Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 1 of 1
Full-Text Articles in Engineering
When Program Analysis Meets Bytecode Search: Targeted And Efficient Inter-Procedural Analysis Of Modern Android Apps In Backdroid, Daoyuan Wu, Debin Gao, Robert H. Deng, Rocky Chang
When Program Analysis Meets Bytecode Search: Targeted And Efficient Inter-Procedural Analysis Of Modern Android Apps In Backdroid, Daoyuan Wu, Debin Gao, Robert H. Deng, Rocky Chang
Research Collection School Of Computing and Information Systems
Widely-used Android static program analysis tools,e.g., Amandroid and FlowDroid, perform the whole-app interprocedural analysis that is comprehensive but fundamentallydifficult to handle modern (large) apps. The average app size hasincreased three to four times over five years. In this paper, weexplore a new paradigm of targeted inter-procedural analysis thatcan skip irrelevant code and focus only on the flows of securitysensitive sink APIs. To this end, we propose a technique calledon-the-fly bytecode search, which searches the disassembled appbytecode text just in time when a caller needs to be located. In thisway, it guides targeted (and backward) inter-procedural analysisstep by step until reaching …