Together Strong: Cooperative Android App Analysis
F. Pauck, H. Wehrheim, in: Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2019, pp. 374–384.
Download
fse19main-id44-p-ef9ce42-41855-final.pdf
442.60 KB
Conference Paper
| Published
| English
Abstract
Recent years have seen the development of numerous tools for the analysis of taint flows in Android apps. Taint analyses aim at detecting data leaks, accidentally or by purpose programmed into apps. Often, such tools specialize in the treatment of specific features impeding precise taint analysis (like reflection or inter-app communication). This multitude of tools, their specific applicability and their various combination options complicate the selection of a tool (or multiple tools) when faced with an analysis instance, even for knowledgeable users, and hence hinders the successful adoption of taint analyses.
In this work, we thus present CoDiDroid, a framework for cooperative Android app analysis. CoDiDroid (1) allows users to ask questions about flows in apps in varying degrees of detail, (2) automatically generates subtasks for answering such questions, (3) distributes tasks onto analysis tools (currently DroidRA, FlowDroid, HornDroid, IC3 and two novel tools) and (4) at the end merges tool answers on subtasks into an overall answer. Thereby, users are freed from having to learn about the use and functionality of all these tools while still being able to leverage their capabilities. Moreover, we experimentally show that cooperation among tools pays off with respect to effectiveness, precision and scalability.
Keywords
Publishing Year
Proceedings Title
Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering
Page
374-384
ISBN
LibreCat-ID
Cite this
Pauck F, Wehrheim H. Together Strong: Cooperative Android App Analysis. In: Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. ; 2019:374-384. doi:10.1145/3338906.3338915
Pauck, F., & Wehrheim, H. (2019). Together Strong: Cooperative Android App Analysis. Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 374–384. https://doi.org/10.1145/3338906.3338915
@inproceedings{Pauck_Wehrheim_2019, title={Together Strong: Cooperative Android App Analysis}, DOI={10.1145/3338906.3338915}, booktitle={Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering}, author={Pauck, Felix and Wehrheim, Heike}, year={2019}, pages={374–384} }
Pauck, Felix, and Heike Wehrheim. “Together Strong: Cooperative Android App Analysis.” In Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 374–84, 2019. https://doi.org/10.1145/3338906.3338915.
F. Pauck and H. Wehrheim, “Together Strong: Cooperative Android App Analysis,” in Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2019, pp. 374–384, doi: 10.1145/3338906.3338915.
Pauck, Felix, and Heike Wehrheim. “Together Strong: Cooperative Android App Analysis.” Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2019, pp. 374–84, doi:10.1145/3338906.3338915.
Main File(s)
File Name
fse19main-id44-p-ef9ce42-41855-final.pdf
442.60 KB
Access Level
Closed Access
Last Uploaded
2019-08-20T08:47:20Z