TY - GEN
T1 - FlowCog
T2 - 27th USENIX Security Symposium
AU - Pan, Xiang
AU - Cao, Yinzhi
AU - Du, Xuechao
AU - He, Boyuan
AU - Fang, Gan
AU - Chen, Yan
N1 - Funding Information:
10 Acknowledgement We would like to thank anonymous reviewers for their helpful comments and feedback. This work was supported in part by National Science Foundation (NSF) grants CNS-15-63843 and CNS-14-08790 and U.S. Defense Advanced Research Projects Agency (DARPA) under agreement number FA8650-15-C-7561. The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of NSF.
PY - 2018/1/1
Y1 - 2018/1/1
N2 - Android apps having access to private information may be legitimate, depending on whether the app provides users enough semantics to justify the access. Existing works analyzing app semantics are coarse-grained, staying on the app-level. That is, they can only identify whether an app, as a whole, should request a certain permission, but cannot answer whether a specific app behavior under certain runtime context, such as an information flow, is correctly justified. To address this issue, we propose FlowCog, an automated, flow-level system to extract flow-specific semantics and correlate such semantics with given information flows. Particularly, FlowCog statically finds all the Android views that are related to the given flow via control or data dependencies, and then extracts semantics, such as texts and images, from these views and associated layouts. Next, FlowCog adopts a natural language processing (NLP) approach to infer whether the extracted semantics are correlated with the given flow. FlowCog is open-source and available at https://github.com/SocietyMaster/FlowCog. Our evaluation shows that FlowCog can achieve a precision of 90.1% and a recall of 93.1%.
AB - Android apps having access to private information may be legitimate, depending on whether the app provides users enough semantics to justify the access. Existing works analyzing app semantics are coarse-grained, staying on the app-level. That is, they can only identify whether an app, as a whole, should request a certain permission, but cannot answer whether a specific app behavior under certain runtime context, such as an information flow, is correctly justified. To address this issue, we propose FlowCog, an automated, flow-level system to extract flow-specific semantics and correlate such semantics with given information flows. Particularly, FlowCog statically finds all the Android views that are related to the given flow via control or data dependencies, and then extracts semantics, such as texts and images, from these views and associated layouts. Next, FlowCog adopts a natural language processing (NLP) approach to infer whether the extracted semantics are correlated with the given flow. FlowCog is open-source and available at https://github.com/SocietyMaster/FlowCog. Our evaluation shows that FlowCog can achieve a precision of 90.1% and a recall of 93.1%.
UR - http://www.scopus.com/inward/record.url?scp=85069970912&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85069970912&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:85069970912
T3 - Proceedings of the 27th USENIX Security Symposium
SP - 1669
EP - 1685
BT - Proceedings of the 27th USENIX Security Symposium
PB - USENIX Association
Y2 - 15 August 2018 through 17 August 2018
ER -