Skip to main content
SpringerLink
Log in

Context Correlation for Automated Dynamic Android App Analysis to Improve Impact Rating of Privacy and Security Flaws

  • Conference paper
  • First Online:
Risks and Security of Internet and Systems (CRiSIS 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13857))

Included in the following conference series:

  • 211 Accesses

Abstract

Privacy and security flaws in apps are commonly detected by static and dynamic analysis approaches. However, the realistic impact rating for detected flaws is often limited. Static approaches lack runtime information and dynamic analysis miss program structure information. We aim to build a dynamic analysis environment and rate the flaw impact based on the data flow context. We correlate the traced API call chains with data sources and sinks of processed information. This way, the actual runtime information is used and program structures for significant data flows can be reconstructed. Therefore, this publication proposes a method for collecting execution traces based on automated function hooking and mechanisms to create and analyze data flow graphs from these traces. We demonstrate the scalability of our privacy and security analysis by automatically analyzing and evaluating the top 1000 free apps from Google Play. Manual app analysis and damn vulnerable app projects prove the high quality results of our automated approach during evaluation.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 99.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 129.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    http://appium.io/.

  2. 2.

    https://frida.re.

  3. 3.

    https://42matters.com.

  4. 4.

    https://github.com/satishpatnayak/AndroGoat.

  5. 5.

    https://github.com/htbridge/pivaa.

  6. 6.

    https://github.com/OWASP/MSTG-Hacking-Playground.

References

  1. Arzt, S., et al.: Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. SIGPLAN Not. 49, 2594299 (2014)

    Google Scholar 

  2. Backes, M., Bugiel, S., Schranz, O., Von Styp-Rekowsky, P., Weisgerber, S.: Artist: the android runtime instrumentation and security toolkit. In: IEEE European Symposium on Security and Privacy (EuroS P) (2017)

    Google Scholar 

  3. Cortesi, A., Hils, M., Kriechbaumer, T., contributors: mitmproxy: a free and open source interactive HTTPS proxy (2010-). https://mitmproxy.org/

  4. Enck, W., et al.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. 57, 393–407 (2014)

    Google Scholar 

  5. Gordon, M., deokhwan, K., Perkins, J., Gilham, L., Nguyen, N., Rinard, M.: Information-flow analysis of android applications in droidsafe (2015)

    Google Scholar 

  6. Heid, K., Heider, J.: Automated, dynamic android app vulnerability and privacy leak analysis: design considerations, required components and available tools. In: European Interdisciplinary Cybersecurity Conference. EICC, ACM (2021)

    Google Scholar 

  7. Klieber, W., Flynn, L., Bhosale, A., Jia, L., Bauer, L.: Android taint flow analysis for app sets. In: Proceedings of the 3rd ACM SIGPLAN International Workshop on the State of the Art in Java Program Analysis. SOAP 2014 (2014)

    Google Scholar 

  8. Tam, K., Khan, S., Fattori, A., Cavallaro, L.: CopperDroid: automatic reconstruction of android malware behaviors (2015)

    Google Scholar 

  9. Tang, J., Li, R., Wang, K., Gu, X., Xu, Z.: A novel hybrid method to analyze security vulnerabilities in android applications. Tsinghua Science and Technology (2020)

    Google Scholar 

  10. Yang, W., Xiao, X., Andow, B., Li, S., Xie, T., Enck, W.: AppContext: differentiating malicious and benign mobile app behaviors using context. In: 37th IEEE International Conference on Software Engineering (2015)

    Google Scholar 

  11. Yavuz, T., Brant, C.: Security analysis of IoT frameworks using static taint analysis. In: ACM Conference on Data and Application Security and Privacy (2022)

    Google Scholar 

  12. You, W., Liang, B., Shi, W., Wang, P., Zhang, X.: TaintMan: an art-compatible dynamic taint analysis framework on unmodified and non-rooted android devices. IEEE Trans. Depend. Sec. Comput. 17, 209–222 (2020)

    Google Scholar 

  13. Zheng, M., Sun, M., Lui, J.C.: DroidTrace: a ptrace based android dynamic analysis system with forward execution capability. In: International Wireless Communications and Mobile Computing Conference (IWCMC) (2014)

    Google Scholar 

  14. Zhou, Y.: An automated pipeline for privacy leak analysis of android applications. In: International Conference on Automated Software Engineering (ASE) (2021)

    Google Scholar 

Download references

Acknowledgements

The project underlying this report was funded by the German Federal Ministry of Education and Research under grant number 16SV8520. The author is responsible for the content of this publication.

Author information

Authors and Affiliations

  1. Fraunhofer SIT, Rheinstr. 75, 64295, Darmstadt, Germany

    Kris Heid & Jens Heider

Authors
  1. Kris Heid
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jens Heider
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Kris Heid .

Editor information

Editors and Affiliations

  1. University of Sfax, Sfax, Tunisia

    Slim Kallel

  2. University of Sfax, Sfax, Tunisia

    Mohamed Jmaiel

  3. Queen's University, Kingston, ON, Canada

    Mohammad Zulkernine

  4. University of Sfax, Sfax, Tunisia

    Ahmed Hadj Kacem

  5. Polytechnique Montréal, Montréal, QC, Canada

    Frédéric Cuppens

  6. Polytechnique Montréal, Montréal, QC, Canada

    Nora Cuppens

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Heid, K., Heider, J. (2023). Context Correlation for Automated Dynamic Android App Analysis to Improve Impact Rating of Privacy and Security Flaws. In: Kallel, S., Jmaiel, M., Zulkernine, M., Hadj Kacem, A., Cuppens, F., Cuppens, N. (eds) Risks and Security of Internet and Systems. CRiSIS 2022. Lecture Notes in Computer Science, vol 13857. Springer, Cham. https://doi.org/10.1007/978-3-031-31108-6_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-31108-6_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-31107-9

  • Online ISBN: 978-3-031-31108-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation