Static Analysis of Dalvik Bytecode and Reflection in Android

Studenteropgave: Kandidatspeciale og HD afgangsprojekt

  • Erik Ramsgaard Wognsen
  • Henrik Søndberg Karlsen
4. semester, Software, Kandidat (Kandidatuddannelse)
Malicious apps pose an important problem on Android, the world's most popular smartphone operating system. Android apps are typically written in Java and compiled to run on the register based Dalvik virtual machine.
Static analysis can approximate program behaviour and this approximation can be used to find malicious behaviour, for example covert sending of expensive text messages.

We expand our original operational semantics for the Dalvik instruction set to more accurately model the Android implementation, and we update our control flow analysis with these changes and improve its precision to achieve useful results when analyzing real apps.
The analysis is further expanded to include support for reflection and Javascript interfaces, two dynamic features that are used extensively in popular Android apps.

Finally, we implement a prototype of the analysis which is able to create call graphs and run on real-world apps.
Udgivelsesdato7 jun. 2012
Antal sider55
ID: 63640569