Paper published in a book (Scientific congresses, symposiums and conference proceedings)
JuCify: A Step Towards Android Code Unification for Enhanced Static Analysis
SAMHI, Jordan; GAO, Jun; DAOUDI, Nadia et al.
2022In 44th International Conference on Software Engineering (ICSE 2022)
Peer reviewed
 

Files


Full Text
jucify_preprint.pdf
Author preprint (618.14 kB)
Download

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
Static Analysis; Android Security; Android code unification
Abstract :
[en] Native code is now commonplace within Android app packages where it co-exists and interacts with Dex bytecode through the Java Native Interface to deliver rich app functionalities. Yet, state-of-the-art static analysis approaches have mostly overlooked the presence of such native code, which, however, may implement some key sensitive, or even malicious, parts of the app behavior. This limitation of the state of the art is a severe threat to validity in a large range of static analyses that do not have a complete view of the executable code in apps. To address this issue, we propose a new advance in the ambitious research direction of building a unified model of all code in Android apps. The JuCify approach presented in this paper is a significant step towards such a model, where we extract and merge call graphs of native code and bytecode to make the final model readily-usable by a common Android analysis framework: in our implementation, JuCify builds on the Soot internal intermediate representation. We performed empirical investigations to highlight how, without the unified model, a significant amount of Java methods called from the native code are ``unreachable'' in apps' call-graphs, both in goodware and malware. Using JuCify, we were able to enable static analyzers to reveal cases where malware relied on native code to hide invocation of payment library code or of other sensitive code in the Android framework. Additionally, JuCify's model enables state-of-the-art tools to achieve better precision and recall in detecting data leaks through native code. Finally, we show that by using JuCify we can find sensitive data leaks that pass through native code.
Research center :
Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Trustworthy Software Engineering (TruX)
Disciplines :
Computer science
Author, co-author :
SAMHI, Jordan  ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > TruX
GAO, Jun ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > TruX
DAOUDI, Nadia ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > TruX
Graux, Pierre;  University of Lille
Hoyez, Henri;  Technische Universität Kaiserslautern
Sun, Xiaoyu;  Monash University
ALLIX, Kevin ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > TruX
BISSYANDE, Tegawendé François D Assise  ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > TruX
KLEIN, Jacques  ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > TruX
External co-authors :
yes
Language :
English
Title :
JuCify: A Step Towards Android Code Unification for Enhanced Static Analysis
Publication date :
21 May 2022
Event name :
44th International Conference on Software Engineering (ICSE 2022)
Event place :
Pittsburgh, United States
Event date :
from 21-05-2022 to 29-05-2022
Audience :
International
Main work title :
44th International Conference on Software Engineering (ICSE 2022)
Peer reviewed :
Peer reviewed
Focus Area :
Security, Reliability and Trust
FnR Project :
FNR14596679 - Dissecting Android Applications Using Static Analysis, 2020 (01/03/2020-31/10/2023) - Jordan Samhi
Funders :
FNR - Fonds National de la Recherche
Available on ORBilu :
since 04 January 2022

Statistics


Number of views
225 (36 by Unilu)
Number of downloads
83 (9 by Unilu)

Scopus citations®
 
27
Scopus citations®
without self-citations
19
OpenCitations
 
2
OpenAlex citations
 
25

Bibliography


Similar publications



Contact ORBilu