Translate

Thursday

PROGRAM ANALYSIS OF SMART PHONE APPS

PROGRAM ANALYSIS OF SMART PHONE APPS

(A research based on program analysis of smart phone applications)


You can find complete tutorials

BY; CHALISE BIRENDRA
Abstract

 Here, I am going to present the static analysis of an android app (Google Chrome) with the help of control flow graphs(CFGs) generated by using java bytecode analysis tool soot. For, control flow graphs, Soot converts the android application into its intermediate format(.jimple) and dot file of all methods which is further converted into control flow graphs through graph generated software i.e. Graphviz, before analyzing statically.
Additionally, the graphical representation of an app is created in the form of control flow graphs which is created for all possible java methods of the android app, and implemented to do static analysis of the app. I also generate and calculate the numbers of all java methods as CFG and classes as intermediate representation i.e.jimple.


Finally, I will introduce a new analysis that integrates and enhances existing Android app static analyses and successfully tests the static analysis of given android app by calculating the time span for extracting the methods from an app, number of all reachable classes and methods for the purpose of the CFG static analysis. 

Introduction
Here I am using Soot[1] to convert Android apk to Intermediate Representation mostly as Jimple (can be use baf, Shimple, Grimph etc) and produce Jimple files of each class that belongs to apk graphical representation of each method as dot file which further will generate Control flow graph for static analysis of android apk based on the process of java bytecode [6] (see in figure 1).







Figure 1: Java Bytecode


Moreover, I am using another technique to get similar results for static analysis with soot as Dalvik bytecode to Jimple. As Jimple is Soot’s main internal representation of code, the Dalvik bytecode can be manipulated with any Jimple based tool, for instance for performing point-to or flow analysis.

 Finally, I am able to convert any .java, .class, .apk and .jar files to its all intermediate representation jimple, baf, simple, grimph etc; Create Control Flow Graph, assemble/dissemble, .dex , .apk or delvik bytecode[1,2] which further helps to perform static analysis of all Java or Android files and apps for various security purpose as well[3].




Posted by at
Labels: , , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)