@inproceedings{6a213e1471344914a26e94b994efc383,
title = "ReDroid: Prioritizing data flows and sinks for app security transformation",
abstract = "Security transformation is to transfer applications to meet security guarantees. How to prioritize Android apps and fnd suitable transformation options is a challenging problem. Typical real-world apps have a large number of sensitive flows and sinks. Thus, security analysts need to prioritize these flows and data sinks according to their risks, i.e., flow ranking and sink ranking. We present an efcient graph-algorithm based risk metric for prioritizing risky flows and sinks in Android grayware apps. Our risk prioritization produces orderings that are consistent with published security reports. We demonstrate a new automatic app transformation framework that utilizes the above prioritization technique to improve app security. The framework provides more rewriting options than the state-of-art solutions by supporting flow- and sink-based security checks. Our prototype ReDroid is designed for security analysts who manage organizational app repositories and customize thirdparty apps to satisfy organization imposed security requirements. Our framework enables application transformation for both benchmark apps and real-world grayware to strengthen their security guarantees.",
author = "Ke Tian and Gang Tan and Yao, {Danfeng Daphne} and Ryder, {Barbara G.}",
note = "Publisher Copyright: {\textcopyright} 2017 Association for Computing Machinery.; 2nd Workshop on Forming an Ecosystem Around Software Transformation, FEAST 2017 ; Conference date: 03-11-2017",
year = "2017",
month = nov,
day = "3",
doi = "10.1145/3141235.3141239",
language = "English (US)",
series = "FEAST 2017 - Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2017",
publisher = "Association for Computing Machinery, Inc",
pages = "35--41",
booktitle = "FEAST 2017 - Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2017",
}