Static analysis of android apps: A systematic literature review

Li, Li; Bissyand, Tegawend F.; Papadakis, Mike; Rasthofer, Siegfried; Bartel, Alexandre; Octeau, Damien; Klein, Jacques; Traon, Pierre‐Yves Le

doi:10.1016/j.infsof.2017.04.001

Cited by 272 publications

(192 citation statements)

References 48 publications

(38 reference statements)

Supporting

Mentioning

178

Contrasting

Unclassified

Order By: Relevance

“…To that end, based on the motivation example and our study of reflective call patterns, we observe that the reflection problem can be modeled as a constant propagation 5 The format of an apk is actually a compressed ZIP archive.…”

Section: Ram -Reflection Analysis Modulementioning

confidence: 99%

“…In particular, reflection can be used to hide the real purpose, e.g., by invoking a method at runtime to escape static scanning, or simply to deliver malicious code [4]. We have conducted a quick review of recent contributions on static analysis-based approaches for Android, and have found that over 90% of around 90 publications [5] from top conferences (including ICSE and ISSTA) do not tackle reflection. Indeed, most state-of-the-art approaches and tools for static analysis of Android simply ignore the use of reflection [6,7] or may treat it partially [8,9].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

DroidRA: taming reflection to support whole-program analysis of Android apps

Bissyandé

Octeau

et al. 2016

Proceedings of the 25th International Symposium on Software Testing and Analysis

Self Cite

130

View full text Add to dashboard Cite

Android developers heavily use reflection in their apps for legitimate reasons, but also significantly for hiding malicious actions. Unfortunately, current state-of-the-art static analysis tools for Android are challenged by the presence of reflective calls which they usually ignore. Thus, the results of their security analysis, e.g., for private data leaks, are inconsistent given the measures taken by malware writers to elude static detection. We propose the DroidRA instrumentationbased approach to address this issue in a non-invasive way. With DroidRA, we reduce the resolution of reflective calls to a composite constant propagation problem. We leverage the COAL solver to infer the values of reflection targets and app, and we eventually instrument this app to include the corresponding traditional Java call for each reflective call. Our approach allows to boost an app so that it can be immediately analyzable, including by such static analyzers that were not reflection-aware. We evaluate DroidRA on benchmark apps as well as on real-world apps, and demonstrate that it can allow state-of-the-art tools to provide more sound and complete analysis results.

show abstract

Section: Ram -Reflection Analysis Modulementioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

DroidRA: taming reflection to support whole-program analysis of Android apps

Bissyandé

Octeau

et al. 2016

Proceedings of the 25th International Symposium on Software Testing and Analysis

Self Cite

130

View full text Add to dashboard Cite

show abstract

“…Our visions aims to bring the Android research community to topics specific to SPLE. The research field on malware detection is creating advanced and scalable methods for mining app markets [12]. Their objective is to heuristically define if a legitimate app has a malware counterpart signed with another certificate.…”

Section: Related Workmentioning

confidence: 99%

Mining families of android applications for extractive SPL adoption

Martínez

Ziadi³

et al. 2016

Proceedings of the 20th International Systems and Software Product Line Conference

Self Cite

View full text Add to dashboard Cite

The myriads of smart phones around the globe gave rise to a vast proliferation of mobile applications. These applications target an increasing number of user profiles and tasks. In this context, Android is a leading technology for their development and on-line markets are the main means for their distribution. In this paper we motivate, from two perspectives, the mining of these markets with the objective to identify families of apps variants in the wild. The first perspective is related to research activities where building realistic case studies for evaluating extractive SPL adoption techniques are needed. The second is related to a largescale, world-wide and time-aware study of reuse practice in an industry which is now flourishing among all others within the software engineering community. This study is relevant to assess potential for SPLE practices adoption. We present initial implementations of the mining process and we discuss analyses of variant families.

show abstract

“…Unfortunately, the state-of-the-art on repackaged/clone app detection builds on internal heuristics are tedious to replicate, while the associated prototype tools are not available for furthering research in these directions [5]. Most of repackaged app detection works [3], [6] indeed do not come with reusable tools for the research community.…”

Section: Introductionmentioning

confidence: 99%

SimiDroid: Identifying and Explaining Similarities in Android Apps

Bissyandé

Klein

2017

2017 IEEE Trustcom/BigDataSE/Icess

Self Cite

View full text Add to dashboard Cite

Abstract-App updates and repackaging are recurrent in the Android ecosystem, filling markets with similar apps that must be identified and analyzed to accelerate user adoption, improve development efforts, and prevent malware spreading. Despite the existence of several approaches to improve the scalability of detecting repackaged/cloned apps, researchers and practitioners are eventually faced with the need for a comprehensive pairwise comparison to understand and validate the similarities among apps. This paper describes the design of SimiDroid, a framework for multi-level comparison of Android apps. SimiDroid is built with the aim to support the understanding of similarities/changes among app versions and among repackaged apps. In particular, we demonstrate the need and usefulness of such a framework based on different case studies implementing different analyzing scenarios for revealing various insights on how repackaged apps are built. We further show that the similarity comparison plugins implemented in SimiDroid yield more accurate results than the state-of-the-art.

show abstract

Static analysis of android apps: A systematic literature review

Cited by 272 publications

References 48 publications

DroidRA: taming reflection to support whole-program analysis of Android apps

DroidRA: taming reflection to support whole-program analysis of Android apps

Mining families of android applications for extractive SPL adoption

SimiDroid: Identifying and Explaining Similarities in Android Apps

Contact Info

Product

Resources

About