Context Correlation for Automated Dynamic Android App Analysis to Improve Impact Rating of Privacy and Security Flaws

AuthorHeid, Kris; Heider, Jens
TypeConference Paper
AbstractPrivacy and security flaws in apps are commonly detected by static and dynamic analysis approaches. However, the realistic impact rating for detected flaws is often limited. Static approaches lack runtime information and dynamic analysis miss program structure information. We aim to build a dynamic analysis environment and rate the flaw impact based on the data flow context. We correlate the traced API call chains with data sources and sinks of processed information. This way, the actual runtime information is used and program structures for significant data flows can be reconstructed. Therefore, this publication proposes a method for collecting execution traces based on automated function hooking and mechanisms to create and analyze data flow graphs from these traces. We demonstrate the scalability of our privacy and security analysis by automatically analyzing and evaluating the top 1000 free apps from Google Play. Manual app analysis and damn vulnerable app projects prove the high quality results of our automated approach during evaluation.
ConferenceInternational Conference on Risks and Security of Internet and Systems 2022