NIST logo

Publication Citation: Exposing Software Security and Availability Risks For Commercial Mobile Devices

NIST Authors in Bold

Author(s): Ryan Johnson; Zhaohui Wang; Angelos Stavrou; Jeffrey M. Voas;
Title: Exposing Software Security and Availability Risks For Commercial Mobile Devices
Published: June 21, 2013
Abstract: In this manuscript, we present our efforts towards a framework for exposing the functionality of a mobile application through a combination of static and dynamic program analysis that attempts to explore all available execution paths including libraries. We verified our approach by testing a large number of Android applications with our program to exhibit its functionality and viability. The framework allows complete automation of the execution process so that no user input is required. We also discuss how our static analysis program can be used to inform the execution of the dynamic analysis program. The program can serve as an extensible basis to fulfill other useful purposes such as symbolic execution, program verification, interactive debugger, and other approaches that require deep inspection of an Android application.
Conference: The Annual Reliability and Maintainability Symposium
Proceedings: 2013 Proceedings of The Annual Reliability and Maintainability Symposium (RAMS'13)
Pages: pp. 1 - 7
Location: Orlando, FL
Dates: January 28-31, 2013
Keywords: software reliability; dynamic analysis; execution coverage; Android
Research Areas: Information Technology, Computer Security, Cybersecurity
DOI: http://dx.doi.org/10.1109/RAMS.2013.6517735  (Note: May link to a non-U.S. Government webpage)
PDF version: PDF Document Click here to retrieve PDF version of paper (160KB)