• PDF / 366,980 Bytes
• 8 Pages / 439.37 x 666.142 pts Page_size
• 94 Downloads / 185 Views

DOWNLOAD

REPORT

3

Department of Computer Science, The University of Hong Kong, Pokfulam, Hong Kong {xmcui,hui,smyiu}@cs.hku.hk, [email protected] 2 Peking University, Beijing, China [email protected] Shenzhen Graduate School, Harbin Institute of Technology, Shenzhen, China wk [email protected]

Abstract. The popularity of Android devices has made Android apps attractive targets for attackers. Some static checkers have been proposed to check whether an Android app is vulnerable to privacy leakage and other attacks. However, these checkers model the control flows in the app following the ICC events, ignoring the intrinsic purpose of users’ interaction with mobile devices. In fact, users carry out various tasks using mobile apps, e.g. online shopping. An Android task consists of one or more Activities, which are organized in the back stack of the task. By extracting the task lists among Activities in Android apps, we can capture all control flow transitions between them, including those bring by ICC events and back button events. We design and implement a system, which leverages the combination of static and dynamic analysis to extract the task lists. Our system can be used to detect task related attacks and help static checkers construct more complete call graphs. Keywords: Android applications

1

· Task · Program analysis

Introduction

Android devices are widely used to handle private data; therefore, they have become attractive targets for malicious attackers. The security of Android apps has drawn the attention of researchers from both the academy and industry. From the users’ point of view, an Android app is used to fulfill tasks, such as on-line shopping and instant messaging. Therefore in practice users interact with the app based on the Task conception [1]. Among the four types of components in an Android app (Activity, Service, Broadcast Receiver, and Content Provider), users can only interact with Activities. Other components are launched by Activities directly or indirectly. Each Activity is designed around a specific action the user can perform or start other Activities. A task is a collection of Activities that users interact with when performing a certain job. c Springer Nature Singapore Pte Ltd. 2017  K. Kim and N. Joukov (eds.), Information Science and Applications 2017, Lecture Notes in Electrical Engineering 424, DOI 10.1007/978-981-10-4154-9 46

Reconstruction of Task Lists from Android Applications

397

The activities are arranged in a stack (the back stack ), in the order in which each activity is opened. Control flow transitions among Android Activities are useful and prevalent. We summarize that the control flow transitions among Android components mainly result from the following two reasons: 1. Inter-component communication using ICC methods (e.g. startActivity, startService, etc.). Android allows components from the same application or different applications to interact with each other using Inter-Component Communication (ICC) methods. Although ICC enables function reuse and application cooperation, it a

Recommend Documents

Reverse Engineering of Android Applications: REiMPAcT

160 36 35MB

Lists

192 113 4MB

A Certification Process for Android Applications

162 24 393KB

Waiting Lists

169 52 57MB

Linked Lists

179 56 14MB

WLTDroid: Repackaging Detection Approach for Android Applications

180 90 54MB

Code Between the Lines: Semantic Analysis of Android Applications

185 27 24MB

AndroLib: Third-Party Software Library Recommendation for Android Applications

191 112 21MB

From Connectomic to Task-Evoked Fingerprints: Individualized Prediction of Task Contrasts from Resting-State Functional

138 95 190MB

Android Studio

190 26 10MB

Android Malware

201 93 2MB

Android Studio

215 100 12MB