Scalable, Flow-and-Context-Sensitive Taint Analysis of Android Applications
[PDF]
[VIEW]
Bibtex:
@article{article,
author = {Choi, Wontae and Kannan, Jayanthkumar and Babic, Domagoj},
year = {2019},
month = {4},
pages = {1--14},
title = {A Scalable, Flow-and-Context-Sensitive Taint Analysis of Android Applications},
volume = {51},
journal = {Journal of Visual Languages & Computing},
doi = {10.1016/j.jvlc.2018.10.005}
}
Abstract:
This paper focuses on scalable static analysis techniques for finding information
leaks in Android apps. Finding such leaks scalably is challenging because Android apps have on average over 100 invocations of sensitive APIs, yielding a
massive multi-source taint analysis problem.
We present the design of STAR, a context-sensitive and flow-sensitive multisource taint analysis aimed at tackling this problem. STAR incorporates two
main ideas to achieve high performance and scalability. The first is a novel
summarization technique we refer to as symbolic summarization, which is crucial
for the analysis to scale well with the number of source APIs. The second is a
combination of techniques aimed at efficient propagation of abstract states both
within and across method boundaries. Our experiments over a dataset composed
of 400,000 apps show that the proposed techniques improve performance over
an IFDS-style analysis by a factor of 30 on average, and by up to four orders of
magnitude on large apps.