Mobile and Ubiquitous Systems: Computing, Networking and Services. 18th EAI International Conference, MobiQuitous 2021, Virtual Event, November 8-11, 2021, Proceedings

Research Article

ReHAna: An Efficient Program Analysis Framework to Uncover Reflective Code in Android

Download
4 downloads
Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.1007/978-3-030-94822-1_19,
    author={Shakthi Bachala and Yutaka Tsutano and Witawas Srisa-an and Gregg Rothermel and Jackson Dinh and Yuanjiu Hu},
    title={ReHAna: An Efficient Program Analysis Framework to Uncover Reflective Code in Android},
    proceedings={Mobile and Ubiquitous Systems: Computing, Networking and Services. 18th EAI International Conference, MobiQuitous 2021, Virtual Event, November 8-11, 2021, Proceedings},
    proceedings_a={MOBIQUITOUS},
    year={2022},
    month={2},
    keywords={Program analysis Android Java reflection},
    doi={10.1007/978-3-030-94822-1_19}
}
  • Shakthi Bachala
    Yutaka Tsutano
    Witawas Srisa-an
    Gregg Rothermel
    Jackson Dinh
    Yuanjiu Hu
    Year: 2022
    ReHAna: An Efficient Program Analysis Framework to Uncover Reflective Code in Android
    MOBIQUITOUS
    Springer
    DOI: 10.1007/978-3-030-94822-1_19
Shakthi Bachala1, Yutaka Tsutano1, Witawas Srisa-an1,*, Gregg Rothermel2, Jackson Dinh1, Yuanjiu Hu1
  • 1: School of Computing, University of Nebraska-Lincoln, Lincoln
  • 2: Department of Computer Science, North Carolina State University, Raleigh
*Contact email: witawas@unl.edu

Abstract

The recent adoption of dynamic features such as Java reflection and Android dynamic code downloading (RDCL) coupled with recent security attacks that can be detected only at runtime have led to higher usage of hybrid analysis to address dependability and security concerns. While effective, however, hybrid analysis can be inefficient due to a multi-step process involving static analysis, code instrumentation, and runtime information logging. As such, existing hybrid analysis techniques can work during code development and testing, but are too slow for production and security vetting.

In this paper, we introduceReHAna, a hybrid analysis framework for Android apps. We designed our framework to perform hybrid analysis efficiently through the use of a Virtual Class-Loader (VCL), which enables incremental program analysis. We then conducted a study to assess the program analysis performance of using VCL and found that it yields several benefits over the existing compiler-based program analysis approach. We also illustrated the hybrid analysis capability ofReHAnaby implementing a technique to detect and analyze dynamically loaded components based on reflection and dynamic code loading mechanisms in Android apps. We compared the performance ofReHAnaagainst that ofStaDynA, a hybrid analysis approach that performs the same task. Our empirical evaluation shows thatReHAnais as effective asStaDynAbut also significantly more efficient and scalable.

Keywords
Program analysis Android Java reflection
Published
2022-02-08
Appears in
SpringerLink
http://dx.doi.org/10.1007/978-3-030-94822-1_19
Copyright © 2021–2025 ICST
EAI Logo

About EAI

Community

Publish with EAI