Blogs (1) >>
ASE 2019
Sun 10 - Fri 15 November 2019 San Diego, California, United States
Tue 12 Nov 2019 14:40 - 15:00 at Hillcrest - Mobile 2 Chair(s): Myra Cohen

Given the event-driven and framework-based architecture of Android apps, finding the ordering of callbacks executed by the framework remains a problem that affects every tool that requires inter-callback reasoning. Previous work has focused on the ordering of callbacks related to the Android components and GUI events. But the execution of callbacks can also come from direct calls of the framework (API calls). This paper defines a novel program representation, called Callback Control Flow Automata (CCFA), that specifies the control flow of callbacks invoked via a variety of sources. We present an analysis to automatically construct CCFAs by combining two callback control flow representations developed from the previous research, namely, Window Transition Graphs (WTGs) and Predicate Callback Summaries (PCSs). To demonstrate the usefulness of our representation, we integrated CCFAs into two client analyses: a taint analysis using FLOWDROID, and a value-flow analysis that computes source and sink pairs of a program. Our evaluation shows that we can compute CCFAs efficiently and that CCFAs improved the callback coverages over WTGs. As a result of using CCFAs, we obtained 33 more true positive security leaks than FLOWDROID over a total of 55 apps we have run. With a low false positive rate, we found that 22.76% of source-sink pairs we computed are located in different callbacks and that 31 out of 55 apps contain source-sink pairs spreading across components. Thus, callback control flow graphs and inter-callback analysis are indeed important. Although this paper mainly uses Android, we believe that CCFAs can be useful for modeling control flow of callbacks for other event-driven, framework-based systems.

Conference Day
Tue 12 Nov

Displayed time zone: Tijuana, Baja California change

13:40 - 15:20
Mobile 2Research Papers / Journal First Presentations at Hillcrest
Chair(s): Myra CohenIowa State University
13:40
20m
Talk
A Qualitative Analysis of Android Taint-Analysis Results
Research Papers
Linghui LuoPaderborn University, Eric BoddenHeinz Nixdorf Institut, Paderborn University and Fraunhofer IEM, Johannes Sp├ĄthFraunhofer IEM
Pre-print File Attached
14:00
20m
Talk
Goal-Driven Exploration for Android Applications
Research Papers
Duling LaiUniversity of British Columbia, Julia RubinUniversity of British Columbia
Pre-print
14:20
20m
Talk
RANDR: Record and Replay for Android Applications via Targeted Runtime Instrumentation
Research Papers
Onur SahinBoston University, Assel AliyevaBoston University, Hariharan MathavanBoston University, Ayse CoskunBoston University, Manuel EgeleBoston University, USA
14:40
20m
Talk
Specifying Callback Control Flow of Mobile Apps Using Finite Automata
Journal First Presentations
Danilo Dominguez PerezIowa State University, Wei LeIowa State University
Link to publication
15:00
20m
Talk
MalScan: Fast Market-Wide Mobile Malware Scanning by Social-Network Centrality Analysis
Research Papers
Yueming WuHuazhong University of Science and Technology, Xiaodi LiUniversity of Texas at Dallas, Deqing ZouHuazhong University of Science and Technology, Wei YangUniversity of Texas at Dallas, Xin ZhangHuazhong University of Science and Technology, Hai JinHuazhong University of Science and Technology
Pre-print