How does visualisation help app practitioners analyse Android apps?

Lihong Tang, Tingmin Wu, Xiao Chen, Sheng Wen, Li Li, Xin Xia, Marthie Grobler, Yang Xiang

Research output: Contribution to journalArticleResearchpeer-review

Abstract

Behaviour analysis is essential for the security verification of suspicious Android applications, but analysts are usually faced with a huge obstacle when conducting the app behaviour analysis. They are expected to have comprehensive knowledge of different IT fields and a strong awareness of cyber threats. However, training a new security analyst typically requires a significant amount of time and can be extremely costly. Although there are tools available to assist analysts in studying Android behaviour and security, the completion of this task still heavily relies on the experience of the analysts. To address this problem, we recognise visualisation as a promising method and conduct a series of controlled experiments to demonstrate its effectiveness in the context of Android app behaviour and security analysis. We accordingly develop a visualisation tool based on apps' call graphs (CG) (named VisualDroid) and conduct an experiment and a follow-up interview. Compared to existing solutions, the results suggest that the CG-based visualisation solution (VisualDroid) can lower the barriers to Android behaviour and security analysis. The user study reveals that the platform includes CG-based visualisation components leads to a statistically significant improvement in Android behaviour analysis and security awareness. More specifically, it improves APK Analyzer, JD-GUI, JD-GUI+FlowDroid by 71.4%, 35.7%, and 39.2% in terms of the effectiveness of behaviour analysis. Participants who use VisualDroid also show improvements in the aspect of security awareness with an increase of 155% against APK Analyzer, 96% against JD-GUI, and 59.3% JD-GUI+FlowDroid.

Original languageEnglish
Pages (from-to)2238-2255
Number of pages18
JournalIEEE Transactions on Dependable and Secure Computing
Volume20
Issue number3
DOIs
Publication statusPublished - 1 May 2023

Keywords

  • Android
  • application comprehension
  • human-computer interaction
  • visualisation

Cite this