Objectives

• To propose a fine-grained tracing technique for dynamic analysis of Android applications on real handsets.
• To propose a fine-grained dynamic monitor at application level on non-rooted Android devices without framework modification to detect execution of third-party Android applications.
• To propose scalable and efficient static analysis of modern Android applications.
   

Existing Solutions and Their Limitations

• API-and system-call-hooking techniques are coarse grained and emulator based and do not work on real handsets without framework modification.
• Prior side-channel-based dynamic monitors no longer work on the latest version of Android.
• Amandriod and FlowDroid require whole-app analysis and do not scale with increased size of modern Android applications.
   

Outcome and Deliverables

• A modified Android ROM that is capable of performing fine-grained tracing of DEX and native code of Android applications and deployable on real handsets.
• A normal Android third-party application that is capable of detecting the execution of specific code pieces of other applications.
• A static analysis framework performing sink-based analysis with significant speedup compared to AManDroid.
   

Practical Applications and Impact

• The fine-grained tracing framework on real handsets enables dynamic analysis at instruction level in lab testing environment.
• The side-channel-based monitor allows monitoring of Android applications in a crowd sourcing environment with large-scale deployment.
• The static analysis framework enables real-time vetting of Android applications by Android applications markets.
  ​