Do Android Taint Analysis Tools Keep Their Promises?

Preprint English OPEN
Pauck, Felix; Bodden, Eric; Wehrheim, Heike;

In recent years, researchers have developed a number of tools to conduct taint analysis of Android applications. While all the respective papers aim at providing a thorough empirical evaluation, comparability is hindered by varying or unclear evaluation targets. Sometim... View more
  • References (35)
    35 references, page 1 of 4

    [1] Maqsood Ahmad, Valerio Costamagna, Bruno Crispo, and Francesco Bergadano. 2017. TeICC: targeted execution of inter-component communications in Android. In SAC, Marrakech, Morocco, 2017, Ahmed Sefah, Birgit Penzenstadler, Carina Alves, and Xin Peng (Eds.). ACM, 1747-1752.

    [2] Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick D. McDaniel. 2014. FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps. In PLDI, Edinburgh, United Kingdom, 2014, Michael F. P. O'Boyle and Keshav Pingali (Eds.). ACM, 259-269.

    [3] Kathy Wain Yee Au, Yi Fan Zhou, Zhen Huang, and David Lie. 2012. PScout: analyzing the Android permission specification. In CCS, Raleigh, USA, 2012, Ting Yu, George Danezis, and Virgil D. Gligor (Eds.). ACM, 217-228.

    [4] Hamid Bagheri, Alireza Sadeghi, Reyhaneh Jabbarvand Behrouz, and Sam Malek. 2016. Practical, Formal Synthesis and Automatic Enforcement of Security Policies for Android. In DSN, Toulouse, France, 2016. IEEE Computer Society, 514-525.

    [5] Dirk Beyer. 2017. Software Verification with Validation of Results - (Report on SV-COMP 2017). In TACAS (ETAPS), Uppsala, Sweden, 2017 (LNCS), Axel Legay and Tiziana Margaria (Eds.), Vol. 10206. 331-349.

    [6] Armin Biere, Tom van Dijk, and Keijo Heljanko. 2017. Hardware model checking competition 2017. In FMCAD, Vienna, Austria, 2017, Daryl Stewart and Georg Weissenbacher (Eds.). IEEE, 9.

    [7] Amiangshu Bosu, Fang Liu, Danfeng (Daphne) Yao, and Gang Wang. 2017. Collusive Data Leak and More: Large-scale Threat Analysis of Inter-app Communications. In AsiaCCS, Abu Dhabi, United Arab Emirates, 2017, Ramesh Karri, Ozgur Sinanoglu, Ahmad-Reza Sadeghi, and Xun Yi (Eds.). ACM, 71-85.

    [8] Stefano Calzavara, Ilya Grishchenko, and Matteo Mafei. 2016. HornDroid: Practical and Sound Static Analysis of Android Applications by SMT Solving. In EuroS&P, Saarbrücken, Germany, 2016. IEEE, 47-62.

    [9] Xingmin Cui, Jingxuan Wang, Lucas Chi Kwong Hui, Zhongwei Xie, Tian Zeng, and Siu-Ming Yiu. 2015. WeChecker: eficient and precise detection of privilege escalation vulnerabilities in Android apps. In WiSec, New York, USA, 2015. ACM, 25:1-25:12.

    [10] William Enck, Peter Gilbert, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick D. McDaniel, and Anmol Sheth. 2010. TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. In OSDI, Vancouver, Canada, 2010, Remzi H. Arpaci-Dusseau and Brad Chen (Eds.). USENIX Association, 393-407.

  • Related Research Results (1)
  • Related Organizations (1)
  • Metrics
Share - Bookmark