x86平台上Android应用程序的强制路径执行

2013 IEEE Seventh International Conference on Software Security and Reliability Companion Pub Date : 2013-06-18 DOI:10.1109/SERE-C.2013.36

Ryan V. Johnson, A. Stavrou

{"title":"x86平台上Android应用程序的强制路径执行","authors":"Ryan V. Johnson, A. Stavrou","doi":"10.1109/SERE-C.2013.36","DOIUrl":null,"url":null,"abstract":"We present a code analysis framework that performs scalable forced-path execution of Android applications in commodity hardware. Our goal is to reveal the full application functional behavior for large commercial applications without access to source code. We do so by identifying code blocks and API calls that are deemed sensitive and provide a security report to an analyst regarding the functionality of the Android application that is under inspection. We show that our approach is scalable by allowing for the execution of each software component by numerous instances of execution modules. Each execution instance exercises a different code path through the application call-graph leading to full code and state space coverage and exposing any hidden or unwanted functionality. The output is a list of API calls, parameter values, component call graphs, and control flow graphs. We show how this can be leveraged for automated policy enforcement of runtime functionality.","PeriodicalId":150535,"journal":{"name":"2013 IEEE Seventh International Conference on Software Security and Reliability Companion","volume":"178 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"18","resultStr":"{\"title\":\"Forced-Path Execution for Android Applications on x86 Platforms\",\"authors\":\"Ryan V. Johnson, A. Stavrou\",\"doi\":\"10.1109/SERE-C.2013.36\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We present a code analysis framework that performs scalable forced-path execution of Android applications in commodity hardware. Our goal is to reveal the full application functional behavior for large commercial applications without access to source code. We do so by identifying code blocks and API calls that are deemed sensitive and provide a security report to an analyst regarding the functionality of the Android application that is under inspection. We show that our approach is scalable by allowing for the execution of each software component by numerous instances of execution modules. Each execution instance exercises a different code path through the application call-graph leading to full code and state space coverage and exposing any hidden or unwanted functionality. The output is a list of API calls, parameter values, component call graphs, and control flow graphs. We show how this can be leveraged for automated policy enforcement of runtime functionality.\",\"PeriodicalId\":150535,\"journal\":{\"name\":\"2013 IEEE Seventh International Conference on Software Security and Reliability Companion\",\"volume\":\"178 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-06-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"18\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 IEEE Seventh International Conference on Software Security and Reliability Companion\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SERE-C.2013.36\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 IEEE Seventh International Conference on Software Security and Reliability Companion","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SERE-C.2013.36","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 18

摘要

我们提出了一个代码分析框架，它可以在商用硬件中执行可扩展的Android应用程序强制路径执行。我们的目标是揭示无需访问源代码的大型商业应用程序的完整应用程序功能行为。我们通过识别被认为是敏感的代码块和API调用来做到这一点，并向分析师提供关于正在检查的Android应用程序功能的安全报告。通过允许通过执行模块的多个实例来执行每个软件组件，我们展示了我们的方法是可伸缩的。每个执行实例在应用程序调用图中执行不同的代码路径，从而实现完整的代码和状态空间覆盖，并暴露任何隐藏的或不需要的功能。输出是API调用、参数值、组件调用图和控制流图的列表。我们将展示如何利用这一点来实现运行时功能的自动策略实施。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Forced-Path Execution for Android Applications on x86 Platforms

We present a code analysis framework that performs scalable forced-path execution of Android applications in commodity hardware. Our goal is to reveal the full application functional behavior for large commercial applications without access to source code. We do so by identifying code blocks and API calls that are deemed sensitive and provide a security report to an analyst regarding the functionality of the Android application that is under inspection. We show that our approach is scalable by allowing for the execution of each software component by numerous instances of execution modules. Each execution instance exercises a different code path through the application call-graph leading to full code and state space coverage and exposing any hidden or unwanted functionality. The output is a list of API calls, parameter values, component call graphs, and control flow graphs. We show how this can be leveraged for automated policy enforcement of runtime functionality.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2013 IEEE Seventh International Conference on Software Security and Reliability Companion

自引率

0.00%

发文量