Master Thesis Security analysis of Android applications
نویسندگان
چکیده
The now ubiquitous Android platform lacks security features that are considered to be necessary given how easily an application can be uploaded on markets by third-party developers and distributed to a large set of devices. Fortunately, static analysis can help developers, markets and users improve the quality and security of applications at a reasonable cost by being automated. While most existing analyses target specific security properties, we take a step back to build better foundations for the analysis of Android applications. We describe a model and give semantics for a significant part of the system by studying what obstacles existing analyses have faced. We then adapt a classical analysis, known as points-to analysis, to applications. This leads us to design and implement a new form of context-sensitivity for Android, paving the way for further experimentation and more specific security analyses.
منابع مشابه
Enter Sandbox: Android Sandbox Comparison
Expecting the shipment of 1 billion Android devices in 2017, cyber criminals have naturally extended their vicious activities towards Google’s mobile operating system. With an estimated number of 700 new Android applications released every day, keeping control over malware is an increasingly challenging task. In recent years, a vast number of static and dynamic code analysis platforms for analy...
متن کاملSecurity Analysis of Permission-Based Systems using Static Analysis: An Application to the Android Stack
In recent years, mobile devices, such as smart phones, have spread at an exponential rate. The most used system running on these devices, accounting for almost 80% of market share for smart phones world-wide, is the Android software stack. This system runs Android applications that users download from an application market. The system is called a permission-based system since it limits access t...
متن کاملریسک سنج: ابزاری برای سنجش دقیق میزان ریسک امنیتی برنامهها در دستگاههای همراه
Nowadays smartphones and tablets are widely used due to their various capabilities and features for end users. In these devices, accessing a wide range of services and sensitive information including private personal data, contact list, geolocation, sending and receiving messages, accessing social networks and etc. are provided via numerous application programs. These types of accessibilities, ...
متن کاملPScout : Analyzing the Android Permission Specification by Kathy Wain Yee Au
PScout: Analyzing the Android Permission Specification Kathy Wain Yee Au Master of Applied Science Graduate Department of Electrical and Computer Engineering University of Toronto 2012 Modern smartphone operating systems (OSs) have been developed with a greater emphasis on security and protecting privacy. One of the security mechanisms these systems use is permission system. We perform an analy...
متن کاملA Model Guided Security Analysis Approach for Android Applications
Revealing security vulnerabilities is one of great challenges for the Android ecosystem. Static analysis is the usual approach of the security analysis for computer software. However, it is undirected and time-consuming for the common static analysis methods to analyze the entire Android application systematically from the main entry point. In order to adapt to the event-driven feature of Andro...
متن کامل