TY - GEN
T1 - String analysis of android applications
AU - Del Vecchio, Justin
AU - Shen, Feng
AU - Yee, Kenny M.
AU - Wang, Boyu
AU - Ko, Steven Y.
AU - Ziarek, Lukasz
N1 - Publisher Copyright:
© 2015 IEEE.
PY - 2016/1/4
Y1 - 2016/1/4
N2 - The desire to understand mobile applications has resulted in researchers adapting classical static analysis techniques to the mobile domain. Examination of data and control flows in Android apps is now a common practice to classify them. Important to these analyses is a fine-grained examination and understanding of strings, since in Android they are heavily used in intents, URLs, reflection, and content providers. Rigorous analysis of string creation, usage, and value characteristics offers additional information to increase precision of app classification. This paper shows that inter-procedural static analysis that specifically targets string construction and usage can be used to reveal valuable insights for classifying Android apps. To this end, we first present case studies to illustrate typical uses of strings in Android apps. We then present the results of our analysis on real-world malicious and benign apps. Our analysis examines how strings are created and used for URL objects, Java reflection, and Android intents, and infers the actual string values used as much as possible. Our results demonstrate that string disambiguation based on creation, usage, and value indeed provides additional information that may be used to improve precision of classifying application behaviors.
AB - The desire to understand mobile applications has resulted in researchers adapting classical static analysis techniques to the mobile domain. Examination of data and control flows in Android apps is now a common practice to classify them. Important to these analyses is a fine-grained examination and understanding of strings, since in Android they are heavily used in intents, URLs, reflection, and content providers. Rigorous analysis of string creation, usage, and value characteristics offers additional information to increase precision of app classification. This paper shows that inter-procedural static analysis that specifically targets string construction and usage can be used to reveal valuable insights for classifying Android apps. To this end, we first present case studies to illustrate typical uses of strings in Android apps. We then present the results of our analysis on real-world malicious and benign apps. Our analysis examines how strings are created and used for URL objects, Java reflection, and Android intents, and infers the actual string values used as much as possible. Our results demonstrate that string disambiguation based on creation, usage, and value indeed provides additional information that may be used to improve precision of classifying application behaviors.
UR - https://www.scopus.com/pages/publications/84963811942
U2 - 10.1109/ASE.2015.20
DO - 10.1109/ASE.2015.20
M3 - Conference contribution
AN - SCOPUS:84963811942
T3 - Proceedings - 2015 30th IEEE/ACM International Conference on Automated Software Engineering, ASE 2015
SP - 680
EP - 685
BT - Proceedings - 2015 30th IEEE/ACM International Conference on Automated Software Engineering, ASE 2015
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 30th IEEE/ACM International Conference on Automated Software Engineering, ASE 2015
Y2 - 9 November 2015 through 13 November 2015
ER -