Abstract
Android developers heavily use reflection in their apps for legitimate reasons, but also significantly for hiding malicious actions. Unfortunately, current state-of-the-art static analysis tools for Android are challenged by the presence of reflective calls which they usually ignore. Thus, the results of their security analysis, e.g., for private data leaks, are inconsistent given the measures taken by malware writers to elude static detection. We propose the DroidRA instrumentation-based approach to address this issue in a non-invasive way. With DroidRA, we reduce the resolution of reflective calls to a composite constant propagation problem. We leverage the COAL solver to infer the values of reflection targets and app, and we eventually instrument this app to include the corresponding traditional Java call for each reflective call. Our approach allows to boost an app so that it can be immediately analyzable, including by such static analyzers that were not reflection-aware. We evaluate DroidRA on benchmark apps as well as on real-world apps, and demonstrate that it can allow state-of-the-art tools to provide more sound and complete analysis results.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 25th International Symposium on Software Testing and Analysis |
| Editors | Andreas Zeller, Abhik Roychoudhury |
| Place of Publication | New York NY USA |
| Publisher | Association for Computing Machinery (ACM) |
| Pages | 318-329 |
| Number of pages | 12 |
| ISBN (Electronic) | 9781450343909 |
| DOIs | |
| Publication status | Published - 2016 |
| Externally published | Yes |
| Event | International Symposium on Software Testing and Analysis 2016 - Saarbrucken, Germany Duration: 18 Jul 2016 → 20 Jul 2016 Conference number: 25th http://issta2016.cispa.saarland/ |
Conference
| Conference | International Symposium on Software Testing and Analysis 2016 |
|---|---|
| Abbreviated title | ISSTA 2016 |
| Country | Germany |
| City | Saarbrucken |
| Period | 18/07/16 → 20/07/16 |
| Internet address |
Keywords
- Android
- DroidRA
- Reflection
- Static analysis
Cite this
}
DroidRA : taming reflection to support whole-program analysis of Android apps. / Li, Li; Bissyandé, Tegawendé F.; Octeau, Damien; Klein, Jacques.
Proceedings of the 25th International Symposium on Software Testing and Analysis. ed. / Andreas Zeller; Abhik Roychoudhury. New York NY USA : Association for Computing Machinery (ACM), 2016. p. 318-329.Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review
TY - GEN
T1 - DroidRA
T2 - taming reflection to support whole-program analysis of Android apps
AU - Li, Li
AU - Bissyandé, Tegawendé F.
AU - Octeau, Damien
AU - Klein, Jacques
PY - 2016
Y1 - 2016
N2 - Android developers heavily use reflection in their apps for legitimate reasons, but also significantly for hiding malicious actions. Unfortunately, current state-of-the-art static analysis tools for Android are challenged by the presence of reflective calls which they usually ignore. Thus, the results of their security analysis, e.g., for private data leaks, are inconsistent given the measures taken by malware writers to elude static detection. We propose the DroidRA instrumentation-based approach to address this issue in a non-invasive way. With DroidRA, we reduce the resolution of reflective calls to a composite constant propagation problem. We leverage the COAL solver to infer the values of reflection targets and app, and we eventually instrument this app to include the corresponding traditional Java call for each reflective call. Our approach allows to boost an app so that it can be immediately analyzable, including by such static analyzers that were not reflection-aware. We evaluate DroidRA on benchmark apps as well as on real-world apps, and demonstrate that it can allow state-of-the-art tools to provide more sound and complete analysis results.
AB - Android developers heavily use reflection in their apps for legitimate reasons, but also significantly for hiding malicious actions. Unfortunately, current state-of-the-art static analysis tools for Android are challenged by the presence of reflective calls which they usually ignore. Thus, the results of their security analysis, e.g., for private data leaks, are inconsistent given the measures taken by malware writers to elude static detection. We propose the DroidRA instrumentation-based approach to address this issue in a non-invasive way. With DroidRA, we reduce the resolution of reflective calls to a composite constant propagation problem. We leverage the COAL solver to infer the values of reflection targets and app, and we eventually instrument this app to include the corresponding traditional Java call for each reflective call. Our approach allows to boost an app so that it can be immediately analyzable, including by such static analyzers that were not reflection-aware. We evaluate DroidRA on benchmark apps as well as on real-world apps, and demonstrate that it can allow state-of-the-art tools to provide more sound and complete analysis results.
KW - Android
KW - DroidRA
KW - Reflection
KW - Static analysis
UR - http://www.scopus.com/inward/record.url?scp=84984868148&partnerID=8YFLogxK
U2 - 10.1145/2931037.2931044
DO - 10.1145/2931037.2931044
M3 - Conference Paper
AN - SCOPUS:84984868148
SP - 318
EP - 329
BT - Proceedings of the 25th International Symposium on Software Testing and Analysis
A2 - Zeller, Andreas
A2 - Roychoudhury, Abhik
PB - Association for Computing Machinery (ACM)
CY - New York NY USA
ER -