FUSE Quick Reference

FUSE helps security analysts see how a collection of apps operates together in the context of a full Android device FUSE provides an overview of a collection of apps, showing the potential data flows within that collection.

Try using FUSE now! Use the links below to use our interactive analysis:

FUSE displays the possible information flow paths between a collection of components on a given Android system, allowing the user to select particular components of interest, and explore how they interact.

Visualization Components

Each node in the visualization represents an app, a permission, or a content provider.

Edges between nodes represent information flow (activity creation, service creation, message broadcast, content provider access, use of internal storage, or permission use).

The color of a node indicates its package prefix (e.g. com.android or com.google), and the color of an edge matches the source of the data flow.

colors-1

Navigation

  • Click and drag the canvas to view different parts of the graph.
  • Use the scroll wheel on a mouse or a scrolling gesture on a touchpad to zoom in or out.

Inspecting Connectivity

Hover over a node to see the other nodes reachable from it. By hovering over several nodes in quick succession, you can quickly see which connected nodes they have in common. This is useful for identifying the core highly-connected nodes in a dense graph.

animated-hover

Look for Chokepoints

Many apps are highly connected, particularly apps that are part of the core Android device framework. If we decide we can trust such an app, we can hide its nodes and edges, drastically simplifying the FUSE visualization graph.

Look for such chokepoint nodes that separate large portions of the graph. For example, in the first image above, com.android.phone and bbc.mobile.news are chokepoints. If these nodes are trustworthy they can be hidden, making other interactions easier to analyze.

Hiding and Showing Nodes

Select a node to show its info panel.

pop-up

Click the solid black circle in the top-left corner of the info panel to hide the node. The circle will become hollow.

hide-2

Click outside the panel to dismiss it, or click the hollow circle to show the node once again.

Dive into Detail

Click a node to see extra information and dive down into the details of each information flow. Each input or output can be expanded to show the source or target nodes that may connect to it.

details-1

These sources and targets can be further expanded to show which methods in the code give rise to that information flow.

Edges and Nodes Menus

The edges menu at the top of the window allows you to limit the types of edges that appear.

For example, you can hide edges that show Implicit Start Activity calls.

edges-1

edges-2

From the nodes menu, you can bring up the info panel for a node without having to find it in the graph. Previously-hidden nodes are listed in this menu with a shaded background.

nodes-1

FUSE Examples: