diff --git a/0_preamble/acknowledgements.typ b/0_preamble/acknowledgements.typ index 9beaac2..c1c650d 100644 --- a/0_preamble/acknowledgements.typ +++ b/0_preamble/acknowledgements.typ @@ -4,4 +4,4 @@ #todo[Acknowledge people] -#lorem(400) +#text(fill: luma(75%), lorem(400)) diff --git a/0_preamble/french_summary.typ b/0_preamble/french_summary.typ index 4231b44..4f9ada1 100644 --- a/0_preamble/french_summary.typ +++ b/0_preamble/french_summary.typ @@ -9,7 +9,7 @@ Write a "Substantial Summary" in french, at least 4 pages: https://ed-matisse.doctorat-bretagne.fr/fr/soutenance-de-these#p-151 ] -#lorem(200) +#text(fill: luma(75%), lorem(200)) /* * Vocabulaire: diff --git a/1_introduction/main.typ b/1_introduction/main.typ index bbb0783..0b45ff9 100644 --- a/1_introduction/main.typ +++ b/1_introduction/main.typ @@ -4,3 +4,16 @@ #todo[Write an introduction] +/* +* +* De tout temps les hommes on fait des apps android ... +* +* Introduire la notion de reverseur qui veux analyser une app +* +* Les outils d'analyses android sont problématique: +* - résulats trop bons sur des datasets faciles +* - facile a pieger: shadow attacks +* - savent pas gerer le chargement dyn et reflection +* +* Problématique: todo +*/ diff --git a/2_background/main.typ b/2_background/main.typ index 063241d..1442111 100644 --- a/2_background/main.typ +++ b/2_background/main.typ @@ -2,6 +2,21 @@ = Background -#todo[Present your field background] +#todo[Present field background and related work] -#lorem(200) +#text(fill: luma(75%), lorem(200)) + +/* +* Cours generique sur android +* présenter apk tool, jadx, androguard et flowdroid +* analyse statique +* outils avec des datasets un peu trop gentils +* +* analyse dynamique +* +* process du reverseur +* +* Garder les détails du class loading et de la reflection pour les chapitres associés? +* +* Analyse dynamique +*/ diff --git a/4_rasta/0_intro.typ b/3_rasta/0_intro.typ similarity index 100% rename from 4_rasta/0_intro.typ rename to 3_rasta/0_intro.typ diff --git a/4_rasta/1_related_work.typ b/3_rasta/1_related_work.typ similarity index 100% rename from 4_rasta/1_related_work.typ rename to 3_rasta/1_related_work.typ diff --git a/4_rasta/2_methodology.typ b/3_rasta/2_methodology.typ similarity index 100% rename from 4_rasta/2_methodology.typ rename to 3_rasta/2_methodology.typ diff --git a/4_rasta/3_experiments.typ b/3_rasta/3_experiments.typ similarity index 100% rename from 4_rasta/3_experiments.typ rename to 3_rasta/3_experiments.typ diff --git a/4_rasta/4_discussion.typ b/3_rasta/4_discussion.typ similarity index 100% rename from 4_rasta/4_discussion.typ rename to 3_rasta/4_discussion.typ diff --git a/4_rasta/5_conclusion.typ b/3_rasta/5_conclusion.typ similarity index 100% rename from 4_rasta/5_conclusion.typ rename to 3_rasta/5_conclusion.typ diff --git a/4_rasta/X_lib.typ b/3_rasta/X_lib.typ similarity index 100% rename from 4_rasta/X_lib.typ rename to 3_rasta/X_lib.typ diff --git a/4_rasta/X_var.typ b/3_rasta/X_var.typ similarity index 100% rename from 4_rasta/X_var.typ rename to 3_rasta/X_var.typ diff --git a/4_rasta/data/average_mem-final.csv b/3_rasta/data/average_mem-final.csv similarity index 100% rename from 4_rasta/data/average_mem-final.csv rename to 3_rasta/data/average_mem-final.csv diff --git a/4_rasta/data/average_number_of_error_by_exec.csv b/3_rasta/data/average_number_of_error_by_exec.csv similarity index 100% rename from 4_rasta/data/average_number_of_error_by_exec.csv rename to 3_rasta/data/average_number_of_error_by_exec.csv diff --git a/4_rasta/data/average_time-final.csv b/3_rasta/data/average_time-final.csv similarity index 100% rename from 4_rasta/data/average_time-final.csv rename to 3_rasta/data/average_time-final.csv diff --git a/4_rasta/data/data-final.csv b/3_rasta/data/data-final.csv similarity index 100% rename from 4_rasta/data/data-final.csv rename to 3_rasta/data/data-final.csv diff --git a/4_rasta/figs/decorelation/finishing-rate-of-java-based-tool-by-bytecode-size-of-apks-detected-in-2022.svg b/3_rasta/figs/decorelation/finishing-rate-of-java-based-tool-by-bytecode-size-of-apks-detected-in-2022.svg similarity index 100% rename from 4_rasta/figs/decorelation/finishing-rate-of-java-based-tool-by-bytecode-size-of-apks-detected-in-2022.svg rename to 3_rasta/figs/decorelation/finishing-rate-of-java-based-tool-by-bytecode-size-of-apks-detected-in-2022.svg diff --git a/4_rasta/figs/decorelation/finishing-rate-of-java-based-tool-by-discovery-year-of-apks-with-a-bytecode-size-between-4-08-mb-and-5-2-mb.svg b/3_rasta/figs/decorelation/finishing-rate-of-java-based-tool-by-discovery-year-of-apks-with-a-bytecode-size-between-4-08-mb-and-5-2-mb.svg similarity index 100% rename from 4_rasta/figs/decorelation/finishing-rate-of-java-based-tool-by-discovery-year-of-apks-with-a-bytecode-size-between-4-08-mb-and-5-2-mb.svg rename to 3_rasta/figs/decorelation/finishing-rate-of-java-based-tool-by-discovery-year-of-apks-with-a-bytecode-size-between-4-08-mb-and-5-2-mb.svg diff --git a/4_rasta/figs/decorelation/finishing-rate-of-java-based-tool-by-min-sdk-of-apks-with-a-bytecode-size-between-4-08-mb-and-5-2-mb.svg b/3_rasta/figs/decorelation/finishing-rate-of-java-based-tool-by-min-sdk-of-apks-with-a-bytecode-size-between-4-08-mb-and-5-2-mb.svg similarity index 100% rename from 4_rasta/figs/decorelation/finishing-rate-of-java-based-tool-by-min-sdk-of-apks-with-a-bytecode-size-between-4-08-mb-and-5-2-mb.svg rename to 3_rasta/figs/decorelation/finishing-rate-of-java-based-tool-by-min-sdk-of-apks-with-a-bytecode-size-between-4-08-mb-and-5-2-mb.svg diff --git a/4_rasta/figs/decorelation/finishing-rate-of-non-java-based-tool-by-bytecode-size-of-apks-detected-in-2022.svg b/3_rasta/figs/decorelation/finishing-rate-of-non-java-based-tool-by-bytecode-size-of-apks-detected-in-2022.svg similarity index 100% rename from 4_rasta/figs/decorelation/finishing-rate-of-non-java-based-tool-by-bytecode-size-of-apks-detected-in-2022.svg rename to 3_rasta/figs/decorelation/finishing-rate-of-non-java-based-tool-by-bytecode-size-of-apks-detected-in-2022.svg diff --git a/4_rasta/figs/decorelation/finishing-rate-of-non-java-based-tool-by-discovery-year-of-apks-with-a-bytecode-size-between-4-08-mb-and-5-2-mb.svg b/3_rasta/figs/decorelation/finishing-rate-of-non-java-based-tool-by-discovery-year-of-apks-with-a-bytecode-size-between-4-08-mb-and-5-2-mb.svg similarity index 100% rename from 4_rasta/figs/decorelation/finishing-rate-of-non-java-based-tool-by-discovery-year-of-apks-with-a-bytecode-size-between-4-08-mb-and-5-2-mb.svg rename to 3_rasta/figs/decorelation/finishing-rate-of-non-java-based-tool-by-discovery-year-of-apks-with-a-bytecode-size-between-4-08-mb-and-5-2-mb.svg diff --git a/4_rasta/figs/decorelation/finishing-rate-of-non-java-based-tool-by-min-sdk-of-apks-with-a-bytecode-size-between-4-08-mb-and-5-2-mb.svg b/3_rasta/figs/decorelation/finishing-rate-of-non-java-based-tool-by-min-sdk-of-apks-with-a-bytecode-size-between-4-08-mb-and-5-2-mb.svg similarity index 100% rename from 4_rasta/figs/decorelation/finishing-rate-of-non-java-based-tool-by-min-sdk-of-apks-with-a-bytecode-size-between-4-08-mb-and-5-2-mb.svg rename to 3_rasta/figs/decorelation/finishing-rate-of-non-java-based-tool-by-min-sdk-of-apks-with-a-bytecode-size-between-4-08-mb-and-5-2-mb.svg diff --git a/4_rasta/figs/exit-status-for-the-drebin-dataset.svg b/3_rasta/figs/exit-status-for-the-drebin-dataset.svg similarity index 100% rename from 4_rasta/figs/exit-status-for-the-drebin-dataset.svg rename to 3_rasta/figs/exit-status-for-the-drebin-dataset.svg diff --git a/4_rasta/figs/exit-status-for-the-rasta-dataset-goodware-malware.svg b/3_rasta/figs/exit-status-for-the-rasta-dataset-goodware-malware.svg similarity index 100% rename from 4_rasta/figs/exit-status-for-the-rasta-dataset-goodware-malware.svg rename to 3_rasta/figs/exit-status-for-the-rasta-dataset-goodware-malware.svg diff --git a/4_rasta/figs/exit-status-for-the-rasta-dataset.svg b/3_rasta/figs/exit-status-for-the-rasta-dataset.svg similarity index 100% rename from 4_rasta/figs/exit-status-for-the-rasta-dataset.svg rename to 3_rasta/figs/exit-status-for-the-rasta-dataset.svg diff --git a/4_rasta/figs/finishing-rate-by-year-of-java-based-tools.svg b/3_rasta/figs/finishing-rate-by-year-of-java-based-tools.svg similarity index 100% rename from 4_rasta/figs/finishing-rate-by-year-of-java-based-tools.svg rename to 3_rasta/figs/finishing-rate-by-year-of-java-based-tools.svg diff --git a/4_rasta/figs/finishing-rate-by-year-of-non-java-based-tools.svg b/3_rasta/figs/finishing-rate-by-year-of-non-java-based-tools.svg similarity index 100% rename from 4_rasta/figs/finishing-rate-by-year-of-non-java-based-tools.svg rename to 3_rasta/figs/finishing-rate-by-year-of-non-java-based-tools.svg diff --git a/4_rasta/figs/repartition-of-error-types-among-tools.svg b/3_rasta/figs/repartition-of-error-types-among-tools.svg similarity index 100% rename from 4_rasta/figs/repartition-of-error-types-among-tools.svg rename to 3_rasta/figs/repartition-of-error-types-among-tools.svg diff --git a/4_rasta/figs/running.svg b/3_rasta/figs/running.svg similarity index 100% rename from 4_rasta/figs/running.svg rename to 3_rasta/figs/running.svg diff --git a/4_rasta/main.typ b/3_rasta/main.typ similarity index 100% rename from 4_rasta/main.typ rename to 3_rasta/main.typ diff --git a/3_related_work/main.typ b/3_related_work/main.typ deleted file mode 100644 index 1ddb4c3..0000000 --- a/3_related_work/main.typ +++ /dev/null @@ -1,7 +0,0 @@ -#import "../lib.typ": todo - -= Related Work - -#todo[Do the State of the Art] - -#lorem(200) diff --git a/5_class_loader/0_intro.typ b/4_class_loader/0_intro.typ similarity index 100% rename from 5_class_loader/0_intro.typ rename to 4_class_loader/0_intro.typ diff --git a/5_class_loader/1_related_work.typ b/4_class_loader/1_related_work.typ similarity index 100% rename from 5_class_loader/1_related_work.typ rename to 4_class_loader/1_related_work.typ diff --git a/5_class_loader/2_classloading.typ b/4_class_loader/2_classloading.typ similarity index 100% rename from 5_class_loader/2_classloading.typ rename to 4_class_loader/2_classloading.typ diff --git a/5_class_loader/3_obfuscation.typ b/4_class_loader/3_obfuscation.typ similarity index 100% rename from 5_class_loader/3_obfuscation.typ rename to 4_class_loader/3_obfuscation.typ diff --git a/5_class_loader/4_in_the_wild.typ b/4_class_loader/4_in_the_wild.typ similarity index 100% rename from 5_class_loader/4_in_the_wild.typ rename to 4_class_loader/4_in_the_wild.typ diff --git a/5_class_loader/5_ttv.typ b/4_class_loader/5_ttv.typ similarity index 100% rename from 5_class_loader/5_ttv.typ rename to 4_class_loader/5_ttv.typ diff --git a/5_class_loader/6_conclusion.typ b/4_class_loader/6_conclusion.typ similarity index 100% rename from 5_class_loader/6_conclusion.typ rename to 4_class_loader/6_conclusion.typ diff --git a/5_class_loader/X_var.typ b/4_class_loader/X_var.typ similarity index 100% rename from 5_class_loader/X_var.typ rename to 4_class_loader/X_var.typ diff --git a/5_class_loader/data/redef_sdk_16.csv b/4_class_loader/data/redef_sdk_16.csv similarity index 100% rename from 5_class_loader/data/redef_sdk_16.csv rename to 4_class_loader/data/redef_sdk_16.csv diff --git a/5_class_loader/data/redef_sdk_7minus.csv b/4_class_loader/data/redef_sdk_7minus.csv similarity index 100% rename from 5_class_loader/data/redef_sdk_7minus.csv rename to 4_class_loader/data/redef_sdk_7minus.csv diff --git a/5_class_loader/data/redef_sdk_8.csv b/4_class_loader/data/redef_sdk_8.csv similarity index 100% rename from 5_class_loader/data/redef_sdk_8.csv rename to 4_class_loader/data/redef_sdk_8.csv diff --git a/5_class_loader/data/results_50k.csv b/4_class_loader/data/results_50k.csv similarity index 100% rename from 5_class_loader/data/results_50k.csv rename to 4_class_loader/data/results_50k.csv diff --git a/5_class_loader/data/results_only.csv b/4_class_loader/data/results_only.csv similarity index 100% rename from 5_class_loader/data/results_only.csv rename to 4_class_loader/data/results_only.csv diff --git a/5_class_loader/figs/architecture_SDK-crop.svg b/4_class_loader/figs/architecture_SDK-crop.svg similarity index 100% rename from 5_class_loader/figs/architecture_SDK-crop.svg rename to 4_class_loader/figs/architecture_SDK-crop.svg diff --git a/5_class_loader/figs/call_graph_expected.svg b/4_class_loader/figs/call_graph_expected.svg similarity index 100% rename from 5_class_loader/figs/call_graph_expected.svg rename to 4_class_loader/figs/call_graph_expected.svg diff --git a/5_class_loader/figs/call_graph_obf.svg b/4_class_loader/figs/call_graph_obf.svg similarity index 100% rename from 5_class_loader/figs/call_graph_obf.svg rename to 4_class_loader/figs/call_graph_obf.svg diff --git a/5_class_loader/figs/classloaders-crop.svg b/4_class_loader/figs/classloaders-crop.svg similarity index 100% rename from 5_class_loader/figs/classloaders-crop.svg rename to 4_class_loader/figs/classloaders-crop.svg diff --git a/5_class_loader/figs/redef_sdk_relative_min_sdk.svg b/4_class_loader/figs/redef_sdk_relative_min_sdk.svg similarity index 100% rename from 5_class_loader/figs/redef_sdk_relative_min_sdk.svg rename to 4_class_loader/figs/redef_sdk_relative_min_sdk.svg diff --git a/5_class_loader/main.typ b/4_class_loader/main.typ similarity index 100% rename from 5_class_loader/main.typ rename to 4_class_loader/main.typ diff --git a/6_theseus/1_static_transformation.typ b/5_theseus/1_static_transformation.typ similarity index 84% rename from 6_theseus/1_static_transformation.typ rename to 5_theseus/1_static_transformation.typ index 911fffe..1e3e001 100644 --- a/6_theseus/1_static_transformation.typ +++ b/5_theseus/1_static_transformation.typ @@ -1,5 +1,11 @@ #import "../lib.typ": todo, APK, DEX, JAR, OAT, eg +/* +* Parler de dex lego et du papier qui encode les resultats d'anger en jimple +* +* +*/ + == Code Transformation #todo[Define code loading and reflection somewhere] @@ -129,8 +135,6 @@ In those cases, the parameters could be used directly whithout the detour inside === Code loading -#todo[custom class loaders] - An application can dynamically import code from several format like #DEX, #APK, #JAR or #OAT, either stored in memory or in a file. Because it is an internal, platform dependant format, we elected to ignore the #OAT format. Practically, #JAR and #APK files are zip files containing #DEX files. @@ -148,6 +152,24 @@ Specifically, to call dynamically loaded code, an application needs to use refle === Class Collisions +We saw in @sec:cl-obfuscation that having several classes with the same name in the same application can be problematic. +In @sec:th-trans-cl, we are adding code from another source. +By doing so, we augment the probability of having class collisions. +When loaded dynamically, the classes are in a different classloader, and the class resolution is resolved at runtime like we saw in @sec:cl-loading. +We decided to restrain our scope to the use of class loader from the Android SDK. +In the abscence of class collision, those class loader behave seamlessly and adding the classes to application maintains the behavior. + +When we detect a collision, we rename one of the classes colliding before injecting it to the application. +To avoid breaking the application, we then need to rename all references to this specific class, an be carefull not to modify references to the other class. +To do so, we regroup each classes by the classloaders defining them, then, for each colliding class name and each classloader, we check the actual class used by the classloader. +If the class has been renamed, we rename all reference to this class in the classes defined by this classloader. +To find the class used by a classloader, we reproduce the behavior of the different classloaders of the Android SDK. +This is an important step: remember that the delegation process can lead to situation where the class defined by a classloader is not the class that will be loaded when querying the classloader. + +#todo[renamin algo] + === Pitfalls #todo[interupting try blocks: catch block might expect temporary registers to still stored the saved value] +#todo[diferenciating the classloaders] +#todo[changing classloader with class collision] diff --git a/6_theseus/3_results.typ b/5_theseus/3_results.typ similarity index 100% rename from 6_theseus/3_results.typ rename to 5_theseus/3_results.typ diff --git a/6_theseus/4_ttv.typ b/5_theseus/4_ttv.typ similarity index 100% rename from 6_theseus/4_ttv.typ rename to 5_theseus/4_ttv.typ diff --git a/6_theseus/main.typ b/5_theseus/main.typ similarity index 100% rename from 6_theseus/main.typ rename to 5_theseus/main.typ diff --git a/abstract.typ b/abstract.typ index 7b4ca40..ed4ae95 100644 --- a/abstract.typ +++ b/abstract.typ @@ -4,6 +4,6 @@ #let keywords-fr = ("Android", "analyse de maliciels", "analyse statique", "chargement de classe", "brouillage de code") -#let abstract-en = lorem(175) +#let abstract-en = text(fill: luma(75%), lorem(175)) -#let abstract-fr = lorem(175) +#let abstract-fr = text(fill: luma(75%), lorem(175)) diff --git a/main.typ b/main.typ index 15641e0..7fab6ce 100644 --- a/main.typ +++ b/main.typ @@ -13,6 +13,19 @@ } else { true } +#let paper_draft = if "paper" in sys.inputs { + assert( + sys.inputs.paper == "true" or sys.inputs.paper == "false", + message: "If --input paper= is set, must be 'true', or 'false'" + ) + assert( + draft, + message: "paper can only be set if --input draft=true is set" + ) + sys.inputs.draft == "true" +} else { + false +} #show: matisse-thesis.with( title-fr: todo[Find a title], @@ -69,17 +82,23 @@ #counter(page).update(1) +// Augment interline when compiling to paper draft +#show par: set par(leading: 1.5em) if paper_draft +#show par: set par(spacing: 1.5em) if paper_draft +// Keep interline in table +#show table: set par(leading: 0.65em) if paper_draft + + #include("1_introduction/main.typ") #include("2_background/main.typ") -#include("3_related_work/main.typ") -#include("4_rasta/main.typ") -#include("5_class_loader/main.typ") -#include("6_theseus/main.typ") +#include("3_rasta/main.typ") +#include("4_class_loader/main.typ") +#include("5_theseus/main.typ") = Conclusion #todo[Conclude] -#lorem(500) +#text(fill: luma(75%), lorem(500)) #bibliography("bibliography.bib")