Professional Documents
Culture Documents
A Study of Android Application Security: William Enck, Damien Octeau, Patrick Mcdaniel, and Swarat Chaudhuri
A Study of Android Application Security: William Enck, Damien Octeau, Patrick Mcdaniel, and Swarat Chaudhuri
Application
Application
Application
Application
Application
Application
Application
of insufficient protection of privacy sensitive infor- Bluetooth
mation. However, we found no exploitable vulnera-
bilities that can lead malicious control of the phone. GPS
DVM
DVM
DVM
DVM
DVM
DVM
DVM
Receiver
[22] H OVEMEYER , D., AND P UGH , W. Finding Bugs is Easy. In Pro- [41] S CHLEGEL , R., Z HANG , K., Z HOU , X., I NTWALA , M., K APA -
ceedings of the ACM conference on Object-Oriented Program- DIA , A., AND WANG , X. Soundcomber: A Stealthy and Context-
ming Systems, Languages, and Applications (2004). Aware Sound Trojan for Smartphones. In Proceedings of the Net-
work and Distributed System Security Symposium (2011).
[23] J OHNS , T. Securing Android LVL Applications.
http://android-developers.blogspot.com/2010/ [42] S CHWARZ , B., C HEN , H., WAGNER , D., M ORRISON , G.,
09/securing-android-lvl-applications.html, 2010. W EST, J., L IN , J., AND T U , W. Model Checking an Entire
Linux Distribution for Security Violations. In Proceedings of the
[24] J UNG , J., S HETH , A., G REENSTEIN , B., W ETHERALL , D., Annual Computer Security Applications Conference (2005).
M AGANIS , G., AND KOHNO , T. Privacy Oracle: A System for
Finding Application Leaks with Black Box Differential Testing. [43] S TORM , D. Zombies and Angry Birds attack: mobile phone mal-
In Proceedings of the ACM conference on Computer and Com- ware. Computerworld (November 2010).
munications Security (2008). [44] T IURYN , J. Type inference problems: A survey. In Proceedings
[25] K ASPERSKEY L AB. First SMS Trojan detected for smartphones of the Mathematical Foundations of Computer Science (1990).
running Android. http://www.kaspersky.com/news?id= [45] VALLEE -R AI , R., G AGNON , E., H ENDREN , L., L AM , P., P OM -
207576158, August 2010. INVILLE , P., AND S UNDARESAN , V. Optimizing java bytecode
[26] K IRDA , E., K RUEGEL , C., BANKS , G., V IGNA , G., AND K EM - using the soot framework: Is it feasible? In International Confer-
MERER , R. A. Behavior-based Spyware Detection. In Proceed- ence on Compiler Construction, LNCS 1781 (2000), pp. 18–34.
ings of the 15th USENIX Security Symposium (Aug. 2006). [46] WARE , M. S., AND F OX , C. J. Securing Java Code: Heuristics
[27] K RALEVICH , N. Best Practices for Handling Android User and an Evaluation of Static Analysis Tools. In Proceedings of the
Data. http://android-developers.blogspot.com/2010/ Workshop on Static Analysis (SAW) (2008).
08/best-practices-for-handling-android.html, 2010. [47] Y IN , H., S ONG , D., E GELE , M., K RUEGEL , C., AND K IRDA ,
[28] L IVSHITS , V. B., AND L AM , M. S. Finding Security Vulnera- E. Panorama: Capturing System-wide Information Flow for Mal-
bilities in Java Applications with Static Analysis. In Proceedings ware Detection and Analysis. In Proceedings of the ACM confer-
of the 14th USENIX Security Symposium (2005). ence on Computer and Communications Security (2007).
[29] L OOKOUT. Update and Clarification of Analysis of Mobile Ap-
plications at Blackhat 2010. http://blog.mylookout.com/
2010/07/mobile-application-analysis-blackhat/,
Notes
July 2010. 1 The undx and dex2jar tools attempt to decompile .dex files, but
[30] M C DANIEL , P., AND E NCK , W. Not So Great Expectations: were non-functional at the time of this writing.
Why Application Markets Haven’t Failed Security. IEEE Secu- 2 Note that it is sufficient to find any type-exposing instruction for
rity & Privacy Magazine 8, 5 (September/October 2010), 76–78. a register assignment. Any code that could result in different types for
[31] M IECZNIKOWSKI , J., AND H ENDREN , L. Decompiling java us- the same register would be illegal. If this were to occur, the primitive
ing staged encapsulation. In Proceedings of the Eighth Working type would be dependent on the path taken at run time, a clear violation
Conference on Reverse Engineering (2001). of Java’s type system.
3 Fortunately, these dangerous applications are now nonfunc-
[32] M IECZNIKOWSKI , J., AND H ENDREN , L. J. Decompiling java
tional, as the imnet.us NS entry is NS1.SUSPENDED-FOR.
bytecode: Problems, traps and pitfalls. In Proceedings of the 11th
SPAM-AND-ABUSE.COM.
International Conference on Compiler Construction (2002).