DroidRA: taming reflection to support whole-program analysis of Android apps

Li Li; Tegawendé F. Bissyandé; Damien Octeau; Jacques Klein

doi:10.1145/2931037.2931044

DroidRA: taming reflection to support whole-program analysis of Android apps

Li Li, Tegawendé F. Bissyandé, Damien Octeau, Jacques Klein

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

79 Citations (Scopus)

Abstract

Android developers heavily use reflection in their apps for legitimate reasons, but also significantly for hiding malicious actions. Unfortunately, current state-of-the-art static analysis tools for Android are challenged by the presence of reflective calls which they usually ignore. Thus, the results of their security analysis, e.g., for private data leaks, are inconsistent given the measures taken by malware writers to elude static detection. We propose the DroidRA instrumentation-based approach to address this issue in a non-invasive way. With DroidRA, we reduce the resolution of reflective calls to a composite constant propagation problem. We leverage the COAL solver to infer the values of reflection targets and app, and we eventually instrument this app to include the corresponding traditional Java call for each reflective call. Our approach allows to boost an app so that it can be immediately analyzable, including by such static analyzers that were not reflection-aware. We evaluate DroidRA on benchmark apps as well as on real-world apps, and demonstrate that it can allow state-of-the-art tools to provide more sound and complete analysis results.

Original language	English
Title of host publication	Proceedings of the 25th International Symposium on Software Testing and Analysis
Editors	Andreas Zeller, Abhik Roychoudhury
Place of Publication	New York NY USA
Publisher	Association for Computing Machinery (ACM)
Pages	318-329
Number of pages	12
ISBN (Electronic)	9781450343909
DOIs	https://doi.org/10.1145/2931037.2931044
Publication status	Published - 2016
Externally published	Yes
Event	International Symposium on Software Testing and Analysis 2016 - Saarbrucken, Germany Duration: 18 Jul 2016 → 20 Jul 2016 Conference number: 25th http://issta2016.cispa.saarland/

Conference

Conference	International Symposium on Software Testing and Analysis 2016
Abbreviated title	ISSTA 2016
Country	Germany
City	Saarbrucken
Period	18/07/16 → 20/07/16
Internet address	http://issta2016.cispa.saarland/

Keywords

Android
DroidRA
Reflection
Static analysis

Access to Document

10.1145/2931037.2931044

Link to publication in Scopus

Cite this

@inproceedings{73e470a921eb42e588ad4bcfa32e25df,

title = "DroidRA: taming reflection to support whole-program analysis of Android apps",

abstract = "Android developers heavily use reflection in their apps for legitimate reasons, but also significantly for hiding malicious actions. Unfortunately, current state-of-the-art static analysis tools for Android are challenged by the presence of reflective calls which they usually ignore. Thus, the results of their security analysis, e.g., for private data leaks, are inconsistent given the measures taken by malware writers to elude static detection. We propose the DroidRA instrumentation-based approach to address this issue in a non-invasive way. With DroidRA, we reduce the resolution of reflective calls to a composite constant propagation problem. We leverage the COAL solver to infer the values of reflection targets and app, and we eventually instrument this app to include the corresponding traditional Java call for each reflective call. Our approach allows to boost an app so that it can be immediately analyzable, including by such static analyzers that were not reflection-aware. We evaluate DroidRA on benchmark apps as well as on real-world apps, and demonstrate that it can allow state-of-the-art tools to provide more sound and complete analysis results.",

keywords = "Android, DroidRA, Reflection, Static analysis",

author = "Li Li and Bissyand{\'e}, {Tegawend{\'e} F.} and Damien Octeau and Jacques Klein",

year = "2016",

doi = "10.1145/2931037.2931044",

language = "English",

pages = "318--329",

editor = "Zeller, {Andreas } and Abhik Roychoudhury",

booktitle = "Proceedings of the 25th International Symposium on Software Testing and Analysis",

publisher = "Association for Computing Machinery (ACM)",

address = "United States of America",

note = "International Symposium on Software Testing and Analysis 2016, ISSTA 2016 ; Conference date: 18-07-2016 Through 20-07-2016",

url = "http://issta2016.cispa.saarland/",

}

Li, L, Bissyandé, TF, Octeau, D & Klein, J 2016, DroidRA: taming reflection to support whole-program analysis of Android apps. in A Zeller & A Roychoudhury (eds), Proceedings of the 25th International Symposium on Software Testing and Analysis. Association for Computing Machinery (ACM), New York NY USA, pp. 318-329, International Symposium on Software Testing and Analysis 2016, Saarbrucken, Germany, 18/07/16. https://doi.org/10.1145/2931037.2931044

DroidRA : taming reflection to support whole-program analysis of Android apps. / Li, Li; Bissyandé, Tegawendé F.; Octeau, Damien; Klein, Jacques.

Proceedings of the 25th International Symposium on Software Testing and Analysis. ed. / Andreas Zeller; Abhik Roychoudhury. New York NY USA : Association for Computing Machinery (ACM), 2016. p. 318-329.

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

TY - GEN

T1 - DroidRA

T2 - International Symposium on Software Testing and Analysis 2016

AU - Li, Li

AU - Bissyandé, Tegawendé F.

AU - Octeau, Damien

AU - Klein, Jacques

N1 - Conference code: 25th

PY - 2016

Y1 - 2016

N2 - Android developers heavily use reflection in their apps for legitimate reasons, but also significantly for hiding malicious actions. Unfortunately, current state-of-the-art static analysis tools for Android are challenged by the presence of reflective calls which they usually ignore. Thus, the results of their security analysis, e.g., for private data leaks, are inconsistent given the measures taken by malware writers to elude static detection. We propose the DroidRA instrumentation-based approach to address this issue in a non-invasive way. With DroidRA, we reduce the resolution of reflective calls to a composite constant propagation problem. We leverage the COAL solver to infer the values of reflection targets and app, and we eventually instrument this app to include the corresponding traditional Java call for each reflective call. Our approach allows to boost an app so that it can be immediately analyzable, including by such static analyzers that were not reflection-aware. We evaluate DroidRA on benchmark apps as well as on real-world apps, and demonstrate that it can allow state-of-the-art tools to provide more sound and complete analysis results.

AB - Android developers heavily use reflection in their apps for legitimate reasons, but also significantly for hiding malicious actions. Unfortunately, current state-of-the-art static analysis tools for Android are challenged by the presence of reflective calls which they usually ignore. Thus, the results of their security analysis, e.g., for private data leaks, are inconsistent given the measures taken by malware writers to elude static detection. We propose the DroidRA instrumentation-based approach to address this issue in a non-invasive way. With DroidRA, we reduce the resolution of reflective calls to a composite constant propagation problem. We leverage the COAL solver to infer the values of reflection targets and app, and we eventually instrument this app to include the corresponding traditional Java call for each reflective call. Our approach allows to boost an app so that it can be immediately analyzable, including by such static analyzers that were not reflection-aware. We evaluate DroidRA on benchmark apps as well as on real-world apps, and demonstrate that it can allow state-of-the-art tools to provide more sound and complete analysis results.

KW - Android

KW - DroidRA

KW - Reflection

KW - Static analysis

UR - http://www.scopus.com/inward/record.url?scp=84984868148&partnerID=8YFLogxK

U2 - 10.1145/2931037.2931044

DO - 10.1145/2931037.2931044

M3 - Conference Paper

AN - SCOPUS:84984868148

SP - 318

EP - 329

BT - Proceedings of the 25th International Symposium on Software Testing and Analysis

A2 - Zeller, Andreas

A2 - Roychoudhury, Abhik

PB - Association for Computing Machinery (ACM)

CY - New York NY USA

Y2 - 18 July 2016 through 20 July 2016

ER -