论文信息 - A type and effect system for activation flow of components in Android programs

A type and effect system for activation flow of components in Android programs

This paper proposes a type and effect system for analyzing activation flow between components through intents in Android programs. The activation flow information is necessary for all Android analyses such as a secure information flow analysis for Android programs. We first design a formal semantics for a core of featherweight Android/Java, which can address interaction between components through intents. Based on the formal semantics, we design a type and effect system for analyzing activation flow between components and demonstrate the soundness of the system.

Byeong-Mo Chang | Kwanghoon Choi

[1] J. Foster,et al. SCanDroid: Automated Security Certification of Android , 2009 .

[2] David A. Wagner,et al. Analyzing inter-application communication in Android , 2011, MobiSys '11.

[3] Aske Simon Christensen,et al. Precise Analysis of String Expressions , 2003, SAS.

[4] K. Yi,et al. Static Analyzer for Detecting Privacy Leaks in Android Applications , 2012 .

[5] Philip Wadler,et al. Featherweight Java: a minimal core calculus for Java and GJ , 2001, TOPL.

[6] Jacques Klein,et al. Effective inter-component communication mapping in Android with Epicc: an essential step towards holistic security analysis , 2013 .

[7] Avik Chaudhuri,et al. SCanDroid: Automated Security Certification of Android , 2009 .

[8] Martin Hofmann,et al. Verifying pointer and string analyses with region type systems , 2013, Comput. Lang. Syst. Struct..

[9] Barbara G. Ryder,et al. Parameterized object sensitivity for points-to analysis for Java , 2005, TSEM.

[10] Flemming Nielson,et al. Type and effect systems - behaviours for concurrency , 1999 .