Static analysis of implicit control flow: Resolving Java reflection and Android intents

Download: PDF, slides (PDF), slides (PowerPoint), extended version, SPARTA toolset, Checker Framework.

“Static analysis of implicit control flow: Resolving Java reflection and Android intents” by Paulo Barros, René Just, Suzanne Millstein, Paul Vines, Werner Dietl, Marcelo d'Amorim, and Michael D. Ernst. In ASE 2015: Proceedings of the 30th Annual International Conference on Automated Software Engineering, (Lincoln, NE, USA), Nov. 2015, pp. 669-679.
An extended version appeared as “Static analysis of implicit control flow: Resolving Java reflection and Android intents (extended version)” by Paulo Barros, René Just, Suzanne Millstein, Paul Vines, Werner Dietl, Marcelo d'Amorim, and Michael D. Ernst. University of Washington Department of Computer Science and Engineering technical report UW-CSE-15-08-01, (Seattle, WA, USA), Aug. 2015.
A previous version appeared as University of Washington Department of Computer Science and Engineering technical report UW-CSE-15-05-01, (Seattle, WA, USA), May 2015.

Abstract

Implicit or indirect control flow is a transfer of control between procedures using some mechanism other than an explicit procedure call. Implicit control flow is a staple design pattern that adds flexibility to system design. However, it is challenging for a static analysis to compute or verify properties about a system that uses implicit control flow.

This paper presents static analyses for two types of implicit control flow that frequently appear in Android apps: Java reflection and Android intents. Our analyses help to resolve where control flows and what data is passed. This information improves the precision of downstream analyses, which no longer need to make conservative assumptions about implicit control flow.

We have implemented our techniques for Java. We enhanced an existing security analysis with a more precise treatment of reflection and intents. In a case study involving ten real-world Android apps that use both intents and reflection, the precision of the security analysis was increased on average by two orders of magnitude. The precision of two other downstream analyses was also improved.

Download: PDF, slides (PDF), slides (PowerPoint), extended version, SPARTA toolset, Checker Framework.

BibTeX entry:

@inproceedings{BarrosJMVDdAE2015,
   author = {Paulo Barros and Ren{\'e} Just and Suzanne Millstein and Paul
	Vines and Werner Dietl and Marcelo d'Amorim and Michael D. Ernst},
   title = {Static analysis of implicit control flow: Resolving {Java}
	reflection and {Android} intents},
   booktitle = {ASE 2015: Proceedings of the 30th Annual International
	Conference on Automated Software Engineering},
   pages = {669-679},
   address = {Lincoln, NE, USA},
   month = nov,
   year = {2015}
}

(This webpage was created with bibtex2web.)

Back to Michael Ernst's publications.