Reference : Taming Reflection: An Essential Step Toward Whole-program Analysis of Android Apps
Scientific journals : Article
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/49407
Taming Reflection: An Essential Step Toward Whole-program Analysis of Android Apps
English
Sun, Xiaoyu []
Li, Li []
Bissyande, Tegawendé François D Assise mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > TruX >]
Klein, Jacques mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > TruX >]
Octeau, Damien []
Grundy, John C. []
Jul-2021
ACM Transactions on Software Engineering and Methodology
Association for Computing Machinery (ACM)
30
3
1-36
Yes
International
1049-331X
United States
[en] Android ; static analysis ; reflection
[en] Android developers heavily use reflection in their apps for legitimate reasons. However, reflection is also significantly used for hiding malicious actions. Unfortunately, current state-of-the-art static analysis tools for Android are challenged by the presence of reflective calls which they usually ignore. Thus, the results of their security analysis, e.g., for private data leaks, are incomplete, given the measures taken by malware writers to elude static detection. We propose a new instrumentation-based approach to address this issue in a non-invasive way. Specifically, we introduce to the community a prototype tool called DroidRA, which reduces the resolution of reflective calls to a composite constant propagation problem and then leverages the COAL solver to infer the values of reflection targets. After that, it automatically instruments the app to replace reflective calls with their corresponding Java calls in a traditional paradigm. Our approach augments an app so that it can be more effectively statically analyzable, including by such static analyzers that are not reflection-aware. We evaluate DroidRA on benchmark apps as well as on real-world apps, and demonstrate that it can indeed infer the target values of reflective calls and subsequently allow state-of-the-art tools to provide more sound and complete analysis results.
Researchers ; General public
http://hdl.handle.net/10993/49407
10.1145/3440033
https://dl.acm.org/doi/10.1145/3440033
H2020 ; 830892 - SPARTA
FnR ; FNR11693861 > Jacques Klein > CHARACTERIZE > Characterization Of Malicious Code In Mobile Apps: Towards Accurate And Explainable Malware Detection > 01/06/2018 > 31/12/2021 > 2017

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
DroidRA.pdfPublisher postprint1.09 MBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.