Andro Lyze: A Distributed Framework for Efficient Android App Analysis

2015 IEEE International Conference on Mobile Services Pub Date : 2015-06-27 DOI:10.1109/MobServ.2015.20

Lars Baumgärtner, Pablo Graubner, Nils Schmidt, Bernd Freisleben

{"title":"Andro Lyze: A Distributed Framework for Efficient Android App Analysis","authors":"Lars Baumgärtner, Pablo Graubner, Nils Schmidt, Bernd Freisleben","doi":"10.1109/MobServ.2015.20","DOIUrl":null,"url":null,"abstract":"In recent years, the number of mobile applications has grown significantly. Not surprisingly, various security and privacy concerns associated with mobile applications have emerged. Several researchers are addressing these problems by analyzing the security properties of mobile application code. Most of the security checks rely on custom scripts and are quite heterogeneous with respect to dependencies, deployment and reporting. In this paper, we present AndroLyze, a distributed framework with unified logging and reporting functionality to perform security checks on large numbers of applications in an efficient manner. AndroLyze provides optimized scheduling algorithms for distributing static code analysis tasks across several machines. Moreover, AndroLyze can handle several versions of a single mobile application to generate a security track record over many versions. To demonstrate the benefits of AndroLyze, we have analyzed the Top Free 500 Android applications of all categories in Google Play collected over three years. The resulting data set consists of almost 40,000 mobile applications and requires about 227 GB of storage space.","PeriodicalId":166267,"journal":{"name":"2015 IEEE International Conference on Mobile Services","volume":"38 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE International Conference on Mobile Services","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/MobServ.2015.20","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

Abstract

In recent years, the number of mobile applications has grown significantly. Not surprisingly, various security and privacy concerns associated with mobile applications have emerged. Several researchers are addressing these problems by analyzing the security properties of mobile application code. Most of the security checks rely on custom scripts and are quite heterogeneous with respect to dependencies, deployment and reporting. In this paper, we present AndroLyze, a distributed framework with unified logging and reporting functionality to perform security checks on large numbers of applications in an efficient manner. AndroLyze provides optimized scheduling algorithms for distributing static code analysis tasks across several machines. Moreover, AndroLyze can handle several versions of a single mobile application to generate a security track record over many versions. To demonstrate the benefits of AndroLyze, we have analyzed the Top Free 500 Android applications of all categories in Google Play collected over three years. The resulting data set consists of almost 40,000 mobile applications and requires about 227 GB of storage space.

查看原文本刊更多论文

Andro Lyze:高效Android应用分析的分布式框架

近年来，移动应用程序的数量显著增长。毫不奇怪，与移动应用程序相关的各种安全和隐私问题已经出现。一些研究人员正在通过分析移动应用程序代码的安全属性来解决这些问题。大多数安全检查依赖于自定义脚本，并且在依赖项、部署和报告方面非常异构。在本文中，我们提出了AndroLyze，一个具有统一日志和报告功能的分布式框架，以有效的方式对大量应用程序进行安全检查。AndroLyze为跨多台机器分配静态代码分析任务提供了优化的调度算法。此外，AndroLyze可以处理单个移动应用程序的多个版本，从而生成多个版本的安全跟踪记录。为了证明AndroLyze的优势，我们分析了Google Play三年来收集的所有类别的前500款Android应用。生成的数据集包含近40,000个移动应用程序，需要约227 GB的存储空间。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2015 IEEE International Conference on Mobile Services

自引率

0.00%

发文量