{"id":4816,"date":"2023-01-06T12:03:05","date_gmt":"2023-01-06T11:03:05","guid":{"rendered":"https:\/\/www.uni.lu\/snt-en\/events\/phd-defense-analyzing-the-unanalyzable-an-application-to-android-applications\/"},"modified":"2024-06-21T08:04:37","modified_gmt":"2024-06-21T06:04:37","slug":"doctoral-defence-analyzing-the-unanalyzable-an-application-to-android-applications","status":"publish","type":"events","link":"https:\/\/www.uni.lu\/snt-en\/events\/doctoral-defence-analyzing-the-unanalyzable-an-application-to-android-applications\/","title":{"rendered":"Doctoral Defence: Analyzing the Unanalyzable: an application to Android Applications."},"content":{"rendered":"\n<section class=\"wp-block-unilux-blocks-free-section section\"><div class=\"container xl:max-w-screen-xl\">\n<p>The defence will take place physically in room E004 at JFK Building (Campus Kirchberg).<\/p>\n\n\n\n<p><strong>Members of the defence committee:<\/strong><\/p>\n\n\n\n<p>Prof Dr.&nbsp;Tegawend\u00e9 F. Bissyand\u00e9, University of Luxembourg, Chairman<\/p>\n\n\n\n<p>Prof Dr.&nbsp;Michael D. Ernst, University of Washington, Vice-Chairman<\/p>\n\n\n\n<p>Prof Dr.&nbsp;Jacques Klein, University of Luxembourg, Supervisor<\/p>\n\n\n\n<p>Prof Dr.&nbsp;Andreas Zeller, CISPA Helmholtz Center for Information Security, Member<\/p>\n\n\n\n<p>Prof Dr.&nbsp;Mauro Conti, University of Padua, Member<\/p>\n\n\n\n<p>Prof Dr.&nbsp;Li Li, Monash University, Expert<\/p>\n\n\n\n<p>\u200c<strong>Abstract:<\/strong><\/p>\n\n\n\n<p>&#8220;In general, software is unreliable. Its behavior can deviate from users\u2019 expectations because of bugs, vulnerabilities, or even malicious code. Manually vetting software is a challenging, tedious, and highly-costly task that does not scale. To alleviate excessive costs and analysts\u2019 burdens, automated static analysis techniques have been proposed by both the research and practitioner communities making static analysis a central topic in software engineering. In the meantime, mobile apps have considerably grown in importance. Today, most humans carry software in their pockets, with the Android operating system leading the market. Millions of apps have been proposed to the public so far, targeting a wide range of activities such as games, health, banking, GPS, etc. Hence, Android apps collect and manipulate a considerable amount of sensitive information, which puts users\u2019 security and privacy at risk. Consequently, it is paramount to ensure that apps distributed through public channels (e.g., the Google Play) are free from malicious code. Hence, the research and practitioner communities have put much effort into devising new automated techniques to vet Android apps against malicious activities over the last decade.<\/p>\n\n\n\n<p>Analyzing Android apps is, however, challenging. On the one hand, the Android framework proposes constructs that can be used to evade dynamic analysis by triggering the malicious code only under certain circumstances, e.g., if the device is not an emulator and is currently connected to power. Hence, dynamic analyses can -easily- be fooled by malicious developers by making some code fragments difficult to reach. On the other hand, static analyses are challenged by Android-specific constructs that limit the coverage of off-the-shell static analyzers. The research community has already addressed some of these constructs, including inter-component communication or lifecycle methods. However, other constructs, such as implicit calls (i.e., when the Android framework asynchronously triggers a method in the app code), make some app code fragments unreachable to the static analyzers, while these fragments are executed when the app is run. Altogether, many apps\u2019 code parts are unanalyzable: they are either not reachable by dynamic analyses or not covered by static analyzers.<\/p>\n\n\n\n<p>\u200cIn this manuscript, we describe our contributions to the research effort from two angles: (1) statically detecting malicious code hidden from dynamic analyzers because they are triggered under specific circumstances; and (2) statically exposing code hidden from existing static analyzers to improve the comprehensiveness of app analyses. More precisely, in Part 1, we first present a replication study of a state-of-the-art static logic bomb detector to better show its limitations. We then introduce a novel hybrid approach for detecting suspicious hidden sensitive operations towards triaging logic bombs. We finally detail the construction of a dataset of Android apps automatically infected with logic bombs. In Part 2, we present our work to improve the comprehensiveness of Android apps\u2019 static analysis. More specifically, we first show how we contributed to account for atypical inter-component communication in Android apps. Then, we present a novel approach to unify both the bytecode and native in Android apps to account for the multi-language trend in app development. Finally, we present our work to resolve conditional implicit calls in Android apps to improve static and dynamic analyzers.&#8221;<\/p>\n<\/div><\/section>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":33,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"open","ping_status":"closed","template":"","format":"standard","meta":{"featured_image_focal_point":[],"show_featured_caption":false,"ulux_newsletter_groups":"","uluxPostTitle":"","uluxPrePostTitle":"","_trash_the_other_posts":false,"_price":"","_stock":"","_tribe_ticket_header":"","_tribe_default_ticket_provider":"","_tribe_ticket_capacity":"0","_ticket_start_date":"","_ticket_end_date":"","_tribe_ticket_show_description":"","_tribe_ticket_show_not_going":false,"_tribe_ticket_use_global_stock":"","_tribe_ticket_global_stock_level":"","_global_stock_mode":"","_global_stock_cap":"","_tribe_rsvp_for_event":"","_tribe_ticket_going_count":"","_tribe_ticket_not_going_count":"","_tribe_tickets_list":"[]","_tribe_ticket_has_attendee_info_fields":false,"event_start_date":"2023-01-09 15:00:00","event_end_date":"2023-01-09 17:00:00","event_speaker_name":"Jordan Samhi ","event_speaker_link":"","event_is_online":false,"event_location":"Campus Kirchberg, JFK Building, room E004","event_street":"6, rue Richard Couden\u00ad\u00ad\u00adhove-Kalergi","event_location_link":"https:\/\/www.uni.lu\/en\/about\/campuses\/kirchberg-campus\/","event_zip_code":"L-1359","event_city":"Luxembourg ","event_country":"Luxembourg"},"events-topic":[],"events-type":[],"organisation":[184],"authorship":[33],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.3 (Yoast SEO v22.3) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Doctoral Defence: Analyzing the Unanalyzable: an application to Android Applications. - SnT - University of Luxembourg I Uni.lu<\/title>\n<meta name=\"description\" content=\"The defence will take place physically in room E004 at JFK Building (Campus Kirchberg). Members of the defence committee: Prof Dr.&nbsp;Tegawend\u00e9 F.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.uni.lu\/snt-en\/events\/doctoral-defence-analyzing-the-unanalyzable-an-application-to-android-applications\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Doctoral Defence: Analyzing the Unanalyzable: an application to Android Applications.\" \/>\n<meta property=\"og:description\" content=\"The defence will take place physically in room E004 at JFK Building (Campus Kirchberg). Members of the defence committee: Prof Dr.&nbsp;Tegawend\u00e9 F.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.uni.lu\/snt-en\/events\/doctoral-defence-analyzing-the-unanalyzable-an-application-to-android-applications\/\" \/>\n<meta property=\"og:site_name\" content=\"SnT EN\" \/>\n<meta property=\"article:modified_time\" content=\"2024-06-21T06:04:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/5\/2026\/03\/03112604\/SNT_SM-Profile_1600x1600px-scaled.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"2560\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.uni.lu\/snt-en\/events\/doctoral-defence-analyzing-the-unanalyzable-an-application-to-android-applications\/\",\"url\":\"https:\/\/www.uni.lu\/snt-en\/events\/doctoral-defence-analyzing-the-unanalyzable-an-application-to-android-applications\/\",\"name\":\"Doctoral Defence: Analyzing the Unanalyzable: an application to Android Applications. - SnT - University of Luxembourg I Uni.lu\",\"isPartOf\":{\"@id\":\"https:\/\/www.uni.lu\/snt-en\/#website\"},\"datePublished\":\"2023-01-06T11:03:05+00:00\",\"dateModified\":\"2024-06-21T06:04:37+00:00\",\"description\":\"The defence will take place physically in room E004 at JFK Building (Campus Kirchberg). Members of the defence committee: Prof Dr.&nbsp;Tegawend\u00e9 F.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.uni.lu\/snt-en\/events\/doctoral-defence-analyzing-the-unanalyzable-an-application-to-android-applications\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.uni.lu\/snt-en\/events\/doctoral-defence-analyzing-the-unanalyzable-an-application-to-android-applications\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.uni.lu\/snt-en\/events\/doctoral-defence-analyzing-the-unanalyzable-an-application-to-android-applications\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.uni.lu\/en\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Interdisciplinary Centre for Security, Reliability and Trust (SnT)\",\"item\":\"https:\/\/www.uni.lu\/snt-en\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Events\",\"item\":\"https:\/\/www.uni.lu\/snt-en\/events\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Doctoral Defence: Analyzing the Unanalyzable: an application to Android Applications.\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.uni.lu\/snt-en\/#website\",\"url\":\"https:\/\/www.uni.lu\/snt-en\/\",\"name\":\"SnT\",\"description\":\"Interdisciplinary Centre for Security, Reliability and Trust I Uni.lu\",\"publisher\":{\"@id\":\"https:\/\/www.uni.lu\/snt-en\/#organization\"},\"alternateName\":\"Interdisciplinary Centre for Security, Reliability and Trust I University of Luxembourg\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.uni.lu\/snt-en\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.uni.lu\/snt-en\/#organization\",\"name\":\"SnT - University of Luxembourg I Uni.lu\",\"alternateName\":\"Interdisciplinary Centre for Security, Reliability and Trust\",\"url\":\"https:\/\/www.uni.lu\/snt-en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.uni.lu\/snt-en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/5\/2026\/03\/03112604\/SNT_SM-Profile_1600x1600px-scaled.jpg\",\"contentUrl\":\"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/5\/2026\/03\/03112604\/SNT_SM-Profile_1600x1600px-scaled.jpg\",\"width\":2560,\"height\":2560,\"caption\":\"SnT - University of Luxembourg I Uni.lu\"},\"image\":{\"@id\":\"https:\/\/www.uni.lu\/snt-en\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.linkedin.com\/school\/snt-lu\/\"]}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Doctoral Defence: Analyzing the Unanalyzable: an application to Android Applications. - SnT - University of Luxembourg I Uni.lu","description":"The defence will take place physically in room E004 at JFK Building (Campus Kirchberg). Members of the defence committee: Prof Dr.&nbsp;Tegawend\u00e9 F.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.uni.lu\/snt-en\/events\/doctoral-defence-analyzing-the-unanalyzable-an-application-to-android-applications\/","og_locale":"en_GB","og_type":"article","og_title":"Doctoral Defence: Analyzing the Unanalyzable: an application to Android Applications.","og_description":"The defence will take place physically in room E004 at JFK Building (Campus Kirchberg). Members of the defence committee: Prof Dr.&nbsp;Tegawend\u00e9 F.","og_url":"https:\/\/www.uni.lu\/snt-en\/events\/doctoral-defence-analyzing-the-unanalyzable-an-application-to-android-applications\/","og_site_name":"SnT EN","article_modified_time":"2024-06-21T06:04:37+00:00","og_image":[{"width":2560,"height":2560,"url":"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/5\/2026\/03\/03112604\/SNT_SM-Profile_1600x1600px-scaled.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_misc":{"Estimated reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.uni.lu\/snt-en\/events\/doctoral-defence-analyzing-the-unanalyzable-an-application-to-android-applications\/","url":"https:\/\/www.uni.lu\/snt-en\/events\/doctoral-defence-analyzing-the-unanalyzable-an-application-to-android-applications\/","name":"Doctoral Defence: Analyzing the Unanalyzable: an application to Android Applications. - SnT - University of Luxembourg I Uni.lu","isPartOf":{"@id":"https:\/\/www.uni.lu\/snt-en\/#website"},"datePublished":"2023-01-06T11:03:05+00:00","dateModified":"2024-06-21T06:04:37+00:00","description":"The defence will take place physically in room E004 at JFK Building (Campus Kirchberg). Members of the defence committee: Prof Dr.&nbsp;Tegawend\u00e9 F.","breadcrumb":{"@id":"https:\/\/www.uni.lu\/snt-en\/events\/doctoral-defence-analyzing-the-unanalyzable-an-application-to-android-applications\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.uni.lu\/snt-en\/events\/doctoral-defence-analyzing-the-unanalyzable-an-application-to-android-applications\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.uni.lu\/snt-en\/events\/doctoral-defence-analyzing-the-unanalyzable-an-application-to-android-applications\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.uni.lu\/en"},{"@type":"ListItem","position":2,"name":"Interdisciplinary Centre for Security, Reliability and Trust (SnT)","item":"https:\/\/www.uni.lu\/snt-en\/"},{"@type":"ListItem","position":3,"name":"Events","item":"https:\/\/www.uni.lu\/snt-en\/events\/"},{"@type":"ListItem","position":4,"name":"Doctoral Defence: Analyzing the Unanalyzable: an application to Android Applications."}]},{"@type":"WebSite","@id":"https:\/\/www.uni.lu\/snt-en\/#website","url":"https:\/\/www.uni.lu\/snt-en\/","name":"SnT","description":"Interdisciplinary Centre for Security, Reliability and Trust I Uni.lu","publisher":{"@id":"https:\/\/www.uni.lu\/snt-en\/#organization"},"alternateName":"Interdisciplinary Centre for Security, Reliability and Trust I University of Luxembourg","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.uni.lu\/snt-en\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/www.uni.lu\/snt-en\/#organization","name":"SnT - University of Luxembourg I Uni.lu","alternateName":"Interdisciplinary Centre for Security, Reliability and Trust","url":"https:\/\/www.uni.lu\/snt-en\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.uni.lu\/snt-en\/#\/schema\/logo\/image\/","url":"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/5\/2026\/03\/03112604\/SNT_SM-Profile_1600x1600px-scaled.jpg","contentUrl":"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/5\/2026\/03\/03112604\/SNT_SM-Profile_1600x1600px-scaled.jpg","width":2560,"height":2560,"caption":"SnT - University of Luxembourg I Uni.lu"},"image":{"@id":"https:\/\/www.uni.lu\/snt-en\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.linkedin.com\/school\/snt-lu\/"]}]}},"_links":{"self":[{"href":"https:\/\/www.uni.lu\/snt-en\/wp-json\/wp\/v2\/events\/4816"}],"collection":[{"href":"https:\/\/www.uni.lu\/snt-en\/wp-json\/wp\/v2\/events"}],"about":[{"href":"https:\/\/www.uni.lu\/snt-en\/wp-json\/wp\/v2\/types\/events"}],"author":[{"embeddable":true,"href":"https:\/\/www.uni.lu\/snt-en\/wp-json\/wp\/v2\/users\/33"}],"replies":[{"embeddable":true,"href":"https:\/\/www.uni.lu\/snt-en\/wp-json\/wp\/v2\/comments?post=4816"}],"version-history":[{"count":2,"href":"https:\/\/www.uni.lu\/snt-en\/wp-json\/wp\/v2\/events\/4816\/revisions"}],"predecessor-version":[{"id":8886,"href":"https:\/\/www.uni.lu\/snt-en\/wp-json\/wp\/v2\/events\/4816\/revisions\/8886"}],"wp:authorship":[{"embeddable":true,"href":"https:\/\/www.uni.lu\/snt-en\/wp-json\/wp\/v2\/users\/33"}],"wp:attachment":[{"href":"https:\/\/www.uni.lu\/snt-en\/wp-json\/wp\/v2\/media?parent=4816"}],"wp:term":[{"taxonomy":"events-topic","embeddable":true,"href":"https:\/\/www.uni.lu\/snt-en\/wp-json\/wp\/v2\/events-topic?post=4816"},{"taxonomy":"events-type","embeddable":true,"href":"https:\/\/www.uni.lu\/snt-en\/wp-json\/wp\/v2\/events-type?post=4816"},{"taxonomy":"organisation","embeddable":true,"href":"https:\/\/www.uni.lu\/snt-en\/wp-json\/wp\/v2\/organisation?post=4816"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}