EviCheck: Digital Evidence for Android

Seghir, Mohamed Nassim; Aspinall, David

doi:10.1007/978-3-319-24953-7_17

Mohamed Nassim Seghir¹⁶ &
David Aspinall¹⁶

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 9364))

Included in the following conference series:

International Symposium on Automated Technology for Verification and Analysis

995 Accesses
4 Citations

Abstract

We present EviCheck, a tool for the verification, certification and generation of lightweight fine-grained security policies for Android. It applies static analysis to check the conformance between an application and a given policy. A distinguishing feature of EviCheck is its ability to generate digital evidence: a certificate for the analysis algorithm asserting the conformance between the application and the policy. This certificate can be independently checked by another component (tool) to validate or refute the result of the analysis. The checking process is generally very efficient compared to certificate generation as experiments on 20,000 real-world applications show.

This work was supported by EPSRC under grant number EP/K032666/1 “App Guarden Project”.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

References

Albert, E., Puebla, G., Hermenegildo, M.V.: Abstraction-carrying code. In: Baader, F., Voronkov, A. (eds.) LPAR 2004. LNCS (LNAI), vol. 3452, pp. 380–397. Springer, Heidelberg (2005)
Chapter Google Scholar
Arzt, S., Rasthofer, S., Fritz, C., Bodden, E., Bartel, A., Klein, J., Traon, Y.L., Octeau, D., McDaniel, P.: Flowdroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps. In: PLDI, p. 29 (2014)
Google Scholar
Aspinall, D., MacKenzie, K.: Mobile resource guarantees and policies. In: Barthe, G., Grégoire, B., Huisman, M., Lanet, J.-L. (eds.) CASSIS 2005. LNCS, vol. 3956, pp. 16–36. Springer, Heidelberg (2006)
Chapter Google Scholar
Backes, M., Gerling, S., Hammer, C., Maffei, M., von Styp-Rekowsky, P.: AppGuard – enforcing user requirements on android apps. In: Piterman, N., Smolka, S.A. (eds.) TACAS 2013 (ETAPS 2013). LNCS, vol. 7795, pp. 543–548. Springer, Heidelberg (2013)
Chapter Google Scholar
Barthe, G., Crégut, P., Grégoire, B., Jensen, T., Pichardie, D.: The MOBIUS proof carrying code infrastructure. In: de Boer, F.S., Bonsangue, M.M., Graf, S., de Roever, W.-P. (eds.) FMCO 2007. LNCS, vol. 5382, pp. 1–24. Springer, Heidelberg (2008)
Chapter Google Scholar
Chin, E., Felt, A.P., Greenwood, K., Wagner, D.: Analyzing inter-application communication in Android. In: MobiSys, pp. 239–252 (2011)
Google Scholar
Desnos, A.: Androguard. http://code.google.com/p/androguard/
Enck, W., Gilbert, P., gon Chun, B., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.: Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In: OSDI, pp. 393–407 (2010)
Google Scholar
Feng, Y., Anand, S., Dillig, I., Aiken, A.: Apposcopy: semantics-based detection of Android malware through static analysis. In: FSE (2014) (to appear)
Google Scholar
Leroy, X.: Formal certification of a compiler back-end or: programming a compiler with a proof assistant. In: POPL, pp. 42–54 (2006)
Google Scholar
Necula, G.C.: Proof-carrying code. In: POPL, pp. 106–119 (1997)
Google Scholar
Seghir, M.N.: Evicheck. http://groups.inf.ed.ac.uk/security/appguarden/tools/EviCheck/
Sundaresan, V., Hendren, L.J., Razafimahefa, C., Vallée-Rai, R., Lam, P., Gagnon, E., Godin, C.: Practical virtual method call resolution for java. In: OOPSLA, pp. 264–280 (2000)
Google Scholar
Vallée-Rai, R., Gagnon, E.M., Hendren, L., Lam, P., Pominville, P., Sundaresan, V.: Optimizing java bytecode using the soot framework: is it feasible? In: Watt, D.A. (ed.) CC 2000. LNCS, vol. 1781, pp. 18–34. Springer, Heidelberg (2000)
Chapter Google Scholar
Xu, R., Saïdi, H., Anderson, R.: Aurasium: practical policy enforcement for android applications. In: Presented as part of the 21st USENIX Security Symposium, pp. 539–552. USENIX, Berkeley, CA (2012)
Google Scholar
Yang, S., Yan, D., Wu, H., Wang, Y., Rountev, A.: Static control-flow analysis of user-driven callbacks in Android applications. In: ICSE (2015)
Google Scholar

Download references

Author information

Authors and Affiliations

University of Edinburgh, Edinburgh, Scotland, UK
Mohamed Nassim Seghir & David Aspinall

Authors

Mohamed Nassim Seghir
View author publications
You can also search for this author in PubMed Google Scholar
David Aspinall
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mohamed Nassim Seghir .

Editor information

Editors and Affiliations

Universität des Saarlandes, Saarbrücken, Germany
Bernd Finkbeiner
East China Normal University, Shanghai, China
Geguang Pu
Chinese Academy of Sciences, Beijing, China
Lijun Zhang

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Seghir, M.N., Aspinall, D. (2015). EviCheck: Digital Evidence for Android . In: Finkbeiner, B., Pu, G., Zhang, L. (eds) Automated Technology for Verification and Analysis. ATVA 2015. Lecture Notes in Computer Science(), vol 9364. Springer, Cham. https://doi.org/10.1007/978-3-319-24953-7_17

Download citation

DOI: https://doi.org/10.1007/978-3-319-24953-7_17
Published: 22 November 2015
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-24952-0
Online ISBN: 978-3-319-24953-7
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics