Proceedings 2015 Network and Distributed System Security Symposium 2015
DOI: 10.14722/ndss.2015.23089
|View full text |Cite
|
Sign up to set email alerts
|

Information-Flow Analysis of Android Applications in DroidSafe

Abstract: Abstract-We present DroidSafe, a static information flow analysis tool that reports potential leaks of sensitive information in Android applications. DroidSafe combines a comprehensive, accurate, and precise model of the Android runtime with static analysis design decisions that enable the DroidSafe analyses to scale to analyze this model. This combination is enabled by accurate analysis stubs, a technique that enables the effective analysis of code whose complete semantics lies outside the scope of Java, and … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
4
1

Citation Types

0
207
0
2

Year Published

2015
2015
2021
2021

Publication Types

Select...
5
5

Relationship

0
10

Authors

Journals

citations
Cited by 334 publications
(209 citation statements)
references
References 32 publications
0
207
0
2
Order By: Relevance
“…For instance, FlowDroid [5] performs "context-, flow-, field-, object-sensitive and lifecycleaware static taint analysis for Android apps" to detect intracomponent sensitive data flows. Several other works have been presented to detect inter-component information flows [13], [14], [16], [25]. For example, IccTA [16] leverages FlowDroid to perform inter-component static taint analysis through instrumenting Android apps, reducing an inter-component problem to an intra-component problems.…”
Section: Related Workmentioning
confidence: 99%
“…For instance, FlowDroid [5] performs "context-, flow-, field-, object-sensitive and lifecycleaware static taint analysis for Android apps" to detect intracomponent sensitive data flows. Several other works have been presented to detect inter-component information flows [13], [14], [16], [25]. For example, IccTA [16] leverages FlowDroid to perform inter-component static taint analysis through instrumenting Android apps, reducing an inter-component problem to an intra-component problems.…”
Section: Related Workmentioning
confidence: 99%
“…Many previous efforts were made to pursue in-depth analysis of application behaviors. Ded [22], DroidSIFT [41], CHEX [28], PEG [18], FlowDroid [15], DroidSafe [24] and AppAudit [38] practiced static dataflow analysis to identify specific code (e.g. malicious code or heavy computation code [20]) in Android apps.…”
Section: Question Set 4: Android Unpackersmentioning
confidence: 99%
“…DroidSafe [29] provides a static information flow analysis framework. It analyzes an information flow that has the potential to include sensitive data.…”
Section: Related Workmentioning
confidence: 99%