Visible to the public Leveraging Historical Versions of Android Apps for Efficient and Precise Taint Analysis

TitleLeveraging Historical Versions of Android Apps for Efficient and Precise Taint Analysis
Publication TypeConference Paper
Year of Publication2018
AuthorsJenkins, J., Cai, H.
Conference Name2018 IEEE/ACM 15th International Conference on Mining Software Repositories (MSR)
ISBN Number978-1-4503-5716-6
Keywordsanalysis effectiveness, android, Android (operating system), Android devices, Android ecosystem, attacks, Benchmark testing, composability, differencing, evolution, EVOTAINT, Google, historical versions, incremental, incremental taint analysis, invasive software, Metrics, mobile computing, Open Source Software, pubcrawl, reachability analysis, real-world evolving Android apps, representative precise taint analysis, security, security vulnerabilities, simultaneous scalability, taint analysis, taint checking, Tools, user apps

Today, computing on various Android devices is pervasive. However, growing security vulnerabilities and attacks in the Android ecosystem constitute various threats through user apps. Taint analysis is a common technique for defending against these threats, yet it suffers from challenges in attaining practical simultaneous scalability and effectiveness. This paper presents a novel approach to fast and precise taint checking, called incremental taint analysis, by exploiting the evolving nature of Android apps. The analysis narrows down the search space of taint checking from an entire app, as conventionally addressed, to the parts of the program that are different from its previous versions. This technique improves the overall efficiency of checking multiple versions of the app as it evolves. We have implemented the techniques as a tool prototype, EVOTAINT, and evaluated our analysis by applying it to real-world evolving Android apps. Our preliminary results show that the incremental approach largely reduced the cost of taint analysis, by 78.6% on average, yet without sacrificing the analysis effectiveness, relative to a representative precise taint analysis as the baseline.

Citation Keyjenkins_leveraging_2018