Jean-Marie 'Histausse' Mineau
10df431972
All checks were successful
/ test_checkout (push) Successful in 1m42s
20 lines
1.5 KiB
Typst
20 lines
1.5 KiB
Typst
#import "../lib.typ": pb3, pb3-text, highlight-block, todo
|
|
|
|
== Conclusion <sec:th-conclusion>
|
|
|
|
In this chapter, we presented a set of transformations to apply to an application to encode reflection calls and code loaded dynamically inside the application.
|
|
We also presented a dynamic analysis approach to collect the information needed to perform those transformations.
|
|
|
|
We then applied this method to a recent subset of applications of our dataset from @sec:rasta.
|
|
When comparing the success rate of the tools of @sec:rasta on the applications before and after the transformation, we found that, in general, the success rate of those tools slightly decreases, with a few exceptions.
|
|
We also showed that our transformation indeed allows static analysis tools to access and process that runtime information in their analysis.
|
|
However, a more in-depth look at the results of our dynamic analysis showed that our code coverage is lacking, and that the great majority of dynamically loaded code we intercepted is from generic advertisement and telemetry libraries.
|
|
|
|
#v(2em)
|
|
|
|
#align(center, highlight-block(inset: 15pt, width: 75%, breakable: false, block(align(left)[
|
|
#pb3: #pb3-text
|
|
#v(0.75em)
|
|
We showed that instrumentation can be used to add direct calls to methods initially called through reflections, which, combined with the injection in the application of dynamically loaded bytecode, allows generic static analysis tools to access previously unavailable code.
|
|
However, we also found that the dynamic analysis can be a significant bottleneck in this approach.
|
|
])))
|