Amandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps

Authors:
Fengguo Wei

University of South Florida, Tampa, FL

University of South Florida, Tampa, FL
View Profile

,
Sankardas Roy

Bowling Green State University, Bowling Green, OH

Bowling Green State University, Bowling Green, OH
View Profile

,
Xinming Ou

University of South Florida, Tampa, FL

University of South Florida, Tampa, FL
View Profile

,
Robby

Kansas State University, Manhattan, KS

Kansas State University, Manhattan, KS
View Profile

Authors Info & Claims

ACM Transactions on Privacy and Security Volume 21 Issue 3Article No.: 14pp 1–32https://doi.org/10.1145/3183575

Published:16 April 2018Publication History

ACM Transactions on Privacy and Security

Abstract

We present a new approach to static analysis for security vetting of Android apps and a general framework called Amandroid. Amandroid determines points-to information for all objects in an Android app component in a flow and context-sensitive (user-configurable) way and performs data flow and data dependence analysis for the component. Amandroid also tracks inter-component communication activities. It can stitch the component-level information into the app-level information to perform intra-app or inter-app analysis. In this article, (a) we show that the aforementioned type of comprehensive app analysis is completely feasible in terms of computing resources with modern hardware, (b) we demonstrate that one can easily leverage the results from this general analysis to build various types of specialized security analyses—in many cases the amount of additional coding needed is around 100 lines of code, and (c) the result of those specialized analyses leveraging Amandroid is at least on par and often exceeds prior works designed for the specific problems, which we demonstrate by comparing Amandroid’s results with those of prior works whenever we can obtain the executable of those tools. Since Amandroid’s analysis directly handles inter-component control and data flows, it can be used to address security problems that result from interactions among multiple components from either the same or different apps. Amandroid’s analysis is sound in that it can provide assurance of the absence of the specified security problems in an app with well-specified and reasonable assumptions on Android runtime system and its library.

References

Google. 2017. Android documentation: Intent and intent filter. Retrieved from http://developer.android.com/guide/components/intents-filters.html.Google Scholar
akka. 2016. Actors. Retrieved from http://wala.sourceforge.net/wiki/index.php/UserGuide:CallGraph.Google Scholar
Kevin Allix, Tegawendé F. Bissyandé, Jacques Klein, and Yves Le Traon. 2016. AndroZoo: Collecting millions of android apps for the research community. In Proceedings of the MSR. Google ScholarDigital Library
Andrew W. Appel. 1998. Modern Compiler Implementation in Java. Cambridge University Press. Google ScholarDigital Library
Steven Arzt and Eric Bodden. 2016. StubDroid: Automatic inference of precise data-flow summaries for the android framework. In Proceedings of the IEEE ICSE. 725--735. Google ScholarDigital Library
Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick McDaniel. 2014. FlowDroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. In Proceedings of the ACM PLDI. Google ScholarDigital Library
Kathy Wain Yee Au, Yi Fan Zhou, Zhen Huang, and David Lie. 2012. PScout: Analyzing the android permission specification. In Proceedings of the ACM CCS. Google ScholarDigital Library
Vitalii Avdiienko, Konstantin Kuznetsov, Alessandra Gorla, Andreas Zeller, Steven Arzt, Siegfried Rasthofer, and Eric Bodden. 2015. Mining apps for abnormal usage of sensitive data. In Proceedings of the IEEE ICSE. Google ScholarDigital Library
Michael Backes, Sven Bugiel, and Erik Derr. 2016. Reliable third-party library detection in Android and its security applications. In Proceedings of the ACM CCS. Google ScholarDigital Library
Ravi Bhoraskar, Seungyeop Han, Jinseong Jeon, Tanzirul Azim, Shuo Chen, Jaeyeon Jung, Suman Nath, Rui Wang, and David Wetherall. 2014. Brahmastra: Driving apps to test the security of third-party components. In Proceedings of the 23rd USENIX CSS. 1021--1036. Google ScholarDigital Library
Hiroshi Lockheimer. 2012. Android and Security. Retrieved from http://googlemobile.blogspot.com/2012/02/android-and-security.html.Google Scholar
Erika Chin, Adrienne Porter Felt, Kate Greenwood, and David Wagner. 2011. Analyzing inter-application communication in Android. In Proceedings of the ACM Mobisys. Google ScholarDigital Library
Aske Christensen, Anders Møller, and Michael Schwartzbach. 2003. Precise analysis of string expressions. Static Analysis (2003), 1076--1076. Google ScholarDigital Library
Cisco. 2014. Cisco 2014 Annual security report. Retrieved from http://www.cisco.com/web/offer/gist_ty2_asset/Cisco_2014_ASR.pdf.Google Scholar
M. Conti, B. Crispo, E. Fernandes, and Y. Zhauniarovich. 2012. CRePE: A system for enforcing fine-grained context-related policies on android. IEEE Trans. Info. Forens. Secur. 7, 5 (2012), 1426--1438. Google ScholarDigital Library
DroidBench. 2015. DroidBench 2.0. Retrieved from https://github.com/secure-software-engineering/DroidBench.Google Scholar
Matthew B. Dwyer, John Hatcliff, Matthew Hoosier, Venkatesh Ranganath, Robby, and Todd Wallentine. 2006. Evaluating the effectiveness of slicing for model reduction of concurrent object-oriented programs. In Proceedings of the TACAS. Google ScholarDigital Library
Manuel Egele, David Brumley, Yanick Fratantonio, and Christopher Kruegel. 2013. An empirical study of cryptographic misuse in Android applications. In Proceedings of the ACM CCS. Google ScholarDigital Library
William Enck, Peter Gilbert, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol Sheth. 2010. TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In Proceedings of the USENIX OSDI. Google ScholarDigital Library
William Enck, Peter Gilbert, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth. 2014. TaintDroid: An information flow tracking system for real-time privacy monitoring on smartphones. Commun. ACM 57, 3 (2014), 99--106. Google ScholarDigital Library
Sascha Fahl, Marian Harbach, Thomas Muders, Lars Baumgärtner, Bernd Freisleben, and Matthew Smith. 2012. Why eve and mallory love android: An analysis of android SSL (in) security. In Proceedings of the ACM CCS. Google ScholarDigital Library
Adrienne Porter Felt, Matthew Finifter, Erika Chin, Steve Hanna, and David Wagner. 2011. A survey of mobile malware in the wild. In Proceedings of the ACM SPSM. Google ScholarDigital Library
Stephen Fink and Julian Dolby. 2012. WALA--The TJ watson libraries for analysis. Retrieved from http://wala.sf.net/.Google Scholar
Christian Fritz, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick McDaniel. 2013. Highly Precise Taint Analysis for Android Application. Technical Report. EC SPRIDE.Google Scholar
Clint Gibler, Jonathan Crussell, Jeremy Erickson, and Hao Chen. 2012. AndroidLeaks: Automatically detecting potential privacy leaks in android applications on a large scale. In Proceedings of the TRUST. Google ScholarDigital Library
Michael I. Gordon, Deokhwan Kim, Jeff H. Perkins, Limei Gilham, Nguyen Nguyen, and Martin C. Rinard. 2015. Information flow analysis of android applications in droidsafe. In Proceedings of the NDSS. Citeseer.Google Scholar
Michael Grace, Yajin Zhou, Zhi Wang, and Xuxian Jiang. 2012. Systematic detection of capability leaks in stock android smartphones. In Proceedings of the NDSS.Google Scholar
Michael C. Grace, Wu Zhou, Xuxian Jiang, and Ahmad Reza Sadeghi. 2012. Unsafe exposure analysis of mobile in-app advertisements. In Proceedings of the ACM WiSec. Google ScholarDigital Library
John Hatcliff, Patrice Chalin, Jason Belt, and others. 2013. Explicating symbolic execution (xSymExe): An evidence-based verification framework. In Proceedings of the IEEE ICSE. 222--231. Google ScholarDigital Library
ICC-Bench. 2017. Retrieved from https://github.com/fgwei/ICC-Bench.Google Scholar
William Klieber, Lori Flynn, Amar Bhosale, Limin Jia, and Lujo Bauer. 2014. Android taint flow analysis for app sets. In Proceedings of the 3rd ACM SIGPLAN SOAP. 1--6. Google ScholarDigital Library
Ondřej Lhoták and Laurie Hendren. 2003. Scaling java points-to analysis using spark. In Proceedings of the Compiler Construction. Google ScholarDigital Library
Ding Li, Yingjun Lyu, Mian Wan, and William G. J. Halfond. 2015. String analysis for java and android applications. In Proceedings of the ACM FSE. 661--672. Google ScholarDigital Library
Li Li, Alexandre Bartel, Tegawendé F. Bissyandé, Jacques Klein, Yves Le Traon, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Damien Octeau, and Patrick Mcdaniel. 2015. IccTA: Detecting inter-component privacy leaks in android apps. In Proceedings of the IEEE ICSE. Google ScholarDigital Library
Li Li, Tegawendé F. Bissyandé, Damien Octeau, and Jacques Klein. 2016. Droidra: Taming reflection to support whole-program analysis of android apps. In Proceedings of the ACM ISSTA. Google ScholarDigital Library
Menghao Li, Wei Wang, Pei Wang, Shuai Wang, Dinghao Wu, Jian Liu, Rui Xue, and Wei Huo. 2017. Libd: Scalable and precise third-party library detection in Android markets. In Proceedings of the IEEE ICSE. Google ScholarDigital Library
Long Lu, Zhichun Li, Zhenyu Wu, Wenke Lee, and Guofei Jiang. 2012. CHEX: Statically vetting Android apps for component hijacking vulnerabilities. In Proceedings of the ACM CCS. Google ScholarDigital Library
Ziang Ma, Haoyu Wang, Yao Guo, and Xiangqun Chen. 2016. LibRadar: Fast and accurate detection of third-party libraries in Android apps. In Proceedings of the IEEE ICSE. Google ScholarDigital Library
McAfee. 2017. Trojans, ghosts, and more mean bumps ahead for mobile and connected things. Retrieved from https://www.mcafee.com/us/resources/reports/rp-mobile-threat-report-2017.pdf.Google Scholar
Flemming Nielson, Hanne R. Nielson, and Chris Hankin. 1999. Principles of Program Analysis. Springer. Google Scholar
Damien Octeau, Somesh Jha, Matthew Dering, Patrick McDaniel, Alexandre Bartel, Li Li, Jacques Klein, and Yves Le Traon. 2016. Combining static analysis with probabilistic models to enable market-scale android inter-component analysis. In Proceedings of the ACM POPL, Vol. 51. 469--484. Google ScholarDigital Library
Damien Octeau, Daniel Luchaup, Matthew Dering, Somesh Jha, and Patrick McDaniel. 2015. Composite constant propagation: Application to android inter-component communication analysis. In Proceedings of the IEEE ICSE. Google ScholarDigital Library
Damien Octeau, Patrick McDaniel, Somesh Jha, Alexandre Bartel, Eric Bodden, Jacques Klein, and Yves Le Traon. 2013. Effective inter-component communication mapping in android with epicc: An essential step towards holistic security analysis. In Proceedings of the USENIX Security Symposium. Google ScholarDigital Library
Machigar Ongtang, Stephen McLaughlin, William Enck, and Patrick McDaniel. 2012. Semantically rich application-centric security in Android. Secur. Commun. Networks 5, 6 (2012), 658--673. Google ScholarDigital Library
Nicholas J. Percoco and Sean Schulte. 2012. Adventures in bouncerland. Black Hat USA.Google Scholar
Sebastian Poeplau, Yanick Fratantonio, Antonio Bianchi, Christopher Kruegel, and Giovanni Vigna. 2014. Execute this! Analyzing unsafe and malicious dynamic code loading in Android applications. In Proceedings of the NDSS. 23--26.Google ScholarCross Ref
Siegfried Rasthofer, Steven Arzt, Marc Miltenberger, and Eric Bodden. 2016. Harvesting runtime values in android applications that feature anti-analysis techniques. In Proceedings of the NDSS.Google ScholarCross Ref
Thomas Reps, Susan Horwitz, and Mooly Sagiv. 1995. Precise interprocedural dataflow analysis via graph reachability. In Proceedings of the ACM POPL. Google ScholarDigital Library
Mooly Sagiv, Thomas Reps, and Susan Horwitz. 1996. Precise interprocedural dataflow analysis with applications to constant propagation. Theoret. Comput. Sci. 167, 1 (1996), 131--170. Google ScholarDigital Library
Stephen Smalley and Robert Craig. 2013. Security enhanced (SE) Android: Bringing flexible MAC to Android. In Proceedings of the NDSS.Google Scholar
David Sounthiraraj, Justin Sahs, Garret Greenwood, Zhiqiang Lin, and Latifur Khan. 2014. SMV-HUNTER: Large scale, automated detection of SSL/TLS man-in-the-middle vulnerabilities in android apps. In Proceedings of the NDSS.Google ScholarCross Ref
Symantec. 2017. Internet security threat report. Retrieved from https://www.symantec.com/content/dam/symantec/docs/reports/istr-22-2017-en.pdf.Google Scholar
Kimberly Tam, Salahuddin J. Khan, Aristide Fattori, and Lorenzo Cavallaro. 2015. CopperDroid: Automatic reconstruction of android malware behaviors. In Proceedings of the NDSS.Google ScholarCross Ref
Hariharan Thiagarajan, John Hatcliff, Jason Belt, and others. 2012. Bakar alir: Supporting developers in construction of information flow contracts in SPARK. In Proceedings of the IEEE SCAM. 132--137. Google ScholarDigital Library
TrendMicro. 2017. In review: 2016’s mobile threat landscape brings diversity, scale, and scope. Retrieved from https://blog.trendmicro.com/trendlabs-security-intelligence/2016-mobile-threat-landscape/.Google Scholar
Yutaka Tsutano, Shakthi Bachala, Witawas Srisa-an, Gregg Rothermel, and Jackson Dinh. 2017. An efficient, robust, and scalable approach for analyzing interacting android apps. In Proceedings of the IEEE ICSE. 324--334. Google ScholarDigital Library
Raja Vallée-Rai, Etienne Gagnon, Laurie Hendren, Patrick Lam, Patrice Pominville, and Vijay Sundaresan. 2000. Optimizing java bytecode using the soot framework: Is it feasible? In Proceedings of the Compiler Construction. Google ScholarDigital Library
Timothy Vidas, Jiaqi Tan, Jay Nahata, Chaur Lih Tan, Nicolas Christin, and Patrick Tague. 2014. A5: Automated analysis of adversarial android applications. In Proceedings of the SPSM. 39--50. Google ScholarDigital Library
WALA. 2014. UserGuide:CallGraph. http://wala.sourceforge.net/wiki/index.php/UserGuide:CallGraph.Google Scholar
Rui Wang, Luyi Xing, Xiao Feng Wang, and Shuo Chen. 2013. Unauthorized origin crossing on mobile platforms: Threats and mitigation. In Proceedings of the ACM CCS. Google ScholarDigital Library
Fengguo Wei, Yuping Li, Sankardas Roy, Xinming Ou, and Wu Zhou. 2017. Deep ground truth analysis of current android malware. In Proceedings of the DIMVA. Springer, Bonn, Germany.Google ScholarCross Ref
Fengguo Wei, Sankardas Roy, Xinming Ou, and Robby. 2014. Amandroid: A precise and general inter-component data flow analysis framework for security vetting of android apps. In Proceedings of the ACM CCS. Google ScholarDigital Library
Wikipedia. 2016. Actor model. Retrieved from https://en.wikipedia.org/wiki/Actor_model. (2016).Google Scholar
Rubin Xu, Hassen Saïdi, and Ross Anderson. 2012. Aurasium: Practical policy enforcement for android applications. In Proceedings of the USENIX Security Symposium. Google ScholarDigital Library
Lok-Kwong Yan and Heng Yin. 2012. DroidScope: Seamlessly reconstructing the OS and dalvik semantic views for dynamic android malware analysis. In Proceedings of the USENIX Security Symposium. 569--584. Google ScholarDigital Library
Yajin Zhou and Xuxian Jiang. 2012. Dissecting android malware: Characterization and evolution. In Proceedings of the IEEE SP. Google ScholarDigital Library
Yajin Zhou, Zhi Wang, Wu Zhou, and Xuxian Jiang. 2012. Hey, you, get off of my market: Detecting malicious apps in official and alternative android markets. In Proceedings of the NDSS.Google Scholar

Index Terms

Amandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps
1. Security and privacy
  1. Software and application security
    1. Software security engineering

Recommendations

Amandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps
CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security

We propose a new approach to conduct static analysis for security vetting of Android apps, and built a general framework, called Amandroid for determining points-to information for all objects in an Android app in a flow- and context-sensitive way ...
Read More
CHEX: statically vetting Android apps for component hijacking vulnerabilities
CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security

An enormous number of apps have been developed for Android in recent years, making it one of the most popular mobile operating systems. However, the quality of the booming apps can be a concern [4]. Poorly engineered apps may contain security ...
Read More
HybriDroid: static analysis framework for Android hybrid applications
ASE '16: Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering

Mobile applications (apps) have long invaded the realm of desktop apps, and hybrid apps become a promising solution for supporting multiple mobile platforms. Providing both platform-specific functionalities via native code like native apps and user ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM Transactions on Privacy and Security Volume 21, Issue 3
August 2018
157 pages
ISSN:2471-2566
EISSN:2471-2574
DOI:10.1145/3208360
Editor:
David Basin
ETH Zurich, Switzerland
Issue’s Table of Contents
Copyright © 2018 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 16 April 2018
- Accepted: 1 January 2018
- Revised: 1 November 2017
- Received: 1 May 2017
Published in tops Volume 21, Issue 3

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Android app security analysis
ICC (inter-component communication)
Static analysis
Qualifiers
- research-article
- Research
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 81
  Total Citations
  View Citations
- 2,165
  Total Downloads
- Downloads (Last 12 months)464
- Downloads (Last 6 weeks)74
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Amandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps

ACM Transactions on Privacy and Security

Abstract

References

Cited By

Index Terms

Recommendations

Amandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps

CHEX: statically vetting Android apps for component hijacking vulnerabilities

HybriDroid: static analysis framework for Android hybrid applications