Results 1-5 of 5.
((uid:50035256))

Bookmark and Share    
Full Text
Peer Reviewed
See detailOn The (In)Effectiveness of Static Logic Bomb Detector for Android Apps
Samhi, Jordan UL; Bartel, Alexandre UL

in IEEE Transactions on Dependable and Secure Computing (2021)

Android is present in more than 85% of mobile devices, making it a prime target for malware. Malicious code is becoming increasingly sophisticated and relies on logic bombs to hide itself from dynamic ... [more ▼]

Android is present in more than 85% of mobile devices, making it a prime target for malware. Malicious code is becoming increasingly sophisticated and relies on logic bombs to hide itself from dynamic analysis. In this paper, we perform a large scale study of TSO PEN, our open-source implementation of the state-of-the-art static logic bomb scanner T RIGGER S COPE, on more than 500k Android applications. Results indicate that the approach scales. Moreover, we investigate the discrepancies and show that the approach can reach a very low false-positive rate, 0.3%, but at a particular cost, e.g., removing 90% of sensitive methods. Therefore, it might not be realistic to rely on such an approach to automatically detect all logic bombs in large datasets. However, it could be used to speed up the location of malicious code, for instance, while reverse engineering applications. We also present T RIGDB a database of 68 Android applications containing trigger-based behavior as a ground-truth to the research community. [less ▲]

Detailed reference viewed: 26 (0 UL)
Peer Reviewed
See detailLes dangers de pastebin
Samhi, Jordan UL; Bissyande, Tegawendé François D Assise UL; Klein, Jacques UL

Article for general public (2021)

Detailed reference viewed: 67 (8 UL)
Full Text
Peer Reviewed
See detailRAICC: Revealing Atypical Inter-Component Communication in Android Apps
Samhi, Jordan UL; Bartel, Alexandre UL; Bissyande, Tegawendé François D Assise UL et al

in Samhi, Jordan; Bartel, Alexandre; Bissyande, Tegawendé François D Assise (Eds.) et al 43rd International Conference on Software Engineering (ICSE) (2021, May)

Inter-Component Communication (ICC) is a key mechanism in Android. It enables developers to compose rich functionalities and explore reuse within and across apps. Unfortunately, as reported by a large ... [more ▼]

Inter-Component Communication (ICC) is a key mechanism in Android. It enables developers to compose rich functionalities and explore reuse within and across apps. Unfortunately, as reported by a large body of literature, ICC is rather "complex and largely unconstrained", leaving room to a lack of precision in apps modeling. To address the challenge of tracking ICCs within apps, state of the art static approaches such as Epicc, IccTA and Amandroid have focused on the documented framework ICC methods (e.g., startActivity) to build their approaches. In this work we show that ICC models inferred in these state of the art tools may actually be incomplete: the framework provides other atypical ways of performing ICCs. To address this limitation in the state of the art, we propose RAICC a static approach for modeling new ICC links and thus boosting previous analysis tasks such as ICC vulnerability detection, privacy leaks detection, malware detection, etc. We have evaluated RAICC on 20 benchmark apps, demonstrating that it improves the precision and recall of uncovered leaks in state of the art tools. We have also performed a large empirical investigation showing that Atypical ICC methods are largely used in Android apps, although not necessarily for data transfer. We also show that RAICC increases the number of ICC links found by 61.6% on a dataset of real-world malicious apps, and that RAICC enables the detection of new ICC vulnerabilities. [less ▲]

Detailed reference viewed: 88 (16 UL)
Full Text
Peer Reviewed
See detailA First Look at Android Applications in Google Play related to Covid-19
Samhi, Jordan UL; Allix, Kevin UL; Bissyande, Tegawendé François D Assise UL et al

in Empirical Software Engineering (2021)

Due to the convenience of access-on-demand to information and business solutions, mobile apps have become an important asset in the digital world. In the context of the Covid-19 pandemic, app developers ... [more ▼]

Due to the convenience of access-on-demand to information and business solutions, mobile apps have become an important asset in the digital world. In the context of the Covid-19 pandemic, app developers have joined the response effort in various ways by releasing apps that target different user bases (e.g., all citizens or journalists), offer different services (e.g., location tracking or diagnostic-aid), provide generic or specialized information, etc. While many apps have raised some concerns by spreading misinformation or even malware, the literature does not yet provide a clear landscape of the different apps that were developed. In this study, we focus on the Android ecosystem and investigate Covid-related Android apps. In a best-effort scenario, we attempt to systematically identify all relevant apps and study their characteristics with the objective to provide a First taxonomy of Covid related apps, broadening the relevance beyond the implementation of contact tracing. Overall, our study yields a number of empirical insights that contribute to enlarge the knowledge on Covid-related apps: (1) Developer communities contributed rapidly to the Covid-19, with dedicated apps released as early as January 2020; (2) Covid-related apps deliver digital tools to users (e.g., health diaries), serve to broadcast information to users (e.g., spread statistics), and collect data from users (e.g., for tracing); (3) Covid-related apps are less complex than standard apps; (4) they generally do not seem to leak sensitive data; (5) in the majority of cases, Covid-related apps are released by entities with past experience on the market, mostly official government entities or public health organizations. [less ▲]

Detailed reference viewed: 77 (27 UL)
Peer Reviewed
See detailDésamorcer des bombes logiques
Samhi, Jordan UL; Bartel, Alexandre UL

Article for general public (2020)

Detailed reference viewed: 52 (16 UL)