
Registered user since Wed 29 Sep 2021
Contributions
View general profile
Registered user since Wed 29 Sep 2021
Contributions
Journal-first Papers
Thu 14 Sep 2023 10:30 - 10:42 at Room D - Mobile Development 1 Chair(s): Jordan Samhino description available
File AttachedResearch Papers
Thu 14 Sep 2023 13:54 - 14:06 at Room D - Mobile Development 2 Chair(s): Jordan SamhiReact Native is a widely-used open-source framework that facilitates the development of cross-platform mobile apps. The framework enables JavaScript code to interact with native-side code, such as Objective-C/Swift for iOS and Java/Kotlin for Android, via a communication mechanism provided by React Native. However, previous research and tools have overlooked this mechanism, resulting in incomplete analysis of React Native app code. To address this limitation, we have developed REUNIFY, a prototype tool that integrates the JavaScript and native-side code of React Native apps into an intermediate language that can be processed by the Soot static analysis framework. By doing so, REUNIFY enables the generation of a comprehensive model of the app’s behavior. Our evaluation indicates that, by leveraging REUNIFY, the Soot-based framework can improve its coverage of static analysis for the 1,007 most popular React Native Android apps, augmenting the number of lines of Jimple code by 70%. Additionally, we observed an average increase of 84% in new nodes reached in the callgraph for these apps, after integrating REUNIFY. When REUNIFY is used for taint flow analysis, an average of two additional privacy leaks were identified. Overall, our results demonstrate that REUNIFY significantly enhances the Soot-based framework’s capability to analyze React Native Android apps.
Pre-printTemporal inconsistency in Android malware datasets can significantly distort the performance of these models, leading to inflated detection accuracy. Existing methods to detect temporal inconsistency in biased datasets, while useful, have limitations. They struggle when temporal inconsistencies are small, and their requirement of knowing the specific year of the dataset is often unfeasible in real-world scenarios. Motivated by these challenges, we introduce a novel and more effective method for identifying temporal inconsistency in Android malware datasets. Unlike prior studies, our method can identify the temporal inconsistency on an unknown dataset quickly and accurately without any assumption. Besides, We introduce a new dataset comprising 78k diverse Android samples, including malware and benign app samples spanning various time frames, specifically designed to study temporal inconsistency. Through a systematic evaluation of our proposed technique using this new dataset, we demonstrate its effectiveness in dealing with temporal inconsistency. Our experiments indicate that our method can achieve an accuracy rate of 98.3% in detecting temporal inconsistency in unknown datasets. Additionally, we established the efficacy of our feature selection process, which is integral to our approach, and demonstrated our method’s robustness when applied to unknown datasets. Our findings set a new benchmark in Android malware detection, paving the way for more reliable and accurate ML-based detection methods.