TWC: Small: Collaborative: Improving Android Security with Dynamic Slicing

TWC：小：协作：通过动态切片提高 Android 安全性

• 批准号: 1617424
• 负责人: Rajiv Gupta
• 金额: $ 25万
• 依托单位: University of California-Riverside
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2016
• 资助国家: 美国
• 起止时间: 2016-09-01 至 2020-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1617424&HistoricalAwards=false
• 关键词: TWC; Small; Collaborative; Improving; Android

Mobile devices have been very successful and continue to expand their user base. However, the very features that have made these devices successful, e.g., rich sensor inputs (GPS, camera, microphone) and continuous Internet connectivity, have also made the devices a favorite target for attackers. Attacks can have many negative consequences, from stealing users' secrets to spying on the users or installing viruses that render devices inoperable. This project will develop dynamic slicing techniques so that developers and researchers will be able to gain effective insights into device and app behavior, including malicious apps; this will make it easier to construct secure apps and to find/eliminate malicious behavior, which in turn will benefit mobile device users. Undergraduate and graduate students will be introduced to new approaches to smartphone security, which will make students better equipped for tackling emerging software research and development challenges.Dynamic slicing (analyzing an execution to identify relevant code and data dependences) is a particularly effective technique for addressing a wide range of security problems. This project will develop a dynamic slicer for Android and then use the slicer, as well as its integration with other existing tools, for three main security applications. First, improving dynamic taint analysis via efficient, effective, integrated control/data slicing. Second, finding relevant parts in the input to identity which sensor stream and part thereof are responsible for security-relevant behavior, e.g., attack, crash, botnet operation, or use of anti-detection techniques. Third, Undo Computing, in particular combining slicing with record-and-replay to support undo computing on Android. These lines of work are expected to lead to advances in: security, e.g., precise and effective dynamic taint tracking, finding leaks due to control dependences, understanding botnet behavior, principled discovery of anti-detection techniques, separating benign from malicious state changes; and program analysis, e.g., slicing programs that are event-oriented or rely heavily on inter-process communication; computing input/data/code interdependences in the presence of high-throughput event streams.

移动设备非常成功，并继续扩展其用户群。 但是，使这些设备成功的功能，例如，丰富的传感器输入（GPS，相机，麦克风）和连续的Internet连接性，也使这些设备成为攻击者最喜欢的目标。 攻击可能会产生许多负面后果，从窃取用户的秘密到监视用户或安装使设备无法使用的病毒。 该项目将开发动态切片技术，以便开发人员和研究人员能够有效地了解设备和应用程序行为，包括恶意应用程序；这将使构建安全应用程序并查找/消除恶意行为变得更加容易，进而使移动设备用户受益。本科生和研究生将被介绍有关智能手机安全的新方法，这将使学生能够更好地应对新兴的软件研发挑战。DYNAGINIC切片（分析执行以识别相关的代码和数据依赖性）是解决广泛安全问题的特别有效技术。该项目将为Android开发动态切片机，然后将切片机及其与其他现有工具集成到三个主要安全应用程序。 首先，通过高效，有效，集成控制/数据切片来改善动态污点分析。其次，在输入中找到相关的部分，即传感器流及其一部分负责与安全性相关的行为，例如攻击，崩溃，僵尸网络操作或使用反检测技术。第三，撤消计算，特别是将切片与记录和复制结合在一起，以支持Android上的撤消计算。 预计这些工作方案将导致：安全性，例如精确有效的动态污点跟踪，由于控制依赖的依赖，理解僵尸网络行为，有原则发现反检测技术，将良性与恶意状态变化分开；以及计划分析，例如，切片程序以事件为导向或严重依赖于过程间通信；在存在高通量事件流的情况下，计算输入/数据/代码相互依存关系。