Research Seminar by Santanu Dash | Documentation-guided Taint Analysis for the Android Platform

Documentation-guided Taint Analysis for the Android Platform

Security practitioners use static analysis to detect security issues in Android apps. These analyses rely on the identification and classification of security-sensitive methods or APIs that call the Android system. Identification of such APIs is difficult due to the size, and rapid evolution of the Android platform. In this talk, I will discuss how to auto-process Android API documentation to guide static taint analysis. Our tool, DocFlow, which will appear at ICSE’24, uses a data-driven approach to model an API’s behaviour and obtains vector space embeddings for the API. These embeddings are then used to identify and classify security-sensitive methods for taint analysis. Unlike state-of-the-art approaches, our approach does not require access to source code, allowing proprietary libraries to be included in the analysis. We evaluate DocFlow on Android platform packages and closed-source Google Play Services libraries. Our results show that our framework detects sensitive flows with high precision and adapts to new API versions. This evidence suggests that Android documentation encodes rich semantic information and can be used to guide software analysis.