Blogs (1) >>
ASE 2019
Sun 10 - Fri 15 November 2019 San Diego, California, United States
Tue 12 Nov 2019 14:40 - 15:00 at Hillcrest - Mobile 2 Chair(s): Myra Cohen

Given the event-driven and framework-based architecture of Android apps, finding the ordering of callbacks executed by the framework remains a problem that affects every tool that requires inter-callback reasoning. Previous work has focused on the ordering of callbacks related to the Android components and GUI events. But the execution of callbacks can also come from direct calls of the framework (API calls). This paper defines a novel program representation, called Callback Control Flow Automata (CCFA), that specifies the control flow of callbacks invoked via a variety of sources. We present an analysis to automatically construct CCFAs by combining two callback control flow representations developed from the previous research, namely, Window Transition Graphs (WTGs) and Predicate Callback Summaries (PCSs). To demonstrate the usefulness of our representation, we integrated CCFAs into two client analyses: a taint analysis using FLOWDROID, and a value-flow analysis that computes source and sink pairs of a program. Our evaluation shows that we can compute CCFAs efficiently and that CCFAs improved the callback coverages over WTGs. As a result of using CCFAs, we obtained 33 more true positive security leaks than FLOWDROID over a total of 55 apps we have run. With a low false positive rate, we found that 22.76% of source-sink pairs we computed are located in different callbacks and that 31 out of 55 apps contain source-sink pairs spreading across components. Thus, callback control flow graphs and inter-callback analysis are indeed important. Although this paper mainly uses Android, we believe that CCFAs can be useful for modeling control flow of callbacks for other event-driven, framework-based systems.

Tue 12 Nov

13:40 - 15:20: Papers - Mobile 2 at Hillcrest
Chair(s): Myra CohenIowa State University
ase-2019-papers13:40 - 14:00
A Qualitative Analysis of Android Taint-Analysis Results
Linghui LuoPaderborn University, Eric BoddenHeinz Nixdorf Institut, Paderborn University and Fraunhofer IEM, Johannes SpäthFraunhofer IEM
ase-2019-papers14:00 - 14:20
Goal-Driven Exploration for Android Applications
Duling LaiUniversity of British Columbia, Julia RubinUniversity of British Columbia
ase-2019-papers14:20 - 14:40
RANDR: Record and Replay for Android Applications via Targeted Runtime Instrumentation
Onur SahinBoston University, Assel AliyevaBoston University, Hariharan MathavanBoston University, Ayse CoskunBoston University, Manuel EgeleBoston University, USA
ase-2019-Journal-First-Presentations14:40 - 15:00
Specifying Callback Control Flow of Mobile Apps Using Finite Automata
Danilo Dominguez PerezIowa State University, Wei LeIowa State University
Link to publication
ase-2019-papers15:00 - 15:20
MalScan: Fast Market-Wide Mobile Malware Scanning by Social-Network Centrality Analysis
Yueming WuHuazhong University of Science and Technology, Xiaodi LiUniversity of Texas at Dallas, Deqing ZouHuazhong University of Science and Technology, Wei YangUniversity of Texas at Dallas, Xin ZhangHuazhong University of Science and Technology, Hai JinHuazhong University of Science and Technology