Loading [MathJax]/extensions/MathMenu.js
HornDroid: Practical and Sound Static Analysis of Android Applications by SMT Solving | IEEE Conference Publication | IEEE Xplore

HornDroid: Practical and Sound Static Analysis of Android Applications by SMT Solving


Abstract:

We present HornDroid, a new tool for the static analysis of information flow properties in Android applications. The core idea underlying HornDroid is to use Horn clauses...Show More

Abstract:

We present HornDroid, a new tool for the static analysis of information flow properties in Android applications. The core idea underlying HornDroid is to use Horn clauses for soundly abstracting the semantics of Android applications and to express security properties as a set of proof obligations that are automatically discharged by an off-the-shelf SMT solver. This approach makes it possible to fine-tune the analysis in order to achieve a high degree of precision while still using off-the-shelf verification tools, thereby leveraging the recent advances in this field. As a matter of fact, HornDroid outperforms state-of-the-art Android static analysis tools on benchmarks proposed by the community. Moreover, HornDroid is the first static analysis tool for Android to come with a formal proof of soundness, which covers the core of the analysis technique: besides yielding correctness assurances, this proof allowed us to identify some critical corner-cases that affect the soundness guarantees provided by some of the previous static analysis tools for Android.
Date of Conference: 21-24 March 2016
Date Added to IEEE Xplore: 12 May 2016
ISBN Information:
Conference Location: Saarbruecken, Germany

Contact IEEE to Subscribe

References

References is not available for this document.