pr progr gram t am trans ansforma o rma on f n for a r
play

Pr Progr gram T am Trans ansforma,o rma,on f n for A r Aiding - PowerPoint PPT Presentation

Jul 21, 2023 •192 likes •443 views

Pr Progr gram T am Trans ansforma,o rma,on f n for A r Aiding iding St Sta,c a,c A Analy nalysis sis in A in Andr ndroid A id Applic pplica,o a,ons ns Presented by Zhenyu Ning 1 Outline 1. Background 2. Mo:va:on 3.

  1. Pr Progr gram T am Trans ansforma,o rma,on f n for A r Aiding iding St Sta,c a,c A Analy nalysis sis in A in Andr ndroid A id Applic pplica,o a,ons ns Presented by Zhenyu Ning 1

  2. Outline 1. Background 2. Mo:va:on 3. Related work 4. Implementa:on 5. Evalua:on 6. Future work 2

  3. Outline 1. Background 2. Mo:va:on 3. Related work 4. Implementa:on 5. Evalua:on 6. Future work 3

  4. Android JVM Figure from: hJps:// en.wikipedia.org/wiki/ Dalvik_(soOware) 4

  5. Applica,on Analysis • Sta:c Analysis Decompile the applica:on, and analyze its byte codes. tools: dex2jar, jd-gui, etc. • Dynamic Analysis Execute the applica:on in an isolated execu:on environment, and analyze the execu:on. tools: Android emulator, QEMU, etc. 5

  6. Background • Sta:c analysis FlowDroid, DroidSafe, HornDroid • Dynamic analysis DroidScope, TaintDroid, TaintART • Hybrid analysis Harvester 6

  7. Outline 1. Background 2. Mo:va:on 3. Related work 4. Implementa:on 5. Evalua:on 6. Future work 7

  8. Mo,va,on • Sta:c analysis tools suffer from • Code obscura:on and packing • Self-modifying code • Dynamic analysis tools suffer from • Implicit taint flows • Performance vs. accuracy • Large-scale analysis 8

  9. Mo,va,on • Use dynamic analysis to solve packed and self-modifying code. • Use sta:c analysis to detect implicit flows • Make the analysis applicable in large-scale analysis. 9

  10. Outline 1. Background 2. Mo:va:on 3. Related work 4. Implementa:on 5. Evalua:on 6. Future work 10

  11. Rela,ve Work • DexHunter • Dump Dex file from memory • AppSpear • Use run:me data structure to rebuild Dex file Assume there exists a clear boundary between packer’s code and the applica8on’s code 11

  12. 12

  13. Outline 1. Background 2. Mo:va:on 3. Related work 4. Implementa:on 5. Evalua:on 6. Future work 13

  14. Implementa,on • Just-In-Time instruc:on-level collec:on • Offline reassembling 14

  15. Implementa,on • Code scale • Loops • Self-modifying code 15

  16. Implementa,on • The bytecode of a method is organized in an 16-bit array • A variable dex_pc indicates the index of the execu:ng instruc:on • Solu8on : Compare instruc:ons with same dex_pc 16

  17. Implementa,on 17

  18. Implementa,on 18

  19. Outline 1. Background 2. Mo:va:on 3. Related work 4. Implementa:on 5. Evalua:on 6. Future work 19

  20. Evalua,on on DroidBench 20

  21. Evalua,on on DroidBench 21

  22. Evalua,on on real-world apps 22

  23. Outline 1. Background 2. Mo:va:on 3. Related work 4. Implementa:on 5. Evalua:on 6. Future work 23

  24. Future work • Code coverage • Na:ve code • Regular JVM in x86 24

  25. Thank you! 25

Recommend

From T Trans nsac actions ns t to T Tran ansforma mation: How C ow Citie ties C s Can

From T Trans nsac actions ns t to T Tran ansforma mation: How C ow Citie ties C s Can

From T Trans nsac actions ns t to T Tran ansforma mation: How C ow Citie ties C s Can Maxim imize O ize Oppor ortunit nity Z Zones ones @Bruce_Katz How ow Cit Cities ies Ca Can Ma Maximiz ximize O e Oppor ortunit ity Zon

632 views • 17 slides
What to expect and how to succeed What is is th the AP Pr Progr gram? m? The Advanced

What to expect and how to succeed What is is th the AP Pr Progr gram? m? The Advanced

What to expect and how to succeed What is is th the AP Pr Progr gram? m? The Advanced Placement Program is a collaborative effort among motivated students, dedicated teachers, and committed high schools, colleges, and universities. Since

838 views • 41 slides
LLVM: A Compila ilation Framework for Lifelong Progr for Lifelong Progr gram Analysis and gram

LLVM: A Compila ilation Framework for Lifelong Progr for Lifelong Progr gram Analysis and gram

Systems and Internet Infrastructure Security ity Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA LLVM: A Compila ilation Framework for Lifelong Progr for

573 views • 21 slides
Hi High S School ool I Intern Progr gram am TREPs request for TRMA Sponsorship Propose

Hi High S School ool I Intern Progr gram am TREPs request for TRMA Sponsorship Propose

Hi High S School ool I Intern Progr gram am TREPs request for TRMA Sponsorship Propose osed P Progr gram am High School I Intern Program Modeled after the Grundy County Summer Internship Program Started 2012 Initially

408 views • 29 slides
Opioid Al Alter erna native e Pilot P Progr gram Physician I an Information Opioi oid A

Opioid Al Alter erna native e Pilot P Progr gram Physician I an Information Opioi oid A

Opioid Al Alter erna native e Pilot P Progr gram Physician I an Information Opioi oid A Alternative e Pilot ot P Progr ogram Implements the provisions of P.A. 100-1114 Creates a new program allowing qualifying patients access

994 views • 44 slides
Opioid Al Alter erna native e Pilot P Progr gram Opioi oid A Alternative e Pilot ot P

Opioid Al Alter erna native e Pilot P Progr gram Opioi oid A Alternative e Pilot ot P

Opioid Al Alter erna native e Pilot P Progr gram Opioi oid A Alternative e Pilot ot P Progr ogram Acronyms ICTS - Illinois Cannabis Tracking System, the on-line registration system for qualifying patients and physicians IDPH

671 views • 29 slides
MSC LUB UBE OIL TESTING NG PROGR GRAM ENGINEERING COMMODITY SERVICES 20 June, 2019 N7 THE

MSC LUB UBE OIL TESTING NG PROGR GRAM ENGINEERING COMMODITY SERVICES 20 June, 2019 N7 THE

MI MILITARY SE SEALIFT CO COMM MMAND MSC LUB UBE OIL TESTING NG PROGR GRAM ENGINEERING COMMODITY SERVICES 20 June, 2019 N7 THE BEGINNI NING NG ! ! WHY TEST EQUIPMENT OIL? DETERMINE EFFECTS OF ENVIRONMENTAL CONTAMINATION IN THE

812 views • 45 slides
by Julia Lajus by us HSE UNIVERSITY| 1 CONTENT CHAPTER 1 : CONCEPT OF THE PROGR GRAM CHAPTER

by Julia Lajus by us HSE UNIVERSITY| 1 CONTENT CHAPTER 1 : CONCEPT OF THE PROGR GRAM CHAPTER

INTER ERNATION TIONAL AL MASTE TER R PROG ROGRA RAM IN APPLIE LIED D AND INT NTER ERDI DISC SCIPLI IPLINAR ARY HISTORY RY USABLE PASTS by Julia Lajus by us HSE UNIVERSITY| 1 CONTENT CHAPTER 1 : CONCEPT OF THE PROGR GRAM

244 views • 21 slides
Health thy y Cities es Pilot t Progr gram am Resul ults ts Katie Brown, EdD, RDN, LD

Health thy y Cities es Pilot t Progr gram am Resul ults ts Katie Brown, EdD, RDN, LD

Feedi ding ng America ica Health thy y Cities es Pilot t Progr gram am Resul ults ts Katie Brown, EdD, RDN, LD National Education Director Academy of Nutrition and Dietetics Foundation Lisa Medrow, RDN, LD Kids Eat Right Project

697 views • 54 slides
Re Resident Opportunity & Self- Suffic Sufficie ienc ncy y Pr Progr gram am INTRODUCTION

Re Resident Opportunity & Self- Suffic Sufficie ienc ncy y Pr Progr gram am INTRODUCTION

Re Resident Opportunity & Self- Suffic Sufficie ienc ncy y Pr Progr gram am INTRODUCTION In Introd oducA cAon ons s ROSS Team Tremayne Youmans, ROSS Program Manager Monique Wisdom, Na9onal Grants Management Specialist (ONAP)

593 views • 43 slides
Air r Polluti ution C on Contr trol ol P Progr gram am Fee S Stakehol eholder er M

Air r Polluti ution C on Contr trol ol P Progr gram am Fee S Stakehol eholder er M

Air r Polluti ution C on Contr trol ol P Progr gram am Fee S Stakehol eholder er M Meeti eting ng January 29, 2015 Missouri Air Conservation Commission Missouri Department Natural Resources Division of Environmental Quality Air

613 views • 37 slides
A Na Nationa onal l En Energy rgy Progr gram m Treating Energy Strategically as a Matter

A Na Nationa onal l En Energy rgy Progr gram m Treating Energy Strategically as a Matter

Proposal posal for r A Na Nationa onal l En Energy rgy Progr gram m Treating Energy Strategically as a Matter of National Security Overview of NEP white paper http://evworld.com/library/Revised_NEP_white_paper.pdf Presented to: The

625 views • 34 slides
Medicare e Di Diabetes P Prevention on Progr gram ( (MDP DPP) ) Expan anded M Model l

Medicare e Di Diabetes P Prevention on Progr gram ( (MDP DPP) ) Expan anded M Model l

Medicare e Di Diabetes P Prevention on Progr gram ( (MDP DPP) ) Expan anded M Model l Supplier r Support t MDPP Enrollment Tutorial Webinar January 9, 9, 2019 2019 Disclaimer This presentation was current at the time it was

722 views • 58 slides
NSF Gr Graduate R Resear arch ch Fellowsh ship Progr gram am ( (GR GRFP) SPONSORED BY:

NSF Gr Graduate R Resear arch ch Fellowsh ship Progr gram am ( (GR GRFP) SPONSORED BY:

NSF Gr Graduate R Resear arch ch Fellowsh ship Progr gram am ( (GR GRFP) SPONSORED BY: THE CENTER FOR FELLOWSHIP & SCHOLARSHIP ADVISING SYRACUSE UNIVERSITY HTTP://NATIONALSCHOLARSHIPS.SYR.EDU/ 1 GR GRFP 201 2016 Worksh shop

448 views • 20 slides
FDOT DISTRICT 4: LAP CONTACT INFORMATION Local l Agency y Progr gram am for Federal

FDOT DISTRICT 4: LAP CONTACT INFORMATION Local l Agency y Progr gram am for Federal

FDOT DISTRICT 4: LAP CONTACT INFORMATION Local l Agency y Progr gram am for Federal eral Aid Projects jects Chris isti tine ne Fasisk siska: Local Agency Program Administrator (954) 777-4480 Helen en James es: Broward County

1.03k views • 53 slides
TN H N HOUS USING T TRUS UST FUND UND 2021 C 1 CHALLENGE GE G GRANT PROGR GRAM APPLIC

TN H N HOUS USING T TRUS UST FUND UND 2021 C 1 CHALLENGE GE G GRANT PROGR GRAM APPLIC

TN H N HOUS USING T TRUS UST FUND UND 2021 C 1 CHALLENGE GE G GRANT PROGR GRAM APPLIC ICATIO TION W WEBINAR JUNE NE 1 18, 2 2020 20 1 HIGHLIGHTS Challenge Grant funds provide seed funding in support of fundraising efforts of

443 views • 40 slides
W. 23 RD AVE. / WATER ST. 2 PR PROGR GRAM PU M PURPO POSE & & PH PHILOSOPH OPHY

W. 23 RD AVE. / WATER ST. 2 PR PROGR GRAM PU M PURPO POSE & & PH PHILOSOPH OPHY

1 C I T Y A N D C O U N T Y O F D E N V E R W. 23 RD AVE./WATER ST. W. 23 RD AVE. / WATER ST. 2 PR PROGR GRAM PU M PURPO POSE & & PH PHILOSOPH OPHY All Denver residents, regardless of how they choose to get around, deserve a

472 views • 18 slides
Programming II Objec ect Orien ented ed Progr gram amming ming with Java - Advance ced d

Programming II Objec ect Orien ented ed Progr gram amming ming with Java - Advance ced d

Programming II Objec ect Orien ented ed Progr gram amming ming with Java - Advance ced d Topics cs - Java a 8: Functional al Interfac erfaces, s, Method d Referen erence ces s and Lambda da Expr pressi ssions Alastair

773 views • 32 slides
Econom omic D Devel elopment I Incen entive Progr gram am Public Hearing Linamar, Inc.

Econom omic D Devel elopment I Incen entive Progr gram am Public Hearing Linamar, Inc.

Econom omic D Devel elopment I Incen entive Progr gram am Public Hearing Linamar, Inc. 4/2/2019 Backg kground a and R Request Background: In March 2010, the Skyland Volvo facility closed resulting in the loss of approximately 230

254 views • 8 slides
The Capa paci city Enhance cement t Pr Progr gram Building Capacity for Quality Cancer

The Capa paci city Enhance cement t Pr Progr gram Building Capacity for Quality Cancer

The Capa paci city Enhance cement t Pr Progr gram Building Capacity for Quality Cancer Control and Pan-Canadian Guideline Collaboration Melissa ssa Brouwers, s, Ph PhD Na Nati tional Lead, d, CEP, CPAC 1" Discl sclosu

518 views • 24 slides
Supe Superfund rfund Rese sear arch h Pr Progr gram am Effects-Related Biomarkers of

Supe Superfund rfund Rese sear arch h Pr Progr gram am Effects-Related Biomarkers of

Univer Univ ersity o sity of W f Washing ashington n Supe Superfund rfund Rese sear arch h Pr Progr gram am Effects-Related Biomarkers of Environmental Neurotoxic Exposures PI, Evan P. Gallagher Co-PI, Zhengui Xia Department of

661 views • 26 slides
Progr gram amming ing Rec econf nfigur igurable able Devi vices ces via FPGA Regio vi

Progr gram amming ing Rec econf nfigur igurable able Devi vices ces via FPGA Regio vi

Progr gram amming ing Rec econf nfigur igurable able Devi vices ces via FPGA Regio vi ions ns & De Devi vice e Tre ree Ove verl rlays A User View Benchmark on a Declarative FPGA Reconfiguration Framework Stefan Wiehler

528 views • 9 slides
Air r Polluti ution C on Contr trol ol P Progr gram am Fe Fee S Stakeholde der Meeti

Air r Polluti ution C on Contr trol ol P Progr gram am Fe Fee S Stakeholde der Meeti

Air r Polluti ution C on Contr trol ol P Progr gram am Fe Fee S Stakeholde der Meeti ting/Confer ng/Conferenc nce C e Call May 26, 2015 1:30 p.m. Asbestos Fees Goal Asbestos fees support 100% of asbestos activities

560 views • 20 slides
City o of R Richmond Employee T Trip Reduction Progr gram U Update Richmond Regional

City o of R Richmond Employee T Trip Reduction Progr gram U Update Richmond Regional

City o of R Richmond Employee T Trip Reduction Progr gram U Update Richmond Regional Transportation Planning Organization D. Moore Clarke Multimodal Transportation Manager Department of Public Works City of Richmond February 7, 2020

322 views • 9 slides

More recommend