Android inter-component communication analysis with intent revision

Abstract

The success of Android OS can partially be attributed to the communication model, named Inter-Component Communication (ICC) model, which promotes the development of loosely-coupled applications. Unfortunately, ICC models which provide a mechanism for data exchanging between components is possibly exploited by malicious applications to threaten privacy of users. Thus, to detect privacy leaks in Android malware, ICC analysis will play a fundamental role which directly affects the accuracy in tracking leaks. However, in the existing ICC analysis approaches, reuse and revision of Intents across-component are not taken into account such that lots of potential leaks will escape from being tracked. This paper is devoted to ICC analysis on reused and revised Intents. First, ICC values are analyzed by taking reused and revised Intents into account. With this basis, target components of Intents are computed and ICC Graphs (ICCG) of Android apps are built. Further, on ICCGs, ICC flows, following which ICC leaks across-component can be tracked, are produced. The proposed approach has been implemented in a tool called ICCA. To evaluate it, experiments are carried out on two datasets: GooglePlay and Malgenome. The former one consists of 1000 applications randomly downloaded from Google Play store and the latter one includes 1260 malware samples. Experimental results show that the proposed ICC analyzing approach is effective in practice.