Sciweavers

NDSS
2015
IEEE

Information Flow Analysis of Android Applications in DroidSafe

8 years 8 months ago
Information Flow Analysis of Android Applications in DroidSafe
—We present DroidSafe, a static information flow analysis tool that reports potential leaks of sensitive information in Android applications. DroidSafe combines a comprehensive, accurate, and precise model of the Android runtime with static analysis design decisions that enable the DroidSafe analyses to scale to analyze this model. This combination is enabled by accurate analysis stubs, a technique that enables the effective analysis of code whose complete semantics lies outside the scope of Java, and by a combination of analyses that together can statically resolve communication targets identified by dynamically constructed values such as strings and class designators. Our experimental results demonstrate that 1) DroidSafe achieves unprecedented precision and accuracy for Android information flow analysis (as measured on a standard previously published set of benchmark applications) and 2) DroidSafe detects all malicious information flow leaks inserted into 24 real-world Android...
Michael I. Gordon, Deokhwan Kim, Jeff H. Perkins,
Added 15 Apr 2016
Updated 15 Apr 2016
Type Journal
Year 2015
Where NDSS
Authors Michael I. Gordon, Deokhwan Kim, Jeff H. Perkins, Limei Gilham, Nguyen Nguyen, Martin C. Rinard
Comments (0)