Algebraic-Datatype Taint Tracking, with Applications to Understanding Android Identifier Leaks
Fri 27 Aug 2021 07:00 - 07:10 - Testing—Mobile Analysis and Testing Chair(s): Wei Yang
Current taint analyses track flow from sources to sinks, and report
the results simply as source $\to$ sink pairs, or flows. This is imprecise and
ineffective in many real-world scenarios; examples include taint
sources that are mutually exclusive, or flows that combine sources
(e.g., IMEI and MAC Address are concatenated, hashed, leaked vs. IMEI
and MAC Address hashed separately and leaked separately). These
shortcomings are particularly acute in the context of Android, where
sensitive identifiers can be combined, processed, and then leaked, in
complicated ways. To address these issues, we introduce a novel,
{\it algebraic-datatype} taint analysis that generates rich yet concise taint
signatures involving AND, XOR, hashing – akin to algebraic, product
and sum, types. We implemented our approach as a static analysis for
Android that derives app leak signatures – an algebraic
representation of how, and where, hardware/software identifiers are
manipulated before being exfiltrated to the network. We perform six
empirical studies of algebraic-datatype taint tracking on 1,000 top apps from
Google Play and their embedded libraries, including: discerning
between ``raw'' and hashed flows which eliminates a source of
imprecision in current analyses; finding apps and libraries that go
against Google Play's guidelines by (ab)using hardware identifiers;
showing that third-party code, rather than app code, is the
predominant source of leaks; exposing potential de-anonymization
practices; and quantifying how apps have become more privacy-friendly
over the past two years.
Thu 26 AugDisplayed time zone: Athens change
19:00 - 20:00 | Testing—Mobile Analysis and TestingResearch Papers +12h Chair(s): Fabrizio Pastore University of Luxembourg | ||
19:00 10mPaper | Algebraic-Datatype Taint Tracking, with Applications to Understanding Android Identifier Leaks Research Papers Sydur Rahaman New Jersey Institute of Technology, Iulian Neamtiu New Jersey Institute of Technology, Xin Yin New Jersey Institute of Technology DOI | ||
19:10 10mPaper | Vet: Identifying and Avoiding UI Exploration TarpitsDistinguished Paper Award Research Papers Wenyu Wang University of Illinois at Urbana-Champaign, Wei Yang University of Texas at Dallas, Tianyin Xu University of Illinois at Urbana-Champaign, Tao Xie Peking University Link to publication DOI Media Attached | ||
19:20 10mPaper | Checking Conformance of Applications against GUI Policies Research Papers Zhen Zhang University of Washington, Yu Feng University of California at Santa Barbara, Michael D. Ernst University of Washington, Sebastian Porst Google, Işıl Dillig University of Texas at Austin DOI | ||
19:30 30mLive Q&A | Q&A (Testing—Mobile Analysis and Testing) Research Papers |
Fri 27 AugDisplayed time zone: Athens change
07:00 - 08:00 | |||
07:00 10mPaper | Algebraic-Datatype Taint Tracking, with Applications to Understanding Android Identifier Leaks Research Papers Sydur Rahaman New Jersey Institute of Technology, Iulian Neamtiu New Jersey Institute of Technology, Xin Yin New Jersey Institute of Technology DOI | ||
07:10 10mPaper | Vet: Identifying and Avoiding UI Exploration TarpitsDistinguished Paper Award Research Papers Wenyu Wang University of Illinois at Urbana-Champaign, Wei Yang University of Texas at Dallas, Tianyin Xu University of Illinois at Urbana-Champaign, Tao Xie Peking University Link to publication DOI Media Attached | ||
07:20 10mPaper | Checking Conformance of Applications against GUI Policies Research Papers Zhen Zhang University of Washington, Yu Feng University of California at Santa Barbara, Michael D. Ernst University of Washington, Sebastian Porst Google, Işıl Dillig University of Texas at Austin DOI | ||
07:30 30mLive Q&A | Q&A (Testing—Mobile Analysis and Testing) Research Papers |