Blogs (9) >>
SPLASH 2016
Sun 30 October - Fri 4 November 2016 Amsterdam, Netherlands
Tue 1 Nov 2016 11:36 - 12:10 at Winterthur - Session 2 Chair(s): Michael Pradel, Omer Tripp

Android applications, or apps, provide useful features to end-users, but many apps also contain malicious behavior. Modern malware makes understanding such behavior challenging by behaving maliciously only under particular conditions. For example, a malware app may check whether it runs on a real device and not an emulator, in a particular country, and alongside a specific target app, such as a vulnerable banking app. To observe the malicious behavior, an analyst must find out and emulate all these app-specific constraints. In this talk, we will present FuzzDroid, a framework for automatically generating an Android execution environment where an app exposes its malicious behavior. The key idea is to combine an extensible set of static and dynamic analyses through a search-based algorithm that steers the app toward a configurable target location. On recent malware, the approach reaches the target location in 75% of the apps. In total, we reach 240 code locations within an average time of only one minute. To reach these code locations, FuzzDroid generates 106 different environments, too many for a human analyst to create manually.

Tue 1 Nov

Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

10:30 - 12:10
Session 2WODA at Winterthur
Chair(s): Michael Pradel TU Darmstadt, Germany, Omer Tripp IBM Research, USA
10:30
33m
Talk
Inferring test oracles from the Javadoc documentation
WODA
Alessandra Gorla IMDEA Software Institute
11:03
33m
Talk
The high-interest credit card of runtime enforcement
WODA
Ben Livshits Microsoft Research
11:36
33m
Talk
Making Malory Behave Maliciously: Targeted Fuzzing of Android Applications
WODA
Steven Arzt TU Darmstadt, Germany