Volume 11 Number 7 (Jul. 2016)
Home > Archive > 2016 > Volume 11 Number 7 (Jul. 2016) >
JSW 2016 Vol.11(7): 677-684 ISSN: 1796-217X
doi: 10.17706/jsw.11.7.677-684

A Model Guided Security Analysis Approach for Android Applications

Yan Zhang1, 2*, Zhoujun Li1, Dianfu Ma1

1School of Computer Science and Engineering, Beihang University, Beijing, China.
2School of Mathematics and Computer Science, Hubei University, Wuhan, China.

Abstract—Revealing security vulnerabilities is one of great challenges for the Android ecosystem. Static analysis is the usual approach of the security analysis for computer software. However, it is undirected and time-consuming for the common static analysis methods to analyze the entire Android application system-atically from the main entry point. In order to adapt to the event-driven feature of Android applications, a model guided security analysis approach for Android applications is introduced and implemented into the prototype tool MSAS. This approach builds and utilizes the Operation Security Model to guide the targeted analysis process, and then concentrate on the identified analysis surface to reduce analysis workload, thereby achieving fast analysis speed and on-demand code coverage based on the security rules. The test result shows that this approach can improve the efficiency and effect of security analysis for Android appli-cations, and it has revealed 11 security vulnerabilities by analyzing several popular Android applications.

Index Terms—Model guided analysis, security analysis, Android application security, static analysis, vulnera-bility discovery.

[PDF]

Cite: Yan Zhang, Zhoujun Li1, Dianfu Ma, "A Model Guided Security Analysis Approach for Android Applications," Journal of Software vol. 11, no. 7, pp. 677-684, 2016.

General Information

ISSN: 1796-217X (Online)
Frequency:  Quarterly
Editor-in-Chief: Prof. Antanas Verikas
Executive Editor: Ms. Yoyo Y. Zhou
Abstracting/ Indexing: DBLP, EBSCO, CNKIGoogle Scholar, ProQuest, INSPEC(IET), ULRICH's Periodicals Directory, WorldCat, etc
E-mail: jsweditorialoffice@gmail.com
  • Mar 01, 2024 News!

    Vol 19, No 1 has been published with online version    [Click]

  • Jan 04, 2024 News!

    JSW will adopt Article-by-Article Work Flow

  • Apr 01, 2024 News!

    Vol 14, No 4- Vol 14, No 12 has been indexed by IET-(Inspec)     [Click]

  • Apr 01, 2024 News!

    Papers published in JSW Vol 18, No 1- Vol 18, No 6 have been indexed by DBLP   [Click]

  • Nov 02, 2023 News!

    Vol 18, No 4 has been published with online version   [Click]