking Conference (CCNC). IEEE, 2017.
L. Li et al. Droidra: Taming reection to support whole-program analysis of android apps. In Proceedings of the 25th International Symposium on Software Testing and Analysis. ACM, 2016.
M. Lindorfer et al. Andrubis -A tool for analyzing unknown android applications. 2014.
D. Octeau et al. Effective inter-component communication mapping in android: An essential step towards holistic security analysis. In Presented as part of the 22nd USENIX Security Symposium (USENIX Security 13), 2013.