these-android-re/thesis
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

wip conclusion
Some checks failed
/ test_checkout (push) Has been cancelled
Details

Browse source
This commit is contained in:
Jean-Marie 'Histausse' Mineau 2025-09-23 03:51:04 +02:00
parent 10df431972
commit e845197c0b
Signed by: histausse
GPG key ID: B66AEEDA9B645AD2
3 changed files with 5 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

4
3_rasta/data/data-final.csv
View file

@ -19,9 +19,9 @@ IccTA ;liIccTADetectingInterComponent2015;ok;ok;https://github.com/lilicoding/so
Lotrack ;lillackTrackingLoadtimeConfiguration2014;ko;ok;https://github.com/MaxLillack/Lotrack;github;ko;bad;;Authors ack. a partial doc.;ko;ok;Java;Apache 2.0;?;MaxLillack/Lotrack;5;ko;2017-05-11;origin;5;2017-05-11;2;auto;https://github.com/MaxLillack/Lotrack
MalloDroid ;fahlWhyEveMallory2012;nr;ok;https://github.com/sfahl/mallodroid;github;ok;ok;;;ko;ko;Python;LGPL 3.0;U16.04;sfahl/mallodroid;64;ko;2013-12-30;origin;64;2013-12-30;10;auto;https://github.com/sfahl/mallodroid
PerfChecker ;liuCharacterizingDetectingPerformance2014;ko;ko;http://castle.cse.ust.hk/perfchecker/tool_obtain.php;request;bad;ok;;Binary obtained from authors;;ok;Java;Proprietary;U14.04;authors;;ko;--;origin;;--;;Perfchecker;???
Poeplau #etal;DBLPconfndssPoeplauFBKV14; ko ;bad;https://github.com/sebastianpoeplau/android-whitelists;github;ko;ko;EXCLUDE;Related to Android hardening;ko;;;;;sebastianpoeplau/android-whitelists;1;ko;2014-03-14;origin;1;2014-03-14;0;auto;https://github.com/sebastianpoeplau/android-whitelists
Poeplau #etal;DBLPconfndssPoeplauFBKV14;ko;bad;https://github.com/sebastianpoeplau/android-whitelists;github;ko;ko;EXCLUDE;Related to Android hardening;ko;;;;;sebastianpoeplau/android-whitelists;1;ko;2014-03-14;origin;1;2014-03-14;0;auto;https://github.com/sebastianpoeplau/android-whitelists
Redexer ;jeonDrAndroidMr2012;ko;ok;https://github.com/plum-umd/redexer;github;ok;ok;;;ko;ok;Ocaml/Ruby;3-Clause BSD;U22.04;plum-umd/redexer;153;ko;2021-05-20;origin;153;2021-05-20;0;auto;https://github.com/plum-umd/redexer
SAAF ;hoffmannSlicingDroidsProgram2013;ok;ok;https://github.com/SAAF-Developers/saaf;github;ok;ok;;;ko;ok;Java;GPL 3.0;U14.04;SAAF-Developers/saaf;35;ko;2015-09-01;origin;35;2015-09-01;5;auto;https://github.com/SAAF-Developers/saaf
StaDynA ;zhauniarovichStaDynAAddressingProblem2015; ko ;ok;https://github.com/zyrikby/StaDynA;request;ok;ko;EXCLUDE;Hybrid tool (static/dynamic);;;;;;authors;;;2020-02-14;origin;;2020-02-14;;Stadyna;https://github.com/zyrikby/StaDynA
StaDynA ;zhauniarovichStaDynAAddressingProblem2015;ko;ok;https://github.com/zyrikby/StaDynA;request;ok;ko;EXCLUDE;Hybrid tool (static/dynamic);;;;;;authors;;;2020-02-14;origin;;2020-02-14;;Stadyna;https://github.com/zyrikby/StaDynA
Thresher ;blackshearThresherPreciseRefutations2013;ko;ok;https://github.com/cuplv/thresher;github;ok;bad;;Not built with authors help;ko;ok;Java;Apache 2.0;U14.04;cuplv/thresher;31;ko;2014-10-25;origin;31;2014-10-25;1;auto;https://github.com/cuplv/thresher
Wognsen #etal;wognsenFormalisationAnalysisDalvik2014;nr;ok;https://bitbucket.org/erw/dalvik-bytecode-analysis-tool/src/master/;bitbucket;ko;ok;;;ko;ko;Python/Prolog;No licence;U22.04;erw/dalvik-bytecode-analysis-tool;;;2022-06-27;origin;;2022-06-27;;Wognsen;???

1 tool citekey binary source url repo documentation decision exclude why forkusable authorconfirmed lang licences os origin stars alive date selected selectedstars selecteddate nbaliveforks remark urlselected
19 Lotrack lillackTrackingLoadtimeConfiguration2014 ko ok https://github.com/MaxLillack/Lotrack github ko bad Authors ack. a partial doc. ko ok Java Apache 2.0 ? MaxLillack/Lotrack 5 ko 2017-05-11 origin 5 2017-05-11 2 auto https://github.com/MaxLillack/Lotrack
20 MalloDroid fahlWhyEveMallory2012 nr ok https://github.com/sfahl/mallodroid github ok ok ko ko Python LGPL 3.0 U16.04 sfahl/mallodroid 64 ko 2013-12-30 origin 64 2013-12-30 10 auto https://github.com/sfahl/mallodroid
21 PerfChecker liuCharacterizingDetectingPerformance2014 ko ko http://castle.cse.ust.hk/perfchecker/tool_obtain.php request bad ok Binary obtained from authors ok Java Proprietary U14.04 authors ko -- origin -- Perfchecker ???
22 Poeplau #etal DBLPconfndssPoeplauFBKV14 ko ko bad https://github.com/sebastianpoeplau/android-whitelists github ko ko EXCLUDE Related to Android hardening ko sebastianpoeplau/android-whitelists 1 ko 2014-03-14 origin 1 2014-03-14 0 auto https://github.com/sebastianpoeplau/android-whitelists
23 Redexer jeonDrAndroidMr2012 ko ok https://github.com/plum-umd/redexer github ok ok ko ok Ocaml/Ruby 3-Clause BSD U22.04 plum-umd/redexer 153 ko 2021-05-20 origin 153 2021-05-20 0 auto https://github.com/plum-umd/redexer
24 SAAF hoffmannSlicingDroidsProgram2013 ok ok https://github.com/SAAF-Developers/saaf github ok ok ko ok Java GPL 3.0 U14.04 SAAF-Developers/saaf 35 ko 2015-09-01 origin 35 2015-09-01 5 auto https://github.com/SAAF-Developers/saaf
25 StaDynA zhauniarovichStaDynAAddressingProblem2015 ko ko ok https://github.com/zyrikby/StaDynA request ok ko EXCLUDE Hybrid tool (static/dynamic) authors 2020-02-14 origin 2020-02-14 Stadyna https://github.com/zyrikby/StaDynA
26 Thresher blackshearThresherPreciseRefutations2013 ko ok https://github.com/cuplv/thresher github ok bad Not built with author’s help ko ok Java Apache 2.0 U14.04 cuplv/thresher 31 ko 2014-10-25 origin 31 2014-10-25 1 auto https://github.com/cuplv/thresher
27 Wognsen #etal wognsenFormalisationAnalysisDalvik2014 nr ok https://bitbucket.org/erw/dalvik-bytecode-analysis-tool/src/master/ bitbucket ko ok ko ko Python/Prolog No licence U22.04 erw/dalvik-bytecode-analysis-tool 2022-06-27 origin 2022-06-27 Wognsen ???

2
4_class_loader/6_conclusion.typ
View file

@ -6,7 +6,7 @@
#todo[Ca serait bien de faire un PR ou deux a Jadx/Androguard/Soot quand même]
This chapter has presented three shadow attacks that allow malware developers to fool static analysis tools when reversing an Android application.
By including multiple classes with the same name or by using the same name as a class of the #Asdk, the developer can mislead a reverser or impact the result of a flow analysis, such as the ones of Androguard or Flowdroid.
By including multiple classes with the same name or by using the same name as a class of the #Asdk, the developer can mislead a reverse engineer or impact the result of a flow analysis, such as the ones of Androguard or Flowdroid.
We explored if such shadow attacks are present in as dataset of #nbapk applications .
We found that on average, #shadowsdk of applications are shadowing the #SDK, mainly for retro-compatibility purposes and library embedding.

13
6_conclusion/main.typ
View file

@ -5,14 +5,5 @@
//#epigraph("Spoon Boy, The Matrix")[There is no spoon.] // lol
#epigraph("Kate \"Acid Burn\" Libby, Hackers")[You know if you would have said so in the beginning, you would have saved yourself a whole lot of trouble.]
#todo[Conclude]
/*
* Futur work: mon unique pov pour le futur: what need to be done
*
* Take aways depuis l'intro
* puis résumé des contributions majeurs, un paragraphe par contrib
*
* future work plus haut niveau: reprandre les plus important et/ou des plus large: eg: quide web-base? flutter?
*/
#include("1_contributions.typ")
#include("2_futur.typ")