Start: Sep. 2015
Finish: Jan. 2018
Thesis Title: A Model Driven Reverse Engineering Approach for Evaluating the Implemented Access Control Policies
Android, as a free and open source platform, is extensively used worldwide by mobile application developers. Android applications can be easily downloaded or be accessed via several Android marketplaces. Since, mobile phones are used to store personal and sensitive information, there is a need for high level of privacy and security. Android provides a message passing system that can communicate within and between applications. To secure the device and avoid any attack, Android message passing system needs to be used appropriately and its possible weaknesses must be identified. One of the security vulnerabilities in the context of user privacy is the unauthorized access to sensitive data. In this case, a malicious application may take advantage of security holes in the application, or may deceive the user for excessive access, that will result in vulnerability of information and sensitive resources. Therefore, the risks associated with the Android message passing system should be evaluated to detect the unsafe operations and potential vulnerabilities.
To achieve this goal, an approach based on Model Driven Reverse Engineering (MDRE) is presented, that identifies security risks and vulnerabilities related to the Android application communication. The MDRE can represent the systems as the models to make the system better comprehension. Directly benefiting from MDE technology, discovery and display of security information will be achieved at higher level of abstraction. The proposed approach identifies vulnerabilities in the context of Inter-Component Communication (ICC). In this approach, the security information included in an Android app are collected by extracting app as several models. Then, this information is unified and integrated in a domain-specific model by the means of model transformations. Based on this model, some operations, such as queries can be later applied to analyze, manage the security configurations, and identify vulnerabilities in the corresponding application. The proposed approach is implemented as an Eclipse-based tool called VAnDroid, which stands for “Vulnerability Analysis of Android Applications”. To evaluate the approach, the VAnDroid tool has been applied to several real-world Android applications. In this evaluation, 20 apps in Google Play and 110 apps in F-Droid repository are selected, and three features of usability, scalability, and correctness have been evaluated. VAnDroid is also compared with several existing analysis tools. The results indicate that the proposed approach is superior to existing tools. Specifically, the high scalability, usability, and accuracy in discovering vulnerabilities are the key advantages of this tool.