Current Java static analyzers, operating either on the source or byte-code level, exhibit unsoundness for programs that contain native code. We show that the Java Native Interface (JNI) specification, which is used by Java programs to interoperate with Java code, is principled enough to permit static reasoning about the effects of native code on program execution when it comes to call-backs. Our approach consists of disassembling native binaries, recovering static symbol information that corresponds to Java method signatures, and producing a model for statically exercising these native call-backs with appropriate mock objects. The approach manages to recover virtually all Java calls in native code, for both Android and Java desktop applications—(a) achieving 100% native-to-application call-graph recall on large Android applications (Chrome, Instagram) and (b) capturing the full native call-back behavior of the XCorpus suite programs.
Wed 22 JulDisplayed time zone: Tijuana, Baja California change
10:50 - 11:50 | BINARY ANALYSISTechnical Papers at Zoom Chair(s): Junaid Haroon Siddiqui Public Live Stream/Recording. Registered participants should join via the Zoom link distributed in Slack. | ||
10:50 20mTalk | Patch Based Vulnerability Matching for Binary Programs Technical Papers Yifei Xu , Zhengzi Xu , Bihuan Chen Fudan University, Fu Song , Yang Liu Nanyang Technological University, Singapore, Ting Liu Xi'an Jiaotong University DOI Media Attached | ||
11:10 20mTalk | Identifying Java Calls in Native Code via Binary Scanning Technical Papers George Fourtounis University of Athens, Leonidas Triantafyllou University of Athens, Yannis Smaragdakis University of Athens, Greece DOI Media Attached | ||
11:30 20mTalk | An Empirical Study on ARM Disassembly Tools Technical Papers Muhui Jiang , Yajin Zhou Zhejiang University, Xiapu Luo The Hong Kong Polytechnic University, Ruoyu Wang , Yang Liu Nanyang Technological University, Singapore, Kui Ren DOI | ||