English
Related papers

Related papers: Call Graph Soundness in Android Static Analysis

200 papers

The Android OS has become the most popular mobile operating system leading to a significant increase in the spread of Android malware. Consequently, several static and dynamic analysis systems have been developed to detect Android malware.…

Cryptography and Security · Computer Science 2017-05-19 Mohammed K. Alzaylaee , Suleiman Y. Yerima , Sakir Sezer

The Android middleware, in particular the so-called systemserver, is a crucial and central component to Android's security and robustness. To understand whether the systemserver provides the demanded security properties, it has to be…

Cryptography and Security · Computer Science 2021-10-13 Oliver Schranz , Sebastian Weisgerber , Erik Derr , Michael Backes , Sven Bugiel

We present Anadroid, a static malware analysis framework for Android apps. Anadroid exploits two techniques to soundly raise precision: (1) it uses a pushdown system to precisely model dynamically dispatched interprocedural and…

Programming Languages · Computer Science 2013-11-19 Shuying Liang , Andrew W. Keep , Matthew Might , Steven Lyde , Thomas Gilray , Petey Aldous , David Van Horn

As the dominant mobile operating system, Android continues to attract a substantial influx of new applications each year. However, this growth is accompanied by increased attention from malicious actors, resulting in a significant rise in…

Software Engineering · Computer Science 2025-12-16 Dewen Suo , Lei Xue , Weihao Huang , Runze Tan , Guozi Sun

We address the problem of discovering communication links between applications in the popular Android mobile operating system, an important problem for security and privacy in Android. Any scalable static analysis in this complex setting is…

Programming Languages · Computer Science 2018-09-12 Jinman Zhao , Aws Albarghouthi , Vaibhav Rastogi , Somesh Jha , Damien Octeau

With the continuous growth in the usage of Android apps, ensuring their security has become critically important. An increasing number of malicious apps adopt anti-analysis techniques to evade security measures. Although some research has…

Cryptography and Security · Computer Science 2025-12-16 Dewen Suo , Lei Xue , Runze Tan , Weihao Huang , Guozi Sun

We present HornDroid, a new tool for the static analysis of information flow properties in Android applications. The core idea underlying HornDroid is to use Horn clauses for soundly abstracting the semantics of Android applications and to…

Cryptography and Security · Computer Science 2017-07-26 Stefano Calzavara , Ilya Grishchenko , Matteo Maffei

Android apps must be able to deal with both stop events, which require immediately stopping the execution of the app without losing state information, and start events, which require resuming the execution of the app at the same point it…

Software Engineering · Computer Science 2019-05-28 Oliviero Riganelli , Marco Mobilio , Daniela Micucci , Leonardo Mariani

Native code is now commonplace within Android app packages where it co-exists and interacts with Dex bytecode through the Java Native Interface to deliver rich app functionalities. Yet, state-of-the-art static analysis approaches have…

Software Engineering · Computer Science 2022-01-25 Jordan Samhi , Jun Gao , Nadia Daoudi , Pierre Graux , Henri Hoyez , Xiaoyu Sun , Kevin Allix , Tegawendé F. Bissyandé , Jacques Klein

Despite over 3.5 million Android apps and 200+ million Android Auto-compatible vehicles, only a few hundred apps support Android Auto due to platform-specific compliance requirements. Android Auto mandates service-based architectures in…

Software Engineering · Computer Science 2026-01-28 Moshood Fakorede , Umar Farooq

Increasing interest in securing the Android ecosystem has spawned numerous efforts to assist app developers in building secure apps. These efforts have resulted in tools and techniques capable of detecting vulnerabilities (and malicious…

Cryptography and Security · Computer Science 2019-08-06 Venkatesh-Prasad Ranganath , Joydeep Mitra

Dynamic analysis has emerged as a pivotal technique for testing Android apps, enabling the detection of bugs, malicious code, and vulnerabilities. A key metric in evaluating the efficacy of tools employed by both research and practitioner…

Software Engineering · Computer Science 2024-04-18 Jordan Samhi , Andreas Zeller

Identifying dependency call graphs of multilanguage software systems using static code analysis is challenging. The different languages used in developing today's systems often have different lexical, syntactical, and semantic rules that…

Malware authors have seen obfuscation as the mean to bypass malware detectors based on static analysis features. For Android, several studies have confirmed that many anti-malware products are easily evaded with simple program…

Cryptography and Security · Computer Science 2023-10-25 Borja Molina-Coronado , Antonio Ruggia , Usue Mori , Alessio Merlo , Alexander Mendiburu , Jose Miguel-Alonso

The amount of Android malware has increased greatly during the last few years. Static analysis is widely used in detecting such malware by analyzing the code without execution. The effectiveness of current tools relies on the app model as…

Cryptography and Security · Computer Science 2016-04-11 Mohsin Junaid , Donggang Liu , David Kung

With over 500,000 commits and more than 700 contributors, the Android platform is undoubtedly one of the largest industrial-scale software projects. This project provides the Android API, and developers heavily rely on this API to develop…

Software Engineering · Computer Science 2022-06-01 Pei Liu , Li Li , Yichun Yan , Mattia Fazzini , John Grundy

To identify security vulnerabilities in Android applications, numerous static application security testing (SAST) tools have been proposed. However, it poses significant challenges to assess their overall performance on diverse…

Software Engineering · Computer Science 2024-10-29 Jingyun Zhu , Kaixuan Li , Sen Chen , Lingling Fan , Junjie Wang , Xiaofei Xie

Sophisticated malware families exploit the openness of the Android platform to infiltrate IoT networks, enabling large-scale disruption, data exfiltration, and denial-of-service attacks. This systematic literature review (SLR) examines…

Cryptography and Security · Computer Science 2025-09-16 Shama Maganur , Yili Jiang , Jiaqi Huang , Fangtian Zhong

Knowledge-based systems reason over some knowledge base. Hence, an important issue for such systems is how to acquire the knowledge needed for their inference. This paper assesses active learning methods for acquiring knowledge for "static…

Software Engineering · Computer Science 2020-10-23 Xueqi Yang , Zhe Yu , Junjie Wang , Tim Menzies

Technical debt describes situations where developers write less-than-optimal code to meet project milestones. However, this debt accumulation often results in future developer effort to live with or fix these quality issues. To better…

Software Engineering · Computer Science 2023-03-07 Gregory Wilder , Riley Miyamoto , Samuel Watson , Rick Kazman , Anthony Peruma