DroidForce accepted at ARES’14

Posted on by

We are proud that our paper “DROIDFORCE: Enforcing Complex, Data-Centric, System-Wide Policies in Android” has been accepted at this year’s ARES conference. It was a collaborative paper together with Enrico Lovat (TU Munich) from the group of Prof. Dr. Alexander Pretschner. The abstract of the paper:

Smartphones are nowadays used to store and process many kinds of privacy-sensitive data such as contacts, photos, and e-mails. Sensors provide access to the phone’s physical location, and can record audio and video. While this is convenient for many applications, it also makes smartphones a worthwhile target for attackers providing malicious applications. Current approaches to runtime enforcement try to mitigate unauthorized leaks of confidential data. However, they are often capable of enforcing only a very limited set of policies, like preventing data leaks only within single components or monitoring access only to specific sensitive system resources.

In this work, we present DROIDFORCE, an approach for enforcing complex, data-centric, system-wide policies on Android applications. DROIDFORCE allows users to specify fine-grained constraints on how and when which data may be processed on their phones, regardless of whether the malicious behavior is distributed over different colluding components or even applications. Policies can be dynamically exchanged at runtime and no modifications to the operating system nor root access to the phone are required.

DROIDFORCE works purely on the application level. It provides a centralized policy decision point as a dedicated Android application and it instruments a decentralized policy enforcement point into every target application. Analyzing and instrumenting an application takes in total less than a minute and secured applications exhibit no noticeable slowdown in practice. 

The complete paper can be downloaded from here (note: it is only a preprint, the final version will be published at ARES in September).

Research Assistants in the Software Lab (Michael Pradel)

Posted on by
We are very happy that in October Michael Pradel will be starting as a new research group leader at EC SPRIDE. Currently he is looking for motivated students interested in joining the Software Lab as research assistants and Ph.D. students.

The Software Lab (SOLA) conducts research at the intersection of software engineering and programming languages, with a focus on tools and techniques for constructing reliable, efficient, and secure software. General areas of research include:

  • Dynamic program analysis
  • Static program analysis
  • Test case generation

More concretely, projects to be worked on may include but are not limited to:

  • Automated analysis of JavaScript-based web applications for security  vulnerabilities
  • Automated analyses that detect malicious behavior in browser extensions
  • Systematic studies of known security problems in web applications

More information is available here.

SOAP 2014: Program is available

Posted on by

The program for the third ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis  (SOAP 2014)  is now available at http://www.sable.mcgill.ca/soap/program.html. The workshop will take place on June 12th, 2014, and is co-located with PLDI in Edinburgh, Scotland.

Besides invited talks by Mayur Naik and Eric Bodden, the workshop features paper presentations on static analyses for software product lines, novel points-to-analyses, slicing approaches, typestate analyses, and taint flow analyses for mobile operating systems. This year’s SOAP workshop is organized by Raul Santelices from the University of Notre Dame and Steven Arzt from the Secure Software Engineering Group.

IccTA vs. DidFail: Inter-Component, Inter-Application Data Flow Analysis in Android Applications

Posted on by

We are happy to announce IccTA, a new tool for tracking data flows between Android components and even between Android applications. IccTA is a joined work together with Li Li, Alexandre Bartel, Jacques Klein, Yves Le Traon from the University of Luxembourg, Damien Octeau and Patrick McDaniel from the Pennsylvania State University, Steven Arzt, Siegfried Rasthofer and Eric Bodden from EC SPRIDE. IccTA is a tool performing static taint analysis for one or multiple Android applications. It leverages Epicc to connect Android components and FlowDroid to model the life-cycles of components and perform the taint analysis.

The taint analysis is performed intra- and inter-components, which improves the precision of the analysis. IccTA outperforms all other available tools (FlowDroid and AppScan) by reaching a precision of 95.0% and a recall of 82.6% on DroidBench.
When analyzing multiple applications, IccTA first merges them into one then performs the analysis.

Almost exactly the same moment, there came up an additional tool call DidFail from the Carnegie Mellon University, which is a similar approach to IccTA.
IccTA and DidFail both rely on Epicc and FlowDroid to find data leaks between components of Android applications. They can both detect intra- and inter-component leaks within a single application or between multiple applications. Even though they leverage the same tools to compute links between components and perform data-flow analysis, the implementations differ in term of precision.

In the following we would like to do a rough comparison of both tools:
Continue reading

Sieben Punkte für mehr Softwaresicherheit

Posted on by

Die aktuelle Heartbleed-Schwachstelle zeigt, wie wichtig es ist, die Sicherheit von Software zu verbessern. Konkrete Handlungsempfehlungen dazu diskutierten IT-Experten im Eberbacher Gespräch zu Software Security. Neben der Entwicklung besserer Testwerkzeuge fordern die Teilnehmer, die Sicherheit von Software bei öffentlichen Ausschreibungen stärker zu berücksichtigen sowie eine Diskussion der Haftungsfragen. Das Fraunhofer-Institut für Sichere Informationstechnologie SIT hat die Ergebnisse jetzt in einem Bericht veröffentlicht, der die wichtigsten Herausforderungen und passende Lösungsansätze beschreibt. Hier lässt sich das Positionspapier kostenlos herunterladen.

Software ist heute so komplex, dass Menschen selbst schwerwiegende Fehler trotz intensiver Prüfung nicht erkennen können. So bemerkte auch der Prüfer im Heartbleed-Fall den Fehler nicht. Dabei handelte es sich um Open-Source-Software, deren Programmcode sogar öffentlich einsehbar und nachprüfbar ist. Wie bei vielen Open-Source-Projekten nutzten Unternehmen den kostenlosen Code und sorgten so unabsichtlich für eine Verbreitung des Fehlers. „Das Beispiel zeigt, wie wichtig es ist, die Sicherheitsqualität von Programmcode vor dem Einsatz besser zu prüfen, und wie gefährlich die Nutzung von fremdem Code ist“, sagt Prof. Michael Waidner, Leiter des Fraunhofer SIT und Direktor des European Center for Security and Privacy by Design (EC SPRIDE). „Auch wenn noch nicht klar ist, welche Schäden durch die Schwachstelle entstanden sind, zeigt das Beispiel doch erneut, dass es wesentlich teurer ist, Softwarefehler nachträglich zu beheben, als sie in der Entwicklungsphase zu beseitigen.“

Um die Entwicklung sicherer Software zu fördern, erarbeiteten die Teilnehmer des Eberbacher Gesprächs sieben konkrete Empfehlungen: Dazu zählt neben der Beantwortung der Haftungsfrage die Entwicklung von flexiblen Sicherheitsprozessen, die sich auch für kleine und mittlere Softwarehersteller eignen. Neben einer verbesserten Ausbildung von Programmierern sollten auch die Vergaberichtlinien für Behörden so geändert werden, dass Mindestanforderungen hinsichtlich der IT-Sicherheit erfüllt werden. Um Unternehmen Anreize zu geben, die Sicherheit eingesetzter Software zu erhöhen, müssen Manager die Kostenvorteile von sicherer Software berechnen können, etwa mit Hilfe von neuen quantitativen Modellen. Darüber hinaus braucht es nach Meinung der Teilnehmer auch neue Zertifizierungsmethoden, die dem rasanten Tempo der Softwareentwicklung entsprechen, sowie neue Tools zur Schwachstellen-Aanalyse. „Gerade im Bereich der automatisierten Testwerkzeuge ist die deutsche Forschung besonders stark“, sagt Michael Waidner. „Neue Methoden erlauben es zum Beispiel, Fehler im Programmcode schneller und besser zu finden. Diese Ansätze gilt es jetzt, in Produkte zu verwandeln.“ Auf lange Sicht könnte sich auch eine Haftungsklärung positiv auf IT-Sicherheit und Datenschutz auswirken. (Oliver Küch, Fraunhofer SIT)

FlowDroid receives Artifact Evaluation Award

Posted on by

aec-badge-pldiOur taint-analysis framework FlowDroid was awarded the Artifact Evaluation Award at PLDI 2014. This year, out of 20 submitted artifacts, only 12 were found to meet or exceed the expectations and awarded accordingly. For FlowDroid, apparently the expectations of all three reviewers were exceeded. Thanks a lot to Christian Fritz for the initial implementation and to Steven Arzt for making this a nice and round distribution!

Are you using our tools? Please let us know!

Posted on by

Over the past few years, we have developed and open-sourced a whole range of program-analysis tools surrounding the Soot framework. Are you using Soot or any related tools?

Then please let us know by briefly filling out this form. It will not even take a minute!

This will help us when trying to acquire money with funding agencies and will help you help us keep up the level of support that you have provided so far.

Many thanks in advance!