research-article

FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps

Authors:

Siegfried Rasthofer,

Christian Fritz,

Alexandre Bartel,

Patrick McDanielAuthors Info & Claims

ACM SIGPLAN Notices, Volume 49, Issue 6

Pages 259 - 269

https://doi.org/10.1145/2666356.2594299

Published: 09 June 2014 Publication History

Abstract

Today's smartphones are a ubiquitous source of private and confidential data. At the same time, smartphone users are plagued by carelessly programmed apps that leak important data by accident, and by malicious apps that exploit their given privileges to copy such data intentionally. While existing static taint-analysis approaches have the potential of detecting such data leaks ahead of time, all approaches for Android use a number of coarse-grain approximations that can yield high numbers of missed leaks and false alarms.

In this work we thus present FlowDroid, a novel and highly precise static taint analysis for Android applications. A precise model of Android's lifecycle allows the analysis to properly handle callbacks invoked by the Android framework, while context, flow, field and object-sensitivity allows the analysis to reduce the number of false alarms. Novel on-demand algorithms help FlowDroid maintain high efficiency and precision at the same time.

We also propose DroidBench, an open test suite for evaluating the effectiveness and accuracy of taint-analysis tools specifically for Android apps. As we show through a set of experiments using SecuriBench Micro, DroidBench, and a set of well-known Android test applications, FlowDroid finds a very high fraction of data leaks while keeping the rate of false positives low. On DroidBench, FlowDroid achieves 93% recall and 86% precision, greatly outperforming the commercial tools IBM AppScan Source and Fortify SCA. FlowDroid successfully finds leaks in a subset of 500 apps from Google Play and about 1,000 malware apps from the VirusShare project.

References

[1]

Virus share, aug 2013. http://virusshare.com/.

[2]

IBM Rational AppScan, Apr. 2013. http://www-01.ibm.com/software/de/rational/appscan/.

[3]

Fortify 360 Source Code Analyzer (SCA), Apr. 2013. http://www8.hp.com/us/en/software-solutions/software.html?compURI=1214365#.UW6CVKuAtfQ.

[4]

A. Bartel, J. Klein, Y. Le Traon, and M. Monperrus. Automatically securing permission-based software by reducing the attack surface: an application to android. In ASE 2012, pages 274--277, 2012.

Digital Library

[5]

A. Bartel, J. Klein, Y. Le Traon, and M. Monperrus. Dexpler: converting android dalvik bytecode to jimple for static analysis with soot. In Proceedings of the ACM SIGPLAN International Workshop on State of the Art in Java Program analysis, SOAP '12, pages 27--38, 2012.

Digital Library

[6]

L. Batyuk, M. Herpich, S. Camtepe, K. Raddatz, A.-D. Schmidt, and S. Albayrak. Using static analysis for automatic assessment and mitigation of unwanted and malicious activities within android applications. In Malicious and Unwanted Software (MALWARE), 2011 6th International Conference on, pages 66--72, 2011.

Digital Library

[7]

E. Bodden. Inter-procedural data-flow analysis with ifds/ide and soot. In Proceedings of the ACM SIGPLAN International Workshop on State of the Art in Java Program analysis, SOAP '12, pages 3--8, 2012.

Digital Library

[8]

E. Bodden, A. Sewe, J. Sinschek, H. Oueslati, and M. Mezini. Taming reflection: Aiding static analysis in the presence of reflection and custom class loaders. In ICSE '11: International Conference on Software Engineering, pages 241--250. ACM, May 2011.

Digital Library

[9]

I. D. Corporation. Worldwide quarterly mobile phone tracker 3q12, Nov. 2012. http://www.idc.com/tracker/showproductinfo.jsp?prod_id=37.

[10]

I. Dillig, T. Dillig, and A. Aiken. Precise reasoning for programs using containers. In Proceedings of the 38th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages, POPL '11, pages 187--200, 2011.

Digital Library

[11]

W. Enck, P. Gilbert, B. gon Chun, L. P. Cox, J. Jung, P. McDaniel, and A. Sheth. Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In R. H. Arpaci-Dusseau and B. Chen, editors, OSDI, pages 393--407. USENIX Association, 2010.

Digital Library

[12]

A. P. Felt, M. Finifter, E. Chin, S. Hanna, and D. Wagner. A survey of mobile malware in the wild. In Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, SPSM '11, pages 3--14, New York, NY, USA, 2011. ACM. URL http://doi.acm.org/10.1145/2046614.2046618.

Digital Library

[13]

C. Fritz, S. Arzt, S. Rasthofer, E. Bodden, A. Bartel, J. Klein, Y. le Traon, D. Octeau, and P. McDaniel. Highly precise taint analysis for android applications. Technical Report TUD-CS-2013-0113, EC SPRIDE, May 2013. URL http://www.bodden.de/pubs/TUD-CS-2013-0113.pdf.

[14]

A. P. Fuchs, A. Chaudhuri, and J. S. Foster. Scandroid: Automated security certification of android applications.

[15]

C. Gibler, J. Crussell, J. Erickson, and H. Chen. Androidleaks: automatically detecting potential privacy leaks in android applications on a large scale. In Proceedings of the 5th international conference on Trust and Trustworthy Computing, TRUST'12, pages 291--307, 2012.

Digital Library

[16]

M. C. Grace, W. Zhou, X. Jiang, and A.-R. Sadeghi. Unsafe exposure analysis of mobile in-app advertisements. In Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks, WISEC '12, pages 101--112, New York, NY, USA, 2012. ACM. URL http://doi.acm.org/10.1145/2185448.2185464.

Digital Library

[17]

G. Inc. Application fundamentals. 2013. URL http://developer.android.com/guide/components/fundamentals.html.

[18]

G. Kastrinis and Y. Smaragdakis. Efficient and effective handling of exceptions in java points-to analysis. In R. Jhala and K. D. Bosschere, editors, CC, volume 7791 of Lecture Notes in Computer Science, pages 41--60. Springer, 2013.

Digital Library

[19]

J. Kim, Y. Yoon, K. Yi, and J. Shin. ScanDal: Static analyzer for detecting privacy leaks in android applications. In H. Chen, L. Koved, and D. S. Wallach, editors, MoST 2012: Mobile Security Technologies 2012, Los Alamitos, CA, USA, May 2012. IEEE.

[20]

D. King, B. Hicks, M. Hicks, and T. Jaeger. Implicit flows: Can't live with 'em, can't live without 'em. In Proceedings of the 4th International Conference on Information Systems Security, ICISS '08, pages 56--70, Berlin, Heidelberg, 2008. Springer-Verlag.

Digital Library

[21]

P. Lam, E. Bodden, O. Lhotak, and L. Hendren. The soot framework for java program analysis: a retrospective. In Cetus Users and Compiler Infastructure Workshop (CETUS 2011), Oktober 2011.

[22]

O. Lhoták and L. Hendren. Scaling java points-to analysis using spark. In G. Hedin, editor, Compiler Construction, volume 2622 of LNCS, pages 153--169. Springer Berlin Heidelberg, 2003.

Digital Library

[23]

B. Livshits. Securibench micro, Mar. 2013. http://suif.stanford.edu/~livshits/work/securibench-micro/.

[24]

L. Lu, Z. Li, Z. Wu, W. Lee, and G. Jiang. Chex: statically vetting android apps for component hijacking vulnerabilities. In CCS 2012, pages 229--240, 2012.

Digital Library

[25]

C. Mann and A. Starostin. A framework for static detection of privacy leaks in android applications. In Proceedings of the 27th Annual ACM Symposium on Applied Computing, SAC '12, pages 1457--1462, 2012.

Digital Library

[26]

N. A. Naeem, O. Lhoták, and J. Rodriguez. Practical extensions to the ifds algorithm. In Compiler Construction 2010, pages 124--144, 2010.

Digital Library

[27]

D. Octeau, P. McDaniel, S. Jha, A. Bartel, E. Bodden, J. Klein, and Y. L. Traon. Effective inter-component communication mapping in android: An essential step towards holistic security analysis. In USENIX Security Symposium 2013, Aug. 2013.

Digital Library

[28]

Paladion. Insecurebank test app. http://www.paladion.net/downloadapp.html.

[29]

N. J. Percoco and S. Schulte. Adventures in bouncerland. Blackhat USA, 2012.

[30]

S. Rasthofer, S. Arzt, and E. Bodden. A machine-learning approach for classifying and categorizing android sources and sinks. In 2014 Network and Distributed System Security Symposium (NDSS), Feb. 2014. URL http://www.bodden.de/pubs/rab14classifying.pdf. To appear.

[31]

A. Reina, A. Fattori, and L. Cavallaro. A system call-centric analysis and stimulation technique to automatically reconstruct android malware behaviors. In EUROSEC, Prague, Czech Republic, April 2013.

[32]

T. Reps, S. Horwitz, and M. Sagiv. Precise interprocedural dataflow analysis via graph reachability. In POPL '95, pages 49--61, 1995.

Digital Library

[33]

A. Rountev, M. Sharp, and G. Xu. Ide dataflow analysis in the presence of large object-oriented libraries. In Compiler Construction, volume 4959 of LNCS, pages 53--68. Springer, 2008.

Digital Library

[34]

M. Sagiv, T. Reps, and S. Horwitz. Precise interprocedural dataflow analysis with applications to constant propagation. In TAPSOFT '95, pages 131--170, 1996.

Digital Library

[35]

G. Sarwar, O. Mehani, R. Boreli, and M. A. Kaafar. On the effectiveness of dynamic taint analysis for protecting against private information leaks on android-based devices, 2013.

[36]

M. Sridharan, S. Artzi, M. Pistoia, S. Guarnieri, O. Tripp, and R. Berg. F4F: taint analysis of framework-based web applications. In OOPSLA 2011, pages 1053--1068, 2011.

Digital Library

[37]

O. Tripp, M. Pistoia, P. Cousot, R. Cousot, and S. Guarnieri. Andromeda: Accurate and scalable security analysis of web applications. In FASE 2013, pages 210--225, 2013.

Digital Library

[38]

R. Xu, H. Saïdi, and R. Anderson. Aurasium: practical policy enforcement for android applications. In USENIX Security 2012, Security'12, pages 27--27, Berkeley, CA, USA, 2012. USENIX Association.

Digital Library

[39]

L. K. Yan and H. Yin. Droidscope: seamlessly reconstructing the os and dalvik semantic views for dynamic android malware analysis. In USENIX Security 2012, Security'12, pages 29--29, Berkeley, CA, USA, 2012. USENIX Association.

Digital Library

[40]

Z. Yang and M. Yang. Leakminer: Detect information leakage on android with static taint analysis. In Software Engineering (WCSE), 2012 Third World Congress on, pages 101--104, 2012.

Digital Library

[41]

Z. Zhao and F. Osono. Trustdroid: Preventing the use of smartphones for information leaking in corporate networks through the used of static analysis taint tracking. In Malicious and Unwanted Software (MALWARE), 2012 7th International Conference on, pages 135--143, 2012.

Digital Library

[42]

Y. Zhou and X. Jiang. Dissecting android malware: Characterization and evolution. In Proceedings of the 2012 IEEE Symposium on Security and Privacy, SP '12, pages 95--109, 2012.

Digital Library

Cited By

Xiang DLin SHuang KDing ZLiu GLi X(2025)A fine-grained approach for Android taint analysis based on labeled taint value graphsComputers & Security10.1016/j.cose.2024.104162148(104162)Online publication date: Jan-2025
https://doi.org/10.1016/j.cose.2024.104162
Syed TNauman MKhan SJan SZuhairi M(2024)ViTDroid: Vision Transformers for Efficient, Explainable Attention to Malicious Behavior in Android BinariesSensors10.3390/s2420669024:20(6690)Online publication date: 17-Oct-2024
https://doi.org/10.3390/s24206690
Wajahat AHe JZhu NMahmood TNazir AUllah FQureshi SOsman M(2024)An effective deep learning scheme for android malware detection leveraging performance metrics and computational resourcesIntelligent Decision Technologies10.3233/IDT-23028418:1(33-55)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.3233/IDT-230284
Show More Cited By

Index Terms

FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps
1. Security and privacy
  1. Systems security
    1. Information flow control
    2. Operating systems security
2. Theory of computation
  1. Semantics and reasoning
    1. Program reasoning
      1. Program analysis
    2. Program semantics

Recommendations

FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps
PLDI '14: Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation

Today's smartphones are a ubiquitous source of private and confidential data. At the same time, smartphone users are plagued by carelessly programmed apps that leak important data by accident, and by malicious apps that exploit their given privileges to ...
Analyzing the analyzers: FlowDroid/IccTA, AmanDroid, and DroidSafe
ISSTA 2018: Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis

Numerous static analysis techniques have recently been proposed for identifying information flows in mobile applications. These techniques are compared to each other, usually on a set of syntactic benchmarks. Yet, configurations used for such ...
Analyzing Android Taint Analysis Tools: FlowDroid, Amandroid, and DroidSafe
Numerous static taint analysis techniques have recently been proposed for identifying information flows in mobile applications. These techniques are often optimized and evaluated on a set of synthetic benchmarks, which makes the comparison results ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM SIGPLAN Notices

ACM SIGPLAN Notices Volume 49, Issue 6

PLDI '14

June 2014

598 pages

ISSN:0362-1340

EISSN:1558-1160

DOI:10.1145/2666356

Editor:
Andy Gill
University of Kansas, Lawrence, KS

Issue’s Table of Contents

PLDI '14: Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation
June 2014
619 pages
ISBN:9781450327848
DOI:10.1145/2594291
General Chair:
Michael O'Boyle
University of Edinburgh
,
Program Chair:
Keshav Pingali
University of Texas, Austin

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 June 2014

Published in SIGPLAN Volume 49, Issue 6

Check for updates

Qualifiers

Research-article

Funding Sources

Bundesministerium für Bildung und Forschung
Deutsche Forschungsgemeinschaft
Google
Hessian LOEWE excellence initiative within CASED
Division of Computer and Network Systems

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1,655
Total Citations
View Citations
7,742
Total Downloads

Downloads (Last 12 months)798
Downloads (Last 6 weeks)141

Reflects downloads up to 12 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Xiang DLin SHuang KDing ZLiu GLi X(2025)A fine-grained approach for Android taint analysis based on labeled taint value graphsComputers & Security10.1016/j.cose.2024.104162148(104162)Online publication date: Jan-2025
https://doi.org/10.1016/j.cose.2024.104162
Syed TNauman MKhan SJan SZuhairi M(2024)ViTDroid: Vision Transformers for Efficient, Explainable Attention to Malicious Behavior in Android BinariesSensors10.3390/s2420669024:20(6690)Online publication date: 17-Oct-2024
https://doi.org/10.3390/s24206690
Wajahat AHe JZhu NMahmood TNazir AUllah FQureshi SOsman M(2024)An effective deep learning scheme for android malware detection leveraging performance metrics and computational resourcesIntelligent Decision Technologies10.3233/IDT-23028418:1(33-55)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.3233/IDT-230284
Li TBai JSui YHu S(2024)SPATA: Effective OS Bug Detection with Summary-Based, Alias-Aware, and Path-Sensitive Typestate AnalysisACM Transactions on Computer Systems10.1145/369525042:3-4(1-40)Online publication date: 6-Sep-2024
https://dl.acm.org/doi/10.1145/3695250
Fan MShi JWang YYu LZhang XWang HJin WLiu TFilkov VRay BZhou M(2024)Giving without Notifying: Assessing Compliance of Data Transmission in Android AppsProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695528(1595-1606)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3695528
Dong ZZhao YLiu TWang CXu GXu GZhang LWang HFilkov VRay BZhou M(2024)Same App, Different Behaviors: Uncovering Device-specific Behaviors in Android AppsProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695272(2099-2109)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3695272
Zhang YLiu TWang YQi YJi KTang JWang XLi XZuo Z(2024)HardTaint: Production-Run Dynamic Taint Analysis via Selective Hardware TracingProceedings of the ACM on Programming Languages10.1145/36897688:OOPSLA2(1615-1640)Online publication date: 8-Oct-2024
https://dl.acm.org/doi/10.1145/3689768
Wang JGuo SDiao WLiu YDuan HLiu YLiang Z(2024)CrypTody: Cryptographic Misuse Analysis of IoT Firmware via Data-flow ReasoningProceedings of the 27th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3678890.3678914(579-593)Online publication date: 30-Sep-2024
https://dl.acm.org/doi/10.1145/3678890.3678914
Wang YFan MZhang XShi JQiu ZWang HLiu T(2024)LIReDroid: LLM-Enhanced Test Case Generation for Static Sensitive Behavior ReplicationProceedings of the 15th Asia-Pacific Symposium on Internetware10.1145/3671016.3671404(81-84)Online publication date: 24-Jul-2024
https://dl.acm.org/doi/10.1145/3671016.3671404
Sun JSu TSun JLi JWang MPu Gd'Amorim M(2024)Property-Based Testing for Validating User Privacy-Related Functionalities in Social Media AppsCompanion Proceedings of the 32nd ACM International Conference on the Foundations of Software Engineering10.1145/3663529.3663863(440-451)Online publication date: 10-Jul-2024
https://dl.acm.org/doi/10.1145/3663529.3663863
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents