PhD Dissertation Proposal by ZHANG Zicheng | Towards Testing, Detecting and Debloating Insecure Components in Android Applications

In the modern era, mobile applications have become an essential part of our daily lives, transforming how we interact with the world. These apps are widely used in various domains, from social activities to business functions. Due to the affordability and open nature of the Android system, it takes up nearly three-quarters of the market share. However, the open nature of Android makes it vulnerable to poorly designed or malicious apps. Existing research primarily focuses on detecting specific issues rather than providing a comprehensive and general workflow for analyzing and addressing insecure components in Android apps.

This proposal aims to introduce a comprehensive workflow for the analysis and handling of insecure components in Android applications. three phases: testing the behavior of insecure components, employing static analysis to identify vulnerable methods, and dynamically removing these vulnerable methods while the apps are running. These techniques can help developers, device vendors, and end-users better handle insecure components in Android apps, enhancing security and mitigating potential attacks.

ZHANG Zicheng is a Ph.D. candidate in Computer Science at the SMU School of Computing and Information Systems, supervised by Professor Debin GAO. His research interests focus on Android security, including application and platform security.