these-ammii/thesis
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

wip
Some checks failed
/ test_checkout (push) Failing after 1s
Details

Browse source
This commit is contained in:
Jean-Marie Mineau 2025-08-17 23:35:07 +02:00
parent 25c79da4f9
commit 021ac36e73
Signed by: histausse
GPG key ID: B66AEEDA9B645AD2
15 changed files with 110 additions and 75 deletions
Download patch file Download diff file Expand all files Collapse all files

4
2_background/3_static_analysis.typ
View file

@ -9,7 +9,7 @@
== Static Analysis <sec:bg-static>
In the past fifteen years, the research community released many tools to detect or analyze malicious behaviors in applications.
In the past fifteen years, the research community released many tools to detect or analyse malicious behaviors in applications.
Two main approaches can be distinguished: static and dynamic analysis~@Li2017.
Dynamic analysis requires to run the application in a controlled environment to observe runtime values and/or interactions with the operating system.
For example, an Android emulator with a patched kernel can capture these interactions but the modifications to apply are not a trivial task.
@ -147,7 +147,7 @@ Reccuring examples of such support tools are Appktool (#eg Amandroid~@weiAmandro
The number of publication related to static analysis make can make it difficult to find the right tool for the right task.
Li #etal~@Li2017 published a systematic literature review for Android static analysis before May 2015.
They analyzed 92 publications and classified them by goal, method used to solve the problem and underlying technical solution for handling the bytecode when performing the static analysis.
They analysed 92 publications and classified them by goal, method used to solve the problem and underlying technical solution for handling the bytecode when performing the static analysis.
In particular, they listed 27 approaches with an open-source implementation available.
Nevertheless, experiments to evaluate the reusability of the pointed out software were not performed.
#jfl-note[We believe that the effort of reviewing the literature for making a comprehensive overview of available approaches should be pushed further: an existing published approach with a software that cannot be used for technical reasons endanger both the reproducibility and reusability of research.][A mettre en avant?]

2
2_background/4_datasets_and_benchmarking.typ
View file

@ -59,7 +59,7 @@ For each tool, both the usability and results of the tool were evaluated by aski
The auditors reported that most of the tools require a significant amount of time to setup, often due to dependencies issues and operating system incompatibilities.
Reaves #etal propose to solve these issues by distributing a Virtual Machine with a functional build of the tool in addition to the source code.
Regrettably, these Virtual Machines were not made available, preventing future researchers to take advantage of the work done by the auditors.
Reaves #etal also report that real world applications are more challenging to analyze, with tools having lower results, taking more time and memory to run, sometimes to the point of not being able to run the analysis.
Reaves #etal also report that real world applications are more challenging to analyse, with tools having lower results, taking more time and memory to run, sometimes to the point of not being able to run the analysis.
This result is worrying considering it was noticed on a dataset of only 16 real-world application.
A more diverse dataset would be needed to better assess the extend of the issue and give more insight about the factor impacting the perfomances of the tools.
//We will confirm and expand this result in @sec:rasta with a larger dataset than only 16 real-world applications.