Heaps'n leaks

Benz, Manuel; Kristensen, Erik Krogh; Luo, Linghui; Borges, Nataniel P.; Bodden, Eric; Zeller, Andreas

doi:10.1145/3377811.3380438

Cited by 7 publications

(2 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To overcome such limitations, dynamic taint analysis can be used to some extent. For instance, Benz et al [57] developed a method based on heap snapshots and extended the static taint analysis tool FlowDroid [3] to be more efficient. A heap snaphot contains a representation of the program objects at runtime at a selected point in time.…”

Section: B Dynamic Taint Analysismentioning

confidence: 99%

See 1 more Smart Citation

Dynamic Security Analysis on Android: A Systematic Literature Review

Sutter,

Kehrer,

Rennhard

et al. 2024

IEEE Access

View full text Add to dashboard Cite

Dynamic analysis is a technique that is used to fully understand the internals of a system at runtime. On Android, dynamic security analysis involves real-time assessment and active adaptation of an app's behaviour, and is used for various tasks, including network monitoring, system-call tracing, and taint analysis. The research on dynamic analysis has made significant progress in the past years. However, to the best of our knowledge, there is a lack in secondary studies that analyse the novel ideas and common limitations of current security research. The main aim of this work is to understand dynamic security analysis research on Android to present the current state of knowledge, highlight research gaps, and provide insights into the existing body of work in a structured and systematic manner. We conduct a systematic literature review (SLR) on dynamic security analysis for Android. The systematic review establishes a taxonomy, defines a classification scheme, and explores the impact of advanced Android app testing tools on security solutions in software engineering and security research. The study's key findings centre on tool usage, research objectives, constraints, and trends. Instrumentation and network monitoring tools play a crucial role, with research goals focused on app security, privacy, malware detection, and software testing automation. Identified limitations include code coverage constraints, security-related analysis obstacles, app selection adequacy, and non-deterministic behaviour. Our study results deepen the understanding of dynamic analysis in Android security research by an indepth review of 43 publications. The study highlights recurring limitations with automated testing tools and concerns about detecting or obstructing dynamic analysis.

show abstract

Section: B Dynamic Taint Analysismentioning

confidence: 99%

“…[47],[48],[49] [50],[51],[52] [53],[54] [55],[56],[57],[58] [59][60],[13] [7],[61],[62] [63],[64] 21Malware[65],[66],[67] [68][69][70],[71],[72],[73] [74],[75],[76] …”

mentioning

confidence: 99%

Dynamic Security Analysis on Android: A Systematic Literature Review

Sutter,

Kehrer,

Rennhard

et al. 2024

IEEE Access

View full text Add to dashboard Cite

show abstract

TaintBench: Automatic real-world malware benchmarking of Android taint analyses

et al. 2021

Self Cite

View full text Add to dashboard Cite

Due to the lack of established real-world benchmark suites for static taint analyses of Android applications, evaluations of these analyses are often restricted and hard to compare. Even in evaluations that do use real-world apps, details about the ground truth in those apps are rarely documented, which makes it difficult to compare and reproduce the results. To push Android taint analysis research forward, this paper thus recommends criteria for constructing real-world benchmark suites for this specific domain, and presents TaintBench, the first real-world malware benchmark suite with documented taint flows. TaintBench benchmark apps include taint flows with complex structures, and addresses static challenges that are commonly agreed on by the community. Together with the TaintBench suite, we introduce the TaintBench framework, whose goal is to simplify real-world benchmarking of Android taint analyses. First, a usability test shows that the framework improves experts’ performance and perceived usability when documenting and inspecting taint flows. Second, experiments using TaintBench reveal new insights for the taint analysis tools Amandroid and FlowDroid: (i) They are less effective on real-world malware apps than on synthetic benchmark apps. (ii) Predefined lists of sources and sinks heavily impact the tools’ accuracy. (iii) Surprisingly, up-to-date versions of both tools are less accurate than their predecessors.

show abstract