Write a Blog >>
ICSE 2021
Mon 17 May - Sat 5 June 2021

This program is tentative and subject to change.

Inter-Component Communication (ICC) is a keymechanism in Android. It enables developers to compose rich functionalities and explore reuse within and across apps. Unfortunately, as reported by a large body of literature, ICC is rather “complex and largely unconstrained”, leaving room to a lack of precision in apps modeling. To address the challenge of tracking ICCs within apps, state of the art static approaches such as EPICC, ICCTA and AMANDROID have focused on the documented framework ICC methods (e.g., startActivity) to build their approaches. In this work we show that ICC models inferred in these state of the art tools may actually be incomplete: the framework provides other atypical ways of performing ICCs. To address this limitation in the state of the art, we propose RAICC a static approach for modeling new ICC links and thus boosting previous analysis tasks such as ICC vulnerability detection, privacy leaks detection, malware detection, etc. We have evaluated RAICC on 20 benchmark apps, demonstrating that it improves the precision and recall of uncovered leaks in state of the art tools. We have also performed a large empirical investigation showing that Atypical ICC methods are largely used in Android apps, although not necessarily for data transfer. We also show that RAICC increases the number of ICC links found by 61.6% on a dataset of real-world malicious apps, and that RAICC enables the detection of new ICC vulnerabilities.

This program is tentative and subject to change.

Thu 27 May
Times are displayed in time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

20:50 - 21:40
3.6.4. Security Vulnerabilities: General Issues #2NIER - New Ideas and Emerging Results / Technical Track at Blended Sessions Room 4 +12h
Chair(s): Francisco ServantVirginia Tech
20:50
20m
Paper
RAICC: Revealing Atypical Inter-Component Communication in Android AppsArtifact ReusableTechnical TrackArtifact Available
Technical Track
Jordan SamhiUniversity of Luxembourg, Alexandre BartelUniversity of Luxembourg, Tegawendé F. BissyandéSnT, University of Luxembourg, Jacques KleinUniversity of Luxembourg
DOI Pre-print
21:10
15m
Paper
Towards a Model-Integrated Runtime Monitoring Infrastructure for Cyber-Physical SystemsNIER
NIER - New Ideas and Emerging Results
Michael VierhauserJohannes Kepler University Linz, Hussein MarahJohannes Kepler University Linz, Antonio GarmendiaJohannes Kepler University Linz, Jane Cleland-HuangUniversity of Notre Dame, Manuel WimmerJKU Linz
Pre-print
21:25
15m
Research paper
Should you Upgrade Official Docker Hub Images in Production Environments?NIER
NIER - New Ideas and Emerging Results
Sara GholamiUniversity of Alberta, Hamzeh KhazaeiYork University, Cor-Paul BezemerUniversity of Alberta
Pre-print File Attached

Fri 28 May
Times are displayed in time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

08:50 - 09:40
3.6.4. Security Vulnerabilities: General Issues #2NIER - New Ideas and Emerging Results / Technical Track at Blended Sessions Room 4
08:50
20m
Paper
RAICC: Revealing Atypical Inter-Component Communication in Android AppsArtifact ReusableTechnical TrackArtifact Available
Technical Track
Jordan SamhiUniversity of Luxembourg, Alexandre BartelUniversity of Luxembourg, Tegawendé F. BissyandéSnT, University of Luxembourg, Jacques KleinUniversity of Luxembourg
DOI Pre-print
09:10
15m
Paper
Towards a Model-Integrated Runtime Monitoring Infrastructure for Cyber-Physical SystemsNIER
NIER - New Ideas and Emerging Results
Michael VierhauserJohannes Kepler University Linz, Hussein MarahJohannes Kepler University Linz, Antonio GarmendiaJohannes Kepler University Linz, Jane Cleland-HuangUniversity of Notre Dame, Manuel WimmerJKU Linz
Pre-print
09:25
15m
Research paper
Should you Upgrade Official Docker Hub Images in Production Environments?NIER
NIER - New Ideas and Emerging Results
Sara GholamiUniversity of Alberta, Hamzeh KhazaeiYork University, Cor-Paul BezemerUniversity of Alberta
Pre-print File Attached
Hide past events

Information for Participants
Info for Blended Sessions Room 4: