Static Methods for Large-scale Android Supply Chain Analysis

Slides of my PhD Presentation

Here you can find the slides from my PhD presentation, the presentation included a few animations that have been expanded using a plugin for LibreOffice ExpandAnimations Plugin.

My PhD research focuses on various aspects of Security and Privacy within the Android Operating System. The presentation is based primarily on the four main chapters of the thesis. The first chapter explores Android updates through the software known as FOTA (Firmware Over-The-Air). The second chapter analyzes the different mechanisms available in Android for app installations, as well as research conducted to identify the types of apps installed on user devices. The third chapter introduces Kunai, a static analysis library we developed for Dalvik and APK files. Finally, the fourth chapter covers the world of Android obfuscation, where we analyzed the use of different software protectors, using APKiD as our tool for identifying them.

Static Methods for Large-scale Android Supply Chain Analysis

PDF version of my PhD

My PhD thesis can be found on UC3M website: PhD Thesis

Next you can find the abstract:

Abstract

In today’s digital age, smartphones have become indispensable devices and are integrated into all aspects of our lives. They store personal information, facilitate business management, and serve as entertainment centers. The Android platform, with its enormous market share, is at the forefront of this mobile revolution. Since these devices play a critical role in our daily lives, it is imperative to analyze the complexities of the Android security and privacy landscape.

This dissertation explores critical facets of Android security, addressing notable research gaps in three key areas. First, it investigates the complex world of Android OverThe-Air (OTA) system updates, describing for the first time the ecosystem of the firmware applications. This research sheds light on potential security and privacy vulnerabilities in the update process, highlighting the complexities of the Android supply chain.

The second contribution in this thesis delves into static analysis tools for Android applications, essential to guarantee the security of the wide range of mobile applications that flood the existing application markets. With an increasing number of applications being loaded daily, robust tools that offer reliable and efficient static analysis become essential. The research conducted in this area focuses on the development of an advanced framework, named Kunai, designed to overcome the limitations of existing analysis tools. This tool offers a better performance, facilitating large-scale analysis of Android applications.

Finally, the third contribution in this dissertation investigates software protection techniques for Android software, a crucial aspect given the prevalence of applications in critical sectors such as banking and healthcare. With increasing reliance on smartphones for sensitive tasks, protecting applications from reverse engineering and tampering has become a security requirement for certain applications. The work presented in this dissertation creates a comprehensive taxonomy of existing anti-analysis techniques, shedding light on their prevalence in the Android ecosystem.

In summary, this thesis presents original contributions in the Android security landscape. It provides valuable insights into the complexities of OTA updates, offers innovative solutions to static analysis challenges, and reveals the diverse world of software protection techniques. Through this work, we bridge crucial gaps in our understanding of Android security, opening the door for future research in this dynamic field.

I hope you find it interesting!