| NSF Org: |
CNS Division Of Computer and Network Systems |
| Recipient: |
|
| Initial Amendment Date: | August 18, 2012 |
| Latest Amendment Date: | August 18, 2012 |
| Award Number: | 1228620 |
| Award Instrument: | Standard Grant |
| Program Manager: |
Shannon Beck
CNS Division Of Computer and Network Systems CSE Directorate for Computer and Information Science and Engineering |
| Start Date: | September 1, 2012 |
| End Date: | August 31, 2018 (Estimated) |
| Total Intended Award Amount: | $443,364.00 |
| Total Awarded Amount to Date: | $443,364.00 |
| Funds Obligated to Date: |
|
| History of Investigator: |
|
| Recipient Sponsored Research Office: |
21 N PARK ST STE 6301 MADISON WI US 53715-1218 (608)262-3822 |
| Sponsor Congressional District: |
|
| Primary Place of Performance: |
21 N. Park St. Madison WI US 53715-1218 |
| Primary Place of
Performance Congressional District: |
|
| Unique Entity Identifier (UEI): |
|
| Parent UEI: |
|
| NSF Program(s): | Secure &Trustworthy Cyberspace |
| Primary Program Source: |
|
| Program Reference Code(s): |
|
| Program Element Code(s): |
|
| Award Agency Code: | 4900 |
| Fund Agency Code: | 4900 |
| Assistance Listing Number(s): | 47.070 |
ABSTRACT
This research is focused on the creation of new techniques and algorithms to support comprehensive analysis of Android applications. We have developed formally grounded techniques for extracting accurate models of smartphone applications from installation images. The recovery formalization is based on TyDe, a typed meta-representation of Dalvik bytecode (the code structure used by the Android smartphone operating system). In developing TyDe, we are formalizing the TyDe type inferencing, ill-formed bytecode structure management, and creating a generalized Dalvik-to-Java retargeting logic based on bytecode "instruction templates".
TyDe and the models they represent are being used to perform deep analysis of application structure to infer potential application behaviors that may harm users, their data, or the cellular or Internet infrastructure. In particular, these analyses support whole program analysis, reflection, and smartphone specific data flow analysis. Such analyses provide a means for evaluating an applications adherence to best security practices or organizational requirements by inspecting permission structures, component interfaces, and source code and library origins for signals of malicious behavior. The analysis techniques are being evaluated on a large corpus of real-world applications extracted from real application markets.
In the broadest view, this work is providing new avenues for researchers, industry, and consumers to assess potential dangers presented by applications retrieved from smartphone application markets, an advancing the state of the art in application program analysis.
PROJECT OUTCOMES REPORT
Disclaimer
This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.
The “TWC: Medium: Collaborative: Extending Smart-Phone Application Analysis” project has funded a line of research to develop novel enabling scientific approaches for the sophisticated and formally grounded evaluation of smartphone applications. This analysis has spanned static and dynamic techniques that identify security and privacy flaws or vulnerabilities within a wide range of applications and mobile device configurations. Centrally, this effort has resulted in techniques and tools that allow a market, organization, or user to a) extract a representation of the application from an installation image, b) subject the program to a series of deep analyses aimed at uncovering hidden vulnerabilities or potential misuses of interfaces and data, and c) evaluate the application bytecode and metadata against target policies that reflect best-practices security. From the performance monitoring side, this project has lead to the development of techniques that better quantify wireless performance in the
wild so that it can be used for trouble shooting and performance diagnostics. This effort
has lead to a tool called Snoopy that has been implemented and deployed in Android-based devices. This project has also resulted in novel attacks that target the limited power capacity of portable computers creates an opportunity for an attacker to render a device inoperable
by draining its battery.
Central to this work, a suite of tools was developed and provided to the community that implement techniques for inter- and intra-application control and flow analysis. Here, the work explored the extraction and interpretation of application bytecode from native images and the refinement and generalization of the analysis techniques related to inter-application communication analysis. More broadly, the work tackled the important challenge of secure information flow analysis in Android applications. The work has also studied the security implications of the pervasiveness of third-party libraries in Android applications, and developed techniques for identifying and isolating third-party logic. This project also lead to the development of a tool called Snoopy for RF spectrum sensing.
This work has had measurable impact on both academic research and industrial practices. The papers documenting this effort have received thousands of citations. Beyond academic impact, the leading post-doc on the early stages of this project was hired by Google to develop techniques to evaluate smart phone applications entering the Google Play market. The second post-doc who was also involved with the project is also joining the mobile security teacm at Google. In this way, the direct results of this project are now being used to protect the single largest source of smartphone applications on earth. Indeed, many of the best practices used by the industry on evaluating the security of applications were influenced and informed by the tools and analyses we developed within this project.
Last Modified: 06/06/2019
Modified by: Somesh Jha
Please report errors in award information by writing to: awardsearch@nsf.gov.
