Abstract | Smartphone users suffer from insufficient information on how
commercial as well as malicious apps handle sensitive data
stored on their phones. Automated taint analyses address
this problem by allowing users to detect and investigate how
applications access and handle this data. A current problem with virtually all those analysis approaches is, though,
that they rely on explicit models of the Android runtime library. In most cases, the existence of those models is taken
for granted, despite the fact that the models are hard to
come by: Given the size and evolution speed of a modern
smartphone operating system it is prohibitively expensive to
derive models manually from code or documentation.
In this work, we therefore present StubDroid, the first
fully automated approach for inferring precise and efficient
library models for taint-analysis problems. StubDroid automatically constructs these summaries from a binary distribution of the library. In our experiments, we use StubDroid-inferred models to prevent the static taint analysis
FlowDroid from having to re-analyze the Android runtime
library over and over again for each analyzed app. As the
results show, the models make it possible to analyze apps
in seconds whereas most complete re-analyses would time
out after 30 minutes. Yet, StubDroid yields comparable
precision. In comparison to manually crafted summaries,
StubDroid’s cause the analysis to be more precise and to
use less time and memory. |
---|