FSAFlow: Lightweight and Fast Dynamic Path Tracking and Control for Privacy Protection on Android Using Hybrid Analysis with State-Reduction Strategy

Yang, Zhi; Yuan, Zhanhui; Jin, Shuyuan; Sun, Lei; Du, Xuehui; Li, Wenfa; Zhang, Hongqi

doi:10.1109/sp46214.2022.9833764

Cited by 5 publications

(5 citation statements)

References 57 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Similar, Yang et al [13] developed a hybrid solution, named FSAFlow, that has better precision than the static analysis tool FlowDroid or the dynamic approach Taint-Droid [92]. FSAFlow uses a finite state machine for monitoring the execution paths of an AUT and provides a statereduction strategy to optimise the analysis process.…”

Section: B Dynamic Taint Analysismentioning

confidence: 99%

“…A particular challenge is to guide dynamic analysis techniques towards an exhaustive exploration of possible program paths [8], [9], [10], [11], [12]. Hybrid approaches combine both static and dynamic analyses, and have been shown to outperform solutions that rely solely on either of both approaches in certain cases [13].…”

mentioning

confidence: 99%

“…[47],[48],[49] [50],[51],[52] [53],[54] [55],[56],[57],[58] [59][60],[13] [7],[61],[62] [63],[64] 21Malware[65],[66],[67] [68][69][70],[71],[72],[73] [74],[75],[76] …”

mentioning

confidence: 99%

See 2 more Smart Citations

Dynamic Security Analysis on Android: A Systematic Literature Review

Sutter,

Kehrer,

Rennhard

et al. 2024

IEEE Access

View full text Add to dashboard Cite

Dynamic analysis is a technique that is used to fully understand the internals of a system at runtime. On Android, dynamic security analysis involves real-time assessment and active adaptation of an app's behaviour, and is used for various tasks, including network monitoring, system-call tracing, and taint analysis. The research on dynamic analysis has made significant progress in the past years. However, to the best of our knowledge, there is a lack in secondary studies that analyse the novel ideas and common limitations of current security research. The main aim of this work is to understand dynamic security analysis research on Android to present the current state of knowledge, highlight research gaps, and provide insights into the existing body of work in a structured and systematic manner. We conduct a systematic literature review (SLR) on dynamic security analysis for Android. The systematic review establishes a taxonomy, defines a classification scheme, and explores the impact of advanced Android app testing tools on security solutions in software engineering and security research. The study's key findings centre on tool usage, research objectives, constraints, and trends. Instrumentation and network monitoring tools play a crucial role, with research goals focused on app security, privacy, malware detection, and software testing automation. Identified limitations include code coverage constraints, security-related analysis obstacles, app selection adequacy, and non-deterministic behaviour. Our study results deepen the understanding of dynamic analysis in Android security research by an indepth review of 43 publications. The study highlights recurring limitations with automated testing tools and concerns about detecting or obstructing dynamic analysis.

show abstract

Section: B Dynamic Taint Analysismentioning

confidence: 99%

mentioning

confidence: 99%

See 1 more Smart Citation

Dynamic Security Analysis on Android: A Systematic Literature Review

Sutter,

Kehrer,

Rennhard

et al. 2024

IEEE Access

View full text Add to dashboard Cite

show abstract

“…InputScope [28] uses a static taint analysis to mark user input and monitor its propagation to identify user input validations that can expose hidden secrets such as backdoors and blacklists. Path tracking [29], taint value graph analysis [30], and hybrid analysis [31] are proposed to quickly detect malicious privacy leakage. IFA itself does not provide an automatic judgment of whether the revealed information flow path is malicious, and what kind of information disclosure is malicious needs to be specified by experts.…”

Section: Related Workmentioning

confidence: 99%

“…The information flow analysis [23][24][25][26][27][28][29][30][31][32][33][34] is another type of mainstream method whereby malicious behaviors, such as privacy theft, hijacking, and deception, are detected by calculating the reachability of information flow to search for potential leaks and penetration paths. Although this method analyzes the behavior of information flow, the tracking overhead is considerable.…”

Section: Introductionmentioning

confidence: 99%

DroidFDR: Automatic Classification of Android Malware Using Model Checking

et al. 2022

View full text Add to dashboard Cite

Android faces an increasing threat of malware attacks. The few existing formal detection methods have drawbacks such as complex code modeling, incomplete and inaccurate expression of family properties, and excessive manual participation. To this end, this paper proposes a formal detection method, called DroidFDR, for Android malware classification based on communicating sequential processes (CSP). In this method, the APK file of an application is converted to an easy-to-analyze representation, namely Jimple, in order to model the code behavior with CSP. The process describing the behavior of a sample is inputted to an FDR model checker to be simplified and verified against a process that is automatically abstracted from the malware to express the property of a family. The sample is classified by detecting whether it has the typical behavior of any family property. DroidFDR can capture the behavioral characteristics of malicious code such as control flow, data flow, procedure calls, and API calls. The experimental results show that the automated method can characterize the behavior patterns of applications from the structure level, with a high family classification accuracy of 99.06% in comparison with another formal detection method.

show abstract

TaintGuard: Preventing implicit privilege leakage in smart contract based on taint tracking at abstract syntax tree level

Yang

et al. 2023

Journal of Systems Architecture

View full text Add to dashboard Cite

FSAFlow: Lightweight and Fast Dynamic Path Tracking and Control for Privacy Protection on Android Using Hybrid Analysis with State-Reduction Strategy

Cited by 5 publications

References 57 publications

Dynamic Security Analysis on Android: A Systematic Literature Review

Dynamic Security Analysis on Android: A Systematic Literature Review

DroidFDR: Automatic Classification of Android Malware Using Model Checking

TaintGuard: Preventing implicit privilege leakage in smart contract based on taint tracking at abstract syntax tree level

Contact Info

Product

Resources

About