Slicing droids: program slicing for smali code
作者: Johannes Hoffmann , Martin Ussath , Thorsten Holz , Michael Spreitzenbarth
关键词:
摘要: The popularity of mobile devices like smartphones and tablets has increased significantly in the last few years with many millions sold devices. This growth also its drawbacks: attackers have realized that are an attractive target months different kinds malicious software (short: malware) for such emerged. worrisome development potential to hamper prospering ecosystem damage is huge.Considering these aspects, it evident apps need be detected early on order prevent further distribution infections. implies necessary develop techniques capable detecting automated way. In this paper, we present SAAF, a Static Android Analysis Framework apps. SAAF analyzes smali code, disassembled version DEX format used by Android's Java VM implementation. Our goal create program slices perform data-flow analyses backtrack parameters given method. helps us identify suspicious code regions Several other analysis as visualization control flow graphs or identification ad-related implemented SAAF. report slicing results obtained using technique analyze more than 136,000 benign about 6,100
acm.org
sci-hub.se 参考文章(23)
Uday P. Khedker, Data Flow Analysis. The Compiler Design Handbook. pp. 1- 59 ,(2002)
Neal Leavitt, Malicious Code Moves to Mobile Devices IEEE Computer. ,vol. 33, pp. 16- 19 ,(2000) , 10.1109/MC.2000.10107
Damien Octeau, William Enck, Patrick McDaniel, Swarat Chaudhuri, A study of android application security usenix security symposium. pp. 21- 21 ,(2011)
Clint Gibler, Jonathan Crussell, Jeremy Erickson, Hao Chen, AndroidLeaks: automatically detecting potential privacy leaks in android applications on a large scale trust and trustworthy computing. pp. 291- 307 ,(2012) , 10.1007/978-3-642-30921-2_17
Brett Stone-Gross, Ryan Abman, Richard A. Kemmerer, Christopher Kruegel, Douglas G. Steigerwald, Giovanni Vigna, The Underground Economy of Fake Antivirus Software Proceedings of the Workshop on Information Security. pp. 55- 78 ,(2013) , 10.1007/978-1-4614-1981-5_4
William Enck, Patrick McDaniel, Jaeyeon Jung, Byung-Gon Chun, Peter Gilbert, Anmol N. Sheth, Landon P. Cox, TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones operating systems design and implementation. pp. 393- 407 ,(2010) , 10.5555/1924943.1924971
Wu Zhou, Yajin Zhou, Xuxian Jiang, Peng Ning, Detecting repackaged smartphone applications in third-party android marketplaces Proceedings of the second ACM conference on Data and Application Security and Privacy - CODASKY '12. pp. 317- 326 ,(2012) , 10.1145/2133601.2133640
Hiralal Agrawal, Joseph R. Horgan, Dynamic program slicing programming language design and implementation. ,vol. 25, pp. 246- 256 ,(1990) , 10.1145/93542.93576
Jon Kleinberg, Computing: the wireless epidemic. Nature. ,vol. 449, pp. 287- 288 ,(2007) , 10.1038/449287A
Kasi Lemmons, Privacy Proceedings of the Seventh Symposium on Usable Privacy and Security - SOUPS '11. pp. 12- ,(2011) , 10.1145/2078827.2078843