DidFail: Coverage and Precision Enhancement
Technical Report,01 Jul 2017,01 Jul 2017
CARNEGIE-MELLON UNIV PITTSBURGH PA PITTSBURGH United States
Pagination or Media Count:
This report describes recent enhancements to Droid Intent Data Flow Analysis for Information Leakage DidFail, the CERT static taint analyzer for sets of Android apps. The enhancements are new analytical functionality for content providers, file accesses, and dynamic broadcast receivers. Previously, DidFail did not analyze taint flows involving Content Provider components however, now it analyzes taint flows involving all four types of Android components. The latest version of DidFail tracks taint flow across file access calls more precisely than it did in prior versions of the software. DidFail was also modified to handle dynamically declared Broadcast Receiver components in a fully automated way, by integrating it with a recent version of Flow Droid and working to fix remaining unanalyzed taint flows. Finally, a new command line argument optionally disables static field analysis in order to reduce DidFails memory usage and analysis time. These new features make DidFails taint tracking more precise for files and more comprehensive for dynamically declared Broadcast Receiver and Content Provider components. We implemented the new features and tested them on example apps that we developed and on real-world apps from different categories in the Google Play app store.