μDep: Mutation-based Dependency Generation for Precise Taint Analysis on Android Native Code

arxiv(2022)

引用 1|浏览20
暂无评分
摘要
The existence of native code in Android apps plays an essential role in triggering inconspicuous propagation of secrets and circumventing malware detection. However, the stateof-the-art information-flow analysis tools for Android apps all have limited capabilities of analyzing native code. Due to the complexity of binary-level static analysis, most static analyzers choose to build conservative models for a selected portion of native code. Though the recent inter-language analysis improves the capability of tracking information flow in native code, it is still far from attaining similar effectiveness of the state-ofthe-art information-flow analyzers that focus on non-native Java methods. To overcome the above constraints, we propose a new analysis framework, i.e., μDep, to detect sensitive information flows of the Android apps containing native code. In this framework, we combine a control-flow-based static binary analysis with a mutation-based dynamic analysis to model the tainting behaviors of native code in the apps. Based on the result of the analyses, μDep conducts a stub generation for the related native functions to facilitate the state-of-the-art analyzer, i.e., DroidSafe, with fine-grained tainting behavior summaries of native code. The experimental results show that our framework is competitive on the accuracy and effective in analyzing the information flows in real-world apps and malware compared with the state-of-the-art inter-language static analysis.
更多
查看译文
关键词
Android,information flow analysis,java native interface,static analysis
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要