This commit is contained in:
parent
d63b6a6f53
commit
1b461338b7
GPG key ID:
B66AEEDA9B645AD2
2 changed files with 82 additions and 15 deletions
96
slides.typ
96
slides.typ
|
|
@ -17,6 +17,8 @@
|
|||
)
|
||||
#codly-disable()
|
||||
|
||||
#let analyse-apk = move(dx: -50pt, image("slides/imgs/apk-analysis.svg", width: 300pt))
|
||||
|
||||
#set text(lang: "en")
|
||||
#set list(marker: none)
|
||||
#set par(leading: 0.2em)
|
||||
|
|
@ -148,6 +150,10 @@
|
|||
|
||||
- *Dynamic Code Loading*
|
||||
- *Reflection*
|
||||
|
||||
/*
|
||||
* Low effort yet efficiant, commonly found
|
||||
*/
|
||||
]
|
||||
]
|
||||
|
||||
|
|
@ -263,6 +269,15 @@
|
|||
)
|
||||
]
|
||||
|
||||
#slide(
|
||||
title: [Analysis Methods],
|
||||
foreground: eye-3(x: 3%, y: 5%)
|
||||
)[
|
||||
#set align(center+horizon)
|
||||
#analyse-apk
|
||||
]
|
||||
#counter("logical-slide").update( n => n - 1 )
|
||||
|
||||
#slide(
|
||||
foreground: ghost-5(x: 10%, y: 7%)
|
||||
)[
|
||||
|
|
@ -296,19 +311,42 @@
|
|||
]
|
||||
|
||||
#slide(
|
||||
title: [Analysing Applications: Which Tools?],
|
||||
title: [Which Tools?],
|
||||
foreground: eye-3(x: 3%, y: 5%)
|
||||
)[
|
||||
#set align(center+horizon)
|
||||
#move(dx: -50pt, image("slides/imgs/apk-analysis.svg", width: 300pt))
|
||||
#analyse-apk
|
||||
]
|
||||
|
||||
#counter("logical-slide").update( n => n - 1 )
|
||||
#slide(
|
||||
title: [Which Tools are Working?],
|
||||
foreground: eye-3(x: 3%, y: 5%)
|
||||
)[
|
||||
#set align(center+horizon)
|
||||
#analyse-apk
|
||||
]
|
||||
|
||||
#slide(
|
||||
title: [Problem Statement 1],
|
||||
)[
|
||||
#item-by-item[
|
||||
- Which tool to use?
|
||||
- Are they easy to install?
|
||||
- Are they working?
|
||||
]
|
||||
#highlight-block(pb1-text)
|
||||
]
|
||||
|
||||
#slide(
|
||||
title: [How does Class Loading works?],
|
||||
foreground: eye-3(x: 3%, y: 5%)
|
||||
)[
|
||||
#set align(center+horizon)
|
||||
#analyse-apk
|
||||
]
|
||||
#counter("logical-slide").update( n => n - 1 )
|
||||
|
||||
#slide(
|
||||
title: [Class Loading],
|
||||
)[
|
||||
|
|
@ -362,15 +400,17 @@
|
|||
- Doubious documentation
|
||||
- Not studied in the context of Android Static Analysis
|
||||
]
|
||||
]
|
||||
|
||||
#counter("logical-slide").update( n => n - 1 )
|
||||
#slide(
|
||||
title: [Problem Statement 3],
|
||||
)[
|
||||
#highlight-block(pb2-text)
|
||||
]
|
||||
|
||||
#slide(
|
||||
title: [Can we Deobfuscate?],
|
||||
foreground: eye-3(x: 3%, y: 5%)
|
||||
)[
|
||||
#set align(center+horizon)
|
||||
#analyse-apk
|
||||
]
|
||||
#counter("logical-slide").update( n => n - 1 )
|
||||
#slide(
|
||||
title: [Deobuscation],
|
||||
)[
|
||||
|
|
@ -394,10 +434,16 @@
|
|||
)
|
||||
]
|
||||
|
||||
#counter("logical-slide").update( n => n - 1 )
|
||||
//#counter("logical-slide").update( n => n - 1 )
|
||||
#slide(
|
||||
title: [Problem Statement 3],
|
||||
)[
|
||||
#item-by-item[
|
||||
- Dynamic analysis is good against DCL and reflection
|
||||
- Dynamic analysis is limited by code coverage
|
||||
- Static analysis is not
|
||||
- How to use existing tools without modifying them?
|
||||
]
|
||||
#highlight-block(pb3-text)
|
||||
]
|
||||
|
||||
|
|
@ -448,14 +494,14 @@
|
|||
title: [State of the Art],
|
||||
)[
|
||||
#set list(spacing: 0.5em)
|
||||
Li #etal:
|
||||
Li #etal (2017):
|
||||
#v(0pt)
|
||||
#item-by-item[
|
||||
- Systematic literature review for Android static analysis
|
||||
- Lists open-sourced tools
|
||||
- Does not test the tools
|
||||
]
|
||||
#uncover("4-")[Reaves #etal:]
|
||||
#uncover("4-")[Reaves #etal (2016):]
|
||||
#v(0pt)
|
||||
#item-by-item(start: 4)[
|
||||
- Tests 7 Android analysis tools
|
||||
|
|
@ -517,10 +563,11 @@
|
|||
ghost-2(x: 97%, y: 10%)
|
||||
|
||||
let x_0 = 112pt
|
||||
let y_0 = -117pt
|
||||
let y_0 = -116pt
|
||||
let w = 21pt
|
||||
let h = 235pt
|
||||
let h = 236pt
|
||||
let dx = 33.3
|
||||
let h_legend = 60pt
|
||||
|
||||
for i in range(20) {
|
||||
let color = if i in (2, 4, 6, 7, 8, 9, 14, 16, 18, 19) {
|
||||
|
|
@ -528,6 +575,24 @@
|
|||
} else {
|
||||
white.transparentize(10%)
|
||||
}
|
||||
if i == 1 {
|
||||
place(
|
||||
bottom + left,
|
||||
dx: x_0 + i*dx*1pt + w/2,
|
||||
dy: y_0,
|
||||
rect(
|
||||
width: w/2,
|
||||
height: h_legend,
|
||||
//stroke: red,
|
||||
fill: color,
|
||||
)
|
||||
)
|
||||
}
|
||||
let (y_0, h) = if i in (0, 1) {
|
||||
(y_0 - h_legend, h - h_legend)
|
||||
} else {
|
||||
(y_0, h)
|
||||
}
|
||||
place(
|
||||
bottom + left,
|
||||
dx: x_0 + i*dx*1pt,
|
||||
|
|
@ -626,6 +691,7 @@
|
|||
- Newer applications are harder to analyse
|
||||
- Applications with more bytecode are harder to analyse
|
||||
- Applications targetting more recent versions of Android are harder to analyse
|
||||
- Confirms and extends Reaves #etal
|
||||
]
|
||||
#v(1fr)
|
||||
#align(center, text(fill: pirat-color.blue.darken(30%))[International Conference on Software and Systems Reuse (ICSR 2024)])
|
||||
|
|
@ -681,8 +747,8 @@
|
|||
)[
|
||||
#set list(spacing: 3em)
|
||||
#item-by-item[
|
||||
- Previous contributions focus on Java runtime
|
||||
- Android related contributions focus on Dynamic Code Loading
|
||||
- Previous contributions focus on Java runtime (#eg Gong 1998)
|
||||
- Android related contributions focus on Dynamic Code Loading (#eg Zhang #etal 2015)
|
||||
]
|
||||
]
|
||||
|
||||
|
|
|
|||
|
|
@ -22,6 +22,7 @@ pirat-color.red,
|
|||
)
|
||||
|
||||
#let etal = [_et al._]
|
||||
#let eg = [_e.g._]
|
||||
|
||||
#let highlight-block(body) = {
|
||||
set text(fill: white)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue