ABSTRACT
Android mobile applications are vulnerable to code injection attacks. We use taint analysis to approximate the parameters of a sensitive instruction that may originate from user input. We combine it with a string analysis based on automatons to over-approximate the values of the string variables in the program. Using information derived from these two analyses, we detect when untrusted input may be used to inject malicious code into the program, and when the attack patterns were removed using a sanitizer operation. The proposed approach was implemented on top of FlowDroid. Experimental results show that the resulting analyzer, , is very efficient at detecting command injection vulnerabilities.
- [n.d.]. Open Web Application Security Project.Available at https://www.owasp.org.Google Scholar
- [n.d.]. SecuriBench Micro Benchmark Suite.Available at https://suif.stanford.edu/~livshits/work/securibench-micro/.Google Scholar
- [n.d.]. VirusShare Benchmark Suite.Available at https://virusshare.com/.Google Scholar
- 2020. Command Injection in Android With Automatons.Available at https://drive.google.com/_file/d/1rRAtpmif8zsK2b6JaT8GhjXY8K8jNsee/view?usp=sharing.Google Scholar
- Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick McDaniel. 2014. FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps. SIGPLAN Not. 49, 6 (June 2014), 259–269. https://doi.org/10.1145/2666356.2594299Google ScholarDigital Library
- Christian Fritz, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick McDaniel. 2013. Highly precise taint analysis for android applications. (2013).Google Scholar
- Xing Jin, Xuchao Hu, Kailiang Ying, Wenliang Du, Heng Yin, and Gautam Nagesh Peri. 2014. Code injection attacks on html5-based mobile apps: Characterization, detection and mitigation. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. 66–77.Google ScholarDigital Library
- Assad Maalouf, Lunjin Lu, and James Lynott. 2020. Automata-Based String Analysis for Detecting Malware in Android Programs. International Journal of Information and Communication Engineering 14, 12(2020), 500 – 507. https://publications.waset.org/vol/168Google Scholar
- Lunjin Lu Nabil Almashfi. 2020. Static Taint Analysis for JavaScript Programs. Tampa, USA (2020).Google Scholar
- Sebastian Poeplau, Yanick Fratantonio, Antonio Bianchi, Christopher Kruegel, and Giovanni Vigna. 2014. Execute this! analyzing unsafe and malicious dynamic code loading in android applications.. In NDSS, Vol. 14. 23–26.Google Scholar
- Fang Yu, Tevfik Bultan, Marco Cova, and Oscar H Ibarra. 2008. Symbolic string verification: An automata-based approach. In International SPIN Workshop on Model Checking of Software. Springer, 306–324.Google ScholarDigital Library
Recommendations
The essence of command injection attacks in web applications
Proceedings of the 2006 POPL ConferenceWeb applications typically interact with a back-end database to retrieve persistent data and then present the data to the user as dynamically generated output, such as HTML web pages. However, this interaction is commonly done through a low-level API by ...
Sound and precise analysis of web applications for injection vulnerabilities
PLDI '07: Proceedings of the 28th ACM SIGPLAN Conference on Programming Language Design and ImplementationWeb applications are popular targets of security attacks. One common type of such attacks is SQL injection, where an attacker exploits faulty application code to execute maliciously crafted database queries. Bothstatic and dynamic approaches have been ...
Leveraging historical versions of Android apps for efficient and precise taint analysis
MSR '18: Proceedings of the 15th International Conference on Mining Software RepositoriesToday, computing on various Android devices is pervasive. However, growing security vulnerabilities and attacks in the Android ecosystem constitute various threats through user apps. Taint analysis is a common technique for defending against these ...
Comments