Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).
NIST Authors in Bold
|Author(s):||Ryan Johnson; Zhaohui Wang; Angelos Stavrou; Jeffrey M. Voas;|
|Title:||Exposing Software Security and Availability Risks For Commercial Mobile Devices|
|Published:||June 21, 2013|
|Abstract:||In this manuscript, we present our efforts towards a framework for exposing the functionality of a mobile application through a combination of static and dynamic program analysis that attempts to explore all available execution paths including libraries. We verified our approach by testing a large number of Android applications with our program to exhibit its functionality and viability. The framework allows complete automation of the execution process so that no user input is required. We also discuss how our static analysis program can be used to inform the execution of the dynamic analysis program. The program can serve as an extensible basis to fulfill other useful purposes such as symbolic execution, program verification, interactive debugger, and other approaches that require deep inspection of an Android application.|
|Conference:||The Annual Reliability and Maintainability Symposium|
|Proceedings:||2013 Proceedings of The Annual Reliability and Maintainability Symposium (RAMS'13)|
|Pages:||pp. 1 - 7|
|Dates:||January 28-31, 2013|
|Keywords:||software reliability, dynamic analysis, execution coverage, Android|
|Research Areas:||Information Technology, Computer Security, Cybersecurity|
|DOI:||http://dx.doi.org/10.1109/RAMS.2013.6517735 (Note: May link to a non-U.S. Government webpage)|
|PDF version:||Click here to retrieve PDF version of paper (160KB)|