Advertisement

Static binary analysis of mobile applications for the android platform, according to the requirements of information security

  • Ya. A. Aleksandrov
  • L. K. Safin
  • K. N. Troshina
  • A. V. Chernov
Article
  • 34 Downloads

Abstract

An approach is presented for solving the problem of automatically analyzing mobile applications for the Android platform in light of information security requirements when no source code is available.

Keywords

Static analysis binary analysis security of mobile applications 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Q1 Smart phone OS Results: Android Dominates High Growth Developing Markets (2014), https://www.abiresearch.com/press/ql-2014-smartphone-os-results-android-dominates-hi.Google Scholar
  2. 2.
    A Toot for Reverse Engineering Android apk Files, http://ibotp eaehes.github.io/Apktool.Google Scholar
  3. 3.
    Tools to Work with Android.dex and Java.class Files, https://code.google.eom/p/dex2jar.Google Scholar
  4. 4.
    J. Miecznikowski and L. Hendren, “Decompiling Java bytecode: Problems, traps and pitfalls,” in Proceedings of the 11th International Conference on Compiler Construction (Springer, Grenoble, 2002), pp. 179–196.Google Scholar
  5. 5.
    Strobel Procyon Decompiler, https://bitbucket.org/mstrobel/procyon.Google Scholar
  6. 6.
    W. Wogerer, A Survey of Static Program Analysis Techniques (Vienna University of Technology, Vienna, 2005).Google Scholar
  7. 7.
    A. V. Aho, R. Sethi, and J. D. Ullman, Compilers: Principles, Techniques, and Tools (Addison-Wesley, Boston, 1985).zbMATHGoogle Scholar
  8. 8.
    S. S. Muchnick, Advanced Compiler Design Implementation (Morgan Kaufmann, San Francisco, 1997).Google Scholar
  9. 9.
    S. Arzt, S. Rasthofer, C. Fritz, et al., “Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps,” in Proceedings of the 35th ACM S/GPLAN Conference on Programming Language Design and Implementation (ACM, New York, 2014), pp. 259–269.Google Scholar
  10. 10.
    HP Fortify Static Code Analyzer, http://www8.hp.com/ru/ru/software-solutions/static-code-analysis-sast/index.html.Google Scholar
  11. 11.
    IBM Security AppScan Source, http://www-03.ibm.com/software/products/ru/appscan-source.Google Scholar
  12. 12.
    M. Karnick, J. MacBride, S. McGinnis, et al., “A qualitative analysis of Java obfuscation,” Proceedings of I Oth IASTED International Conference on Software Engineering and Applications (SEA, Dallas, 2006), pp. 166–171.Google Scholar
  13. 13.
    Man-in-the-Middle Attack, https://www.owasp.org/index.php/Man-in-the-middle_attack.Google Scholar
  14. 14.
    W. Hnck, D. Octeau, P. McDaniel, et al. “A study of Android application security,” Proc. of the 20th USENIX Conf. on Security (USENIX Association, Berkeley, 2011), pp. 21–21.Google Scholar
  15. 15.
    Find Bugs in Java Programs, http://findbugs.sourceforge.net.Google Scholar

Copyright information

© Allerton Press, Inc. 2016

Authors and Affiliations

  • Ya. A. Aleksandrov
    • 1
  • L. K. Safin
    • 2
  • K. N. Troshina
    • 3
  • A. V. Chernov
    • 1
  1. 1.Department of Computational Mathematics and CyberneticsMoscow State UniversityMoscowRussia
  2. 2.Department of Computer Science and TechnologySt. Petersburg Electrotechnical University (LETI)St. PetersburgRussia
  3. 3.SmartDecMoscowRussia

Personalised recommendations