This commit is contained in:
parent
f309dd55b8
commit
d7df45b206
GPG key ID:
B66AEEDA9B645AD2
8 changed files with 64 additions and 56 deletions
|
|
@ -4,10 +4,11 @@
|
|||
== Overview <sec:th-overview>
|
||||
|
||||
Our objective is to make available some dynamic information to any analysis tool able to analyse an Android #APK.
|
||||
To do so, we elected to follow the path of a few contributions we presented in @sec:bg, such as DroidRA~@li_droidra_2016, and use instrumentation.
|
||||
Contrary to DroidRA, which uses static analysis to compute the values of strings and, from that, the methods used by reflection, we chose to use dynamic analysis.
|
||||
To do so, we elected to follow the same approach as a few contributions we presented in @sec:bg, such as DroidRA~@li_droidra_2016, and use instrumentation.
|
||||
As a reminder, DroidRA is a tool that uses COAL to compute reflection data statically, then instruments the application to directly call the methods.
|
||||
Contrary to DroidRA, we chose to use dynamic analysis.
|
||||
This allows us to collect information that is simply not available statically (#eg a string sent from a remote command and control server).
|
||||
The tradeoff being the lack of exhaustiveness: dynamic analysis is known to have code coverage issues.
|
||||
The tradeoff here is the lack of exhaustiveness: dynamic analysis is known to have code coverage issues.
|
||||
|
||||
#figure(
|
||||
raw-render(
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue