TWC: Small: Collaborative: Improving Android Security with Dynamic Slicing

TWC：小：协作：通过动态切片提高 Android 安全性

• 批准号: 1617584
• 负责人: Iulian Neamtiu
• 金额: $ 24.98万
• 依托单位: New Jersey Institute of Technology
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2016
• 资助国家: 美国
• 起止时间: 2016-09-01 至 2021-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1617584&HistoricalAwards=false
• 关键词: TWC; Small; Collaborative; Improving; Android

Mobile devices have been very successful and continue to expand their user base. However, the very features that have made these devices successful, e.g., rich sensor inputs (GPS, camera, microphone) and continuous Internet connectivity, have also made the devices a favorite target for attackers. Attacks can have many negative consequences, from stealing users' secrets to spying on the users or installing viruses that render devices inoperable. This project will develop dynamic slicing techniques so that developers and researchers will be able to gain effective insights into device and app behavior, including malicious apps; this will make it easier to construct secure apps and to find/eliminate malicious behavior, which in turn will benefit mobile device users. Undergraduate and graduate students will be introduced to new approaches to smartphone security, which will make students better equipped for tackling emerging software research and development challenges.Dynamic slicing (analyzing an execution to identify relevant code and data dependences) is a particularly effective technique for addressing a wide range of security problems. This project will develop a dynamic slicer for Android and then use the slicer, as well as its integration with other existing tools, for three main security applications. First, improving dynamic taint analysis via efficient, effective, integrated control/data slicing. Second, finding relevant parts in the input to identity which sensor stream and part thereof are responsible for security-relevant behavior, e.g., attack, crash, botnet operation, or use of anti-detection techniques. Third, Undo Computing, in particular combining slicing with record-and-replay to support undo computing on Android. These lines of work are expected to lead to advances in: security, e.g., precise and effective dynamic taint tracking, finding leaks due to control dependences, understanding botnet behavior, principled discovery of anti-detection techniques, separating benign from malicious state changes; and program analysis, e.g., slicing programs that are event-oriented or rely heavily on inter-process communication; computing input/data/code interdependences in the presence of high-throughput event streams.

移动设备非常成功，并在继续扩大其用户基础。然而，正是这些设备成功的功能，例如丰富的传感器输入(GPS、摄像头、麦克风)和持续的互联网连接，也使这些设备成为攻击者最喜欢的目标。攻击可能会产生许多负面后果，从窃取用户机密到监视用户或安装导致设备无法操作的病毒。该项目将开发动态切片技术，以便开发人员和研究人员能够有效地洞察设备和应用程序的行为，包括恶意应用程序；这将使构建安全应用程序和发现/消除恶意行为变得更容易，这反过来将使移动设备用户受益。本科生和研究生将学习智能手机安全的新方法，这将使学生更好地准备应对新出现的软件研发挑战。动态切片(分析执行以确定相关代码和数据依赖)是解决广泛安全问题的一种特别有效的技术。该项目将为Android开发一个动态切片器，然后使用该切片器，以及它与其他现有工具的集成，用于三个主要的安全应用程序。首先，通过高效、有效、集成的控制/数据切片来改进动态污点分析。第二，在身份的输入中找出哪些传感器流及其部分负责与安全相关的行为，例如攻击、崩溃、僵尸网络操作或使用反检测技术。第三，撤销计算，特别是将切片与记录和回放相结合，支持Android上的撤销计算。这些工作预计将导致以下方面的进展：安全性，例如，精确和有效的动态污点跟踪，发现由于控制依赖而导致的泄漏，理解僵尸网络行为，反检测技术的原则性发现，将良性状态变化与恶意状态变化分开；以及程序分析，例如，对面向事件或严重依赖进程间通信的程序进行切片；在存在高吞吐量事件流的情况下计算输入/数据/代码相互依赖。