AndroShield: automated Android applications vulnerability detection, a hybrid static and dynamic analysis approach

Amr Amin, Amgad Eldessouki, Menna Tullah Magdy, Nouran Abdeen, Hanan Hindy, Islam Hegazy

Research output: Contribution to journalArticle

6 Downloads (Pure)

Abstract

The security of mobile applications has become a major research field which is associated with a lot of challenges. The high rate of developing mobile applications has resulted in less secure applications. This is due to what is called the “rush to release” as defined by Ponemon Institute. Security testing—which is considered one of the main phases of the development life cycle—is either not performed or given minimal time; hence, there is a need for security testing automation. One of the techniques used is Automated Vulnerability Detection. Vulnerability detection is one of the security tests that aims at pinpointing potential security leaks. Fixing those leaks results in protecting smart-phones and tablet mobile device users against attacks. This paper focuses on building a hybrid approach of static and dynamic analysis for detecting the vulnerabilities of Android applications. This approach is capsuled in a usable platform (web application) to make it easy to use for both public users and professional developers. Static analysis, on one hand, performs code analysis. It does not require running the application to detect vulnerabilities. Dynamic analysis, on the other hand, detects the vulnerabilities that are dependent on the run-time behaviour of the application and cannot be detected using static analysis. The model is evaluated against different applications with different security vulnerabilities. Compared with other detection platforms, our model detects information leaks as well as insecure network requests alongside other commonly detected flaws that harm users’ privacy. The code is available through a GitHub repository for public contribution.
Original languageEnglish
Article number326
Number of pages16
JournalInformation (Switzerland)
Volume10
Issue number10
Early online date22 Oct 2019
DOIs
Publication statusPublished - 22 Oct 2019

Fingerprint

Static analysis
Dynamic analysis
Mobile devices
Automation
Defects
Testing

Cite this

Amin, Amr ; Eldessouki, Amgad ; Magdy, Menna Tullah ; Abdeen, Nouran ; Hindy, Hanan ; Hegazy, Islam. / AndroShield : automated Android applications vulnerability detection, a hybrid static and dynamic analysis approach. In: Information (Switzerland). 2019 ; Vol. 10, No. 10.
@article{efdd542adb0c4482abfd7a0fe9c1757d,
title = "AndroShield: automated Android applications vulnerability detection, a hybrid static and dynamic analysis approach",
abstract = "The security of mobile applications has become a major research field which is associated with a lot of challenges. The high rate of developing mobile applications has resulted in less secure applications. This is due to what is called the “rush to release” as defined by Ponemon Institute. Security testing—which is considered one of the main phases of the development life cycle—is either not performed or given minimal time; hence, there is a need for security testing automation. One of the techniques used is Automated Vulnerability Detection. Vulnerability detection is one of the security tests that aims at pinpointing potential security leaks. Fixing those leaks results in protecting smart-phones and tablet mobile device users against attacks. This paper focuses on building a hybrid approach of static and dynamic analysis for detecting the vulnerabilities of Android applications. This approach is capsuled in a usable platform (web application) to make it easy to use for both public users and professional developers. Static analysis, on one hand, performs code analysis. It does not require running the application to detect vulnerabilities. Dynamic analysis, on the other hand, detects the vulnerabilities that are dependent on the run-time behaviour of the application and cannot be detected using static analysis. The model is evaluated against different applications with different security vulnerabilities. Compared with other detection platforms, our model detects information leaks as well as insecure network requests alongside other commonly detected flaws that harm users’ privacy. The code is available through a GitHub repository for public contribution.",
author = "Amr Amin and Amgad Eldessouki and Magdy, {Menna Tullah} and Nouran Abdeen and Hanan Hindy and Islam Hegazy",
year = "2019",
month = "10",
day = "22",
doi = "10.3390/info10100326",
language = "English",
volume = "10",
journal = "Information (Switzerland)",
issn = "2078-2489",
publisher = "Multidisciplinary Digital Publishing Institute (MDPI)",
number = "10",

}

AndroShield : automated Android applications vulnerability detection, a hybrid static and dynamic analysis approach. / Amin, Amr; Eldessouki, Amgad; Magdy, Menna Tullah; Abdeen, Nouran; Hindy, Hanan; Hegazy, Islam.

In: Information (Switzerland), Vol. 10, No. 10, 326, 22.10.2019.

Research output: Contribution to journalArticle

TY - JOUR

T1 - AndroShield

T2 - automated Android applications vulnerability detection, a hybrid static and dynamic analysis approach

AU - Amin, Amr

AU - Eldessouki, Amgad

AU - Magdy, Menna Tullah

AU - Abdeen, Nouran

AU - Hindy, Hanan

AU - Hegazy, Islam

PY - 2019/10/22

Y1 - 2019/10/22

N2 - The security of mobile applications has become a major research field which is associated with a lot of challenges. The high rate of developing mobile applications has resulted in less secure applications. This is due to what is called the “rush to release” as defined by Ponemon Institute. Security testing—which is considered one of the main phases of the development life cycle—is either not performed or given minimal time; hence, there is a need for security testing automation. One of the techniques used is Automated Vulnerability Detection. Vulnerability detection is one of the security tests that aims at pinpointing potential security leaks. Fixing those leaks results in protecting smart-phones and tablet mobile device users against attacks. This paper focuses on building a hybrid approach of static and dynamic analysis for detecting the vulnerabilities of Android applications. This approach is capsuled in a usable platform (web application) to make it easy to use for both public users and professional developers. Static analysis, on one hand, performs code analysis. It does not require running the application to detect vulnerabilities. Dynamic analysis, on the other hand, detects the vulnerabilities that are dependent on the run-time behaviour of the application and cannot be detected using static analysis. The model is evaluated against different applications with different security vulnerabilities. Compared with other detection platforms, our model detects information leaks as well as insecure network requests alongside other commonly detected flaws that harm users’ privacy. The code is available through a GitHub repository for public contribution.

AB - The security of mobile applications has become a major research field which is associated with a lot of challenges. The high rate of developing mobile applications has resulted in less secure applications. This is due to what is called the “rush to release” as defined by Ponemon Institute. Security testing—which is considered one of the main phases of the development life cycle—is either not performed or given minimal time; hence, there is a need for security testing automation. One of the techniques used is Automated Vulnerability Detection. Vulnerability detection is one of the security tests that aims at pinpointing potential security leaks. Fixing those leaks results in protecting smart-phones and tablet mobile device users against attacks. This paper focuses on building a hybrid approach of static and dynamic analysis for detecting the vulnerabilities of Android applications. This approach is capsuled in a usable platform (web application) to make it easy to use for both public users and professional developers. Static analysis, on one hand, performs code analysis. It does not require running the application to detect vulnerabilities. Dynamic analysis, on the other hand, detects the vulnerabilities that are dependent on the run-time behaviour of the application and cannot be detected using static analysis. The model is evaluated against different applications with different security vulnerabilities. Compared with other detection platforms, our model detects information leaks as well as insecure network requests alongside other commonly detected flaws that harm users’ privacy. The code is available through a GitHub repository for public contribution.

U2 - 10.3390/info10100326

DO - 10.3390/info10100326

M3 - Article

VL - 10

JO - Information (Switzerland)

JF - Information (Switzerland)

SN - 2078-2489

IS - 10

M1 - 326

ER -