Tech Talk: Comprehensive Analysis of the Android Ecosystem

  • Date  Time
  • Speaker
  • Location

Galois is pleased to host the following tech talk.
These talks are open to the interested public–please join us!
(There is no need to pre-register for the talk.)

Please note the unusual time for this talk, it is on Thursday,
02 August 2012.

Comprehensive Analysis of the Android Ecosystem

Iulian Neamtiu

Thursday, 02 August 2012, 10:30am


Galois Inc.

421 SW 6th Ave. Suite 300,

Portland, OR, USA

(3rd floor of the Commonwealth building)


The relative novelty and rapid evolution pace of the Android ecosystem
(platform, vendor-installed apps and third-party apps) means both the
platform and apps receive little scrutiny. Hence there is a need for tools
that assess, monitor and verify all components of the Android ecosystem.
This lack of tools and scrutiny is particularly problematic when combined
with the open nature of Google Play, the main app distribution channel.

In the first part of this talk we will focus on multi-layer profiling of
Android apps using ProfileDroid, a tool and framework we developed at
UC Riverside. ProfileDroid is useful for a variety of Android app analyses,
from performance to usability to security. ProfileDroid monitors and
correlates the behavior of an app at four layers:
(a) static, or app specification
(b) user interaction,
(c) operating system, and
(d) network layer.
Using ProfileDroid on 27 free and paid Android apps, we have revealed:
(a) discrepancies between the app specification and app execution,
(b) free versions of apps could end up costing more than their paid
counterparts, due to an order of magnitude increase in traffic,
(c) most network traffic is not encrypted,
(d) apps communicate with many more sources than users might expect.

In the second part of the talk we will present results from our long-term
permission evolution study of the Android ecosystem—platform and
237 apps—over three years. We found that the platform has increased the
number of dangerous permissions and does not move towards finer-grained
permissions, and that app developers do not follow the principle of
least privilege. We will also briefly discuss our efforts with static
information flow tracking for Android apps, as well as building a
log-and-replay system for Android.

Iulian Neamtiu is an assistant professor in the Department of Computer
Science and Engineering at the University of California, Riverside.
He received his Ph.D. from the University of Maryland, College Park in 2008.
His current research focuses on analyzing and improving the Android ecosystem,
programming languages (type systems, static and dynamic analysis, parallelism),
software engineering (software evolution, empirical studies, debugging),
and on-the-fly software updates.