Skip to Main content Skip to Navigation
Conference papers

Tracking explicit and control flows in Java and native Android apps code,

Mariem Graa 1, 2, 3 Frédéric Cuppens 2, 1 Nora Cuppens-Boulahia 2, 1 Jean-Louis Lanet 4
1 Lab-STICC_TB_CID_SFIIS
Lab-STICC - Laboratoire des sciences et techniques de l'information, de la communication et de la connaissance
4 TAMIS - Threat Analysis and Mitigation for Information Security
IRISA-D4 - LANGAGE ET GÉNIE LOGICIEL, Inria Rennes – Bretagne Atlantique
Abstract : The native app development is increased in Android systems to implement CPU-intensive applications such as game engines, signal processing, and physics simulation. However, native code analysis is very difficult and requires a lot of time which explains the limited number of systems that track information flow in native libraries. But, none of them detects the sensitive information leakage through control flows at native level. In this paper, we combine dynamic and static taint analysis to propagate taint along control dependencies. Our approach has proven to be effective in analyzing several malicious Android applications that invoke native librairies with reasonable performance overheads.
Complete list of metadata

https://hal.inria.fr/hal-01385196
Contributor : Jean-Louis Lanet <>
Submitted on : Friday, October 21, 2016 - 7:50:36 AM
Last modification on : Tuesday, April 20, 2021 - 10:32:06 AM

Links full text

Identifiers

Citation

Mariem Graa, Frédéric Cuppens, Nora Cuppens-Boulahia, Jean-Louis Lanet. Tracking explicit and control flows in Java and native Android apps code,. ICISSP 2016 : 2nd International Conference on Information Systems Security and Privacy,, Feb 2016, Roma, Italy. ⟨10.5220/0005686603070316⟩. ⟨hal-01385196⟩

Share

Metrics

Record views

1335