A model‐based framework for inter‐app Vulnerability analysis of Android applications

Abstract

AbstractAndroid users install various apps, such as banking apps, on their smart devices dealing with user‐sensitive information. The Android framework, via Inter‐Component Communication (ICC) mechanism, ensures that app components (inside the same app or on different apps) can communicate. The literature works have shown that this mechanism can cause security issues, such as app security policy violations, especially in the case of Inter‐App Communication (IAC). Despite the plethora of research on detecting security issues in IAC, detection techniques face fundamental ICC challenges for improving the precision of static analysis. Challenges include providing comprehensive and scalable modeling of app specification, capturing all potential ICC paths, and enabling more effective IAC analysis. To overcome such challenges, in this paper, we propose a framework called VAnDroid2, as an extension of our previous work, to address the security issues in multiple components at both intra‐ and inter‐app analysis levels. VAnDroid2, based on Model‐Driven Reverse Engineering, has extended our previous work as per following: (1) providing a comprehensive Intermediate Representation (IR) of the app which supports extracting all the ICC information from the app, (2) extracting high‐level representations of the apps and their interactions by omitting the details that are not relevant to inter‐app security analysis, and (3) enabling more effective IAC security analysis. This framework is implemented as an Eclipse‐based tool. The results of evaluating VAnDroid2 w.r.t. correctness, scalability, and run‐time performance, and comparing with state‐of‐the‐art analysis tools well indicate that VAnDroid2 is a promising framework in the field of Android inter‐app security analysis.