@inproceedings{d1fe728d73f84909926b59f83c08ad4d,
title = "When program analysis meets mobile security: An industrial study of misusing android internet sockets",
abstract = "Despite recent progress in program analysis techniques to identify vulnerabilities in Android apps, significant challenges still remain for applying these techniques to large-scale industrial environments. Modern software-security providers, such as Qihoo 360 and Pwnzen (two leading companies in China), are often required to process more than 10 million mobile apps at each run. In this work, we focus on effectively and efficiently identifying vulnerable usage of Internet sockets in an industrial setting. To achieve this goal, we propose a practical hybrid approach that enables lightweight yet precise detection in the industrial setting. In particular, we integrate the process of categorizing potential vulnerable apps with analysis techniques, to reduce the inevitable human inspection effort. We categorize potential vulnerable apps based on characteristics of vulnerability signatures, to reduce the burden on static analysis. We flexibly integrate static and dynamic analyses for apps in each identified family, to refine the family signatures and hence target on precise detection.We implement our approach in a practical system and deploy the system on the Pwnzen platform. By using the system, we identify and report potential vulnerabilities of 24 vulnerable apps (falling into 3 vulnerability families) to their developers, and some of these reported vulnerabilities are previously unknown. The apps of each vulnerability family in total have over 50 million downloads. We also propose countermeasures and highlight promising directions for technology transfer.",
keywords = "Android security, Internet sockets, Vulnerability analysis",
author = "Wenqi Bu and Minhui Xue and Lihua Xu and Yajin Zhou and Zhushou Tang and Tao Xie",
note = "Publisher Copyright: {\textcopyright} 2017 Association for Computing Machinery.; 11th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering, ESEC/FSE 2017 ; Conference date: 04-09-2017 Through 08-09-2017",
year = "2017",
month = aug,
day = "21",
doi = "10.1145/3106237.3117764",
language = "English (US)",
series = "Proceedings of the ACM SIGSOFT Symposium on the Foundations of Software Engineering",
publisher = "Association for Computing Machinery",
pages = "842--847",
editor = "Andrea Zisman and Eric Bodden and Wilhelm Schafer and {van Deursen}, Arie",
booktitle = "ESEC/FSE 2017 - Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering",
address = "United States",
}