Skip to Main content Skip to Navigation
Conference papers

Tracking explicit and control flows in Java and native Android apps code,

Mariem Graa 1, 2, 3 Frédéric Cuppens 2, 1 Nora Cuppens-Boulahia 2, 1 Jean-Louis Lanet 4 
Lab-STICC - Laboratoire des sciences et techniques de l'information, de la communication et de la connaissance
4 TAMIS - Threat Analysis and Mitigation for Information Security
Inria Rennes – Bretagne Atlantique , IRISA-D4 - LANGAGE ET GÉNIE LOGICIEL
Abstract : The native app development is increased in Android systems to implement CPU-intensive applications such as game engines, signal processing, and physics simulation. However, native code analysis is very difficult and requires a lot of time which explains the limited number of systems that track information flow in native libraries. But, none of them detects the sensitive information leakage through control flows at native level. In this paper, we combine dynamic and static taint analysis to propagate taint along control dependencies. Our approach has proven to be effective in analyzing several malicious Android applications that invoke native librairies with reasonable performance overheads.
Complete list of metadata
Contributor : Jean-Louis Lanet Connect in order to contact the contributor
Submitted on : Friday, October 21, 2016 - 7:50:36 AM
Last modification on : Monday, March 14, 2022 - 11:08:13 AM

Links full text



Mariem Graa, Frédéric Cuppens, Nora Cuppens-Boulahia, Jean-Louis Lanet. Tracking explicit and control flows in Java and native Android apps code,. ICISSP 2016 : 2nd International Conference on Information Systems Security and Privacy,, Feb 2016, Roma, Italy. ⟨10.5220/0005686603070316⟩. ⟨hal-01385196⟩



Record views