ReDroid: Prioritizing data flows and sinks for app security transformation

Ke Tian; Gang Tan; Danfeng Daphne Yao; Barbara G. Ryder

doi:10.1145/3141235.3141239

ReDroid: Prioritizing data flows and sinks for app security transformation

Ke Tian, Gang Tan, Danfeng Daphne Yao, Barbara G. Ryder

Computer Science and Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

2 Scopus citations

Abstract

Security transformation is to transfer applications to meet security guarantees. How to prioritize Android apps and fnd suitable transformation options is a challenging problem. Typical real-world apps have a large number of sensitive flows and sinks. Thus, security analysts need to prioritize these flows and data sinks according to their risks, i.e., flow ranking and sink ranking. We present an efcient graph-algorithm based risk metric for prioritizing risky flows and sinks in Android grayware apps. Our risk prioritization produces orderings that are consistent with published security reports. We demonstrate a new automatic app transformation framework that utilizes the above prioritization technique to improve app security. The framework provides more rewriting options than the state-of-art solutions by supporting flow- and sink-based security checks. Our prototype ReDroid is designed for security analysts who manage organizational app repositories and customize thirdparty apps to satisfy organization imposed security requirements. Our framework enables application transformation for both benchmark apps and real-world grayware to strengthen their security guarantees.

Original language	English (US)
Title of host publication	FEAST 2017 - Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2017
Publisher	Association for Computing Machinery, Inc
Pages	35-41
Number of pages	7
ISBN (Electronic)	9781450353953
DOIs	https://doi.org/10.1145/3141235.3141239
State	Published - Nov 3 2017
Event	2nd Workshop on Forming an Ecosystem Around Software Transformation, FEAST 2017 - Dallas, United States Duration: Nov 3 2017 → …

Publication series

Name	FEAST 2017 - Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2017

Other

Other	2nd Workshop on Forming an Ecosystem Around Software Transformation, FEAST 2017
Country/Territory	United States
City	Dallas
Period	11/3/17 → …

All Science Journal Classification (ASJC) codes

Computer Networks and Communications
Electrical and Electronic Engineering
Safety, Risk, Reliability and Quality

Access to Document

10.1145/3141235.3141239

Cite this

Tian, K., Tan, G., Yao, D. D., & Ryder, B. G. (2017). ReDroid: Prioritizing data flows and sinks for app security transformation. In FEAST 2017 - Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2017 (pp. 35-41). (FEAST 2017 - Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2017). Association for Computing Machinery, Inc. https://doi.org/10.1145/3141235.3141239

Tian, Ke ; Tan, Gang ; Yao, Danfeng Daphne et al. / ReDroid : Prioritizing data flows and sinks for app security transformation. FEAST 2017 - Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2017. Association for Computing Machinery, Inc, 2017. pp. 35-41 (FEAST 2017 - Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2017).

@inproceedings{6a213e1471344914a26e94b994efc383,

title = "ReDroid: Prioritizing data flows and sinks for app security transformation",

abstract = "Security transformation is to transfer applications to meet security guarantees. How to prioritize Android apps and fnd suitable transformation options is a challenging problem. Typical real-world apps have a large number of sensitive flows and sinks. Thus, security analysts need to prioritize these flows and data sinks according to their risks, i.e., flow ranking and sink ranking. We present an efcient graph-algorithm based risk metric for prioritizing risky flows and sinks in Android grayware apps. Our risk prioritization produces orderings that are consistent with published security reports. We demonstrate a new automatic app transformation framework that utilizes the above prioritization technique to improve app security. The framework provides more rewriting options than the state-of-art solutions by supporting flow- and sink-based security checks. Our prototype ReDroid is designed for security analysts who manage organizational app repositories and customize thirdparty apps to satisfy organization imposed security requirements. Our framework enables application transformation for both benchmark apps and real-world grayware to strengthen their security guarantees.",

author = "Ke Tian and Gang Tan and Yao, {Danfeng Daphne} and Ryder, {Barbara G.}",

note = "Publisher Copyright: {\textcopyright} 2017 Association for Computing Machinery.; 2nd Workshop on Forming an Ecosystem Around Software Transformation, FEAST 2017 ; Conference date: 03-11-2017",

year = "2017",

month = nov,

day = "3",

doi = "10.1145/3141235.3141239",

language = "English (US)",

series = "FEAST 2017 - Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2017",

publisher = "Association for Computing Machinery, Inc",

pages = "35--41",

booktitle = "FEAST 2017 - Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2017",

}

Tian, K, Tan, G, Yao, DD & Ryder, BG 2017, ReDroid: Prioritizing data flows and sinks for app security transformation. in FEAST 2017 - Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2017. FEAST 2017 - Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2017, Association for Computing Machinery, Inc, pp. 35-41, 2nd Workshop on Forming an Ecosystem Around Software Transformation, FEAST 2017, Dallas, United States, 11/3/17. https://doi.org/10.1145/3141235.3141239

ReDroid: Prioritizing data flows and sinks for app security transformation. / Tian, Ke; Tan, Gang; Yao, Danfeng Daphne et al.
FEAST 2017 - Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2017. Association for Computing Machinery, Inc, 2017. p. 35-41 (FEAST 2017 - Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2017).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - ReDroid

T2 - 2nd Workshop on Forming an Ecosystem Around Software Transformation, FEAST 2017

AU - Tian, Ke

AU - Tan, Gang

AU - Yao, Danfeng Daphne

AU - Ryder, Barbara G.

PY - 2017/11/3

Y1 - 2017/11/3

N2 - Security transformation is to transfer applications to meet security guarantees. How to prioritize Android apps and fnd suitable transformation options is a challenging problem. Typical real-world apps have a large number of sensitive flows and sinks. Thus, security analysts need to prioritize these flows and data sinks according to their risks, i.e., flow ranking and sink ranking. We present an efcient graph-algorithm based risk metric for prioritizing risky flows and sinks in Android grayware apps. Our risk prioritization produces orderings that are consistent with published security reports. We demonstrate a new automatic app transformation framework that utilizes the above prioritization technique to improve app security. The framework provides more rewriting options than the state-of-art solutions by supporting flow- and sink-based security checks. Our prototype ReDroid is designed for security analysts who manage organizational app repositories and customize thirdparty apps to satisfy organization imposed security requirements. Our framework enables application transformation for both benchmark apps and real-world grayware to strengthen their security guarantees.

AB - Security transformation is to transfer applications to meet security guarantees. How to prioritize Android apps and fnd suitable transformation options is a challenging problem. Typical real-world apps have a large number of sensitive flows and sinks. Thus, security analysts need to prioritize these flows and data sinks according to their risks, i.e., flow ranking and sink ranking. We present an efcient graph-algorithm based risk metric for prioritizing risky flows and sinks in Android grayware apps. Our risk prioritization produces orderings that are consistent with published security reports. We demonstrate a new automatic app transformation framework that utilizes the above prioritization technique to improve app security. The framework provides more rewriting options than the state-of-art solutions by supporting flow- and sink-based security checks. Our prototype ReDroid is designed for security analysts who manage organizational app repositories and customize thirdparty apps to satisfy organization imposed security requirements. Our framework enables application transformation for both benchmark apps and real-world grayware to strengthen their security guarantees.

UR - http://www.scopus.com/inward/record.url?scp=85037065662&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85037065662&partnerID=8YFLogxK

U2 - 10.1145/3141235.3141239

DO - 10.1145/3141235.3141239

M3 - Conference contribution

AN - SCOPUS:85037065662

T3 - FEAST 2017 - Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2017

SP - 35

EP - 41

BT - FEAST 2017 - Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2017

PB - Association for Computing Machinery, Inc

Y2 - 3 November 2017

ER -

Tian K, Tan G, Yao DD, Ryder BG. ReDroid: Prioritizing data flows and sinks for app security transformation. In FEAST 2017 - Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2017. Association for Computing Machinery, Inc. 2017. p. 35-41. (FEAST 2017 - Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2017). doi: 10.1145/3141235.3141239

ReDroid: Prioritizing data flows and sinks for app security transformation

Abstract

Publication series

Other

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this