Talk 1: Precisely Extracting Complex Variable Values from Android Apps
Millions of users nowadays rely on their smartphones to process sensitive data through apps from various vendors and sources. Therefore, it is vital to assess these apps for security vulnerabilities and privacy violations. Information such as to which server an app connects through which protocol, and which algorithm it applies for encryption are usually encoded as variable values and arguments of API calls. However, extracting these values from an app is not trivial. The source code of an app is usually not available, and manual reverse engineering is cumbersome with binary sizes in the tens of megabytes. Current automated tools, however, cannot retrieve values that are computed at runtime through complex transformations such as string encryption. This talk will discuss our prototype called ValDroid that automatically extracts values in Android applications by utilizing static backward slicing and value models for API calls. Furthermore, it shows how to extract values using dynamic analysis for the purpose of generating a ground truth for the evaluation of ValDroid.
Sun 27 AprDisplayed time zone: Eastern Time (US & Canada) change
11:00 - 12:30 | |||
11:00 30mTalk | Talk 1: Precisely Extracting Complex Variable Values from Android Apps Research Track Marc Miltenberger Fraunhofer SIT; ATHENE | ||
11:30 15mPaper | SEESAW: An Educational App for Smart Kiosks App Track Nearchos Paspallis University of Central Lancashire, Cyprus, Nicos Kasenides UCLan Cyprus, Natalie Evans Amsterdam UMC location Vrije Universiteit | ||
11:45 15mResearch paper | LLMs in Mobile Apps: Practices, Challenges, and Opportunities Research Track Kimberly Hau University of Toronto, Safwat Hassan University of Toronto, Shurui Zhou University of Toronto | ||
12:00 15mResearch paper | AccessiblePreview: Facilitating the Implementation and Visualization of Accessibility in Mobile Applications Developed with SwiftUI Research Track Samuel Brasileiro dos Santos Neto Universidade Federal do Pernambuco, Kiev Gama Universidade Federal de Pernambuco | ||
12:15 15mResearch paper | Breaking Barriers in Mobile Accessibility: A Study of LLM-Generated Native Android Interfaces Research Track Daniel Mesquita Federal University of Ceará, Ribamar Souza Federal University of Ceará, Isaac Santos Federal University of Ceará, Paulo Henrique Federal University of Ceará, Kiev Gama Universidade Federal de Pernambuco, Windson Viana Federal University of Ceará |