Mohamed Nassim Seghir

Mohamed Nassim Seghir

Static data-flow analysis has proven its effectiveness in assessing security of applications. One major challenge it faces is scalability to large software. This issue is even exacerbated when additional limitations on computing and storage resources are imposed, as is the case for mobile devices. In such cases the analysis is performed on a conventional computer. This poses two problems. First, a man-in-the-middle attack can tamper with an analyzed application. So once on the mobile device, what guarantees that the actual version is not corrupt. Second, the analysis itself might be broken leading to an erroneous result. As a solution, we present DCert a tool for checking and certifying data-flow properties that consists of two components: a (heavy- weight) analyzer and a (lightweight) checker. The analyzer is deployed on a conventional computer. It verifies the conformance of a given application to a specified policy and generates a certificate attesting the validity of the analysis result. It suffices then for the checker, on a mobile device, to perform a linear pass in the application size to validate or refute the certificate as well as the policy. This allows us to separate the verification and the checking process while ensuring a trust relationship between them via the certificate. We describe DCert and report on experimental results obtained for real-world applications.

Mohamed Nassim Seghir

Proof-carrying-code was proposed as a solution to ensure a trust relationship between two parties: a (heavyweight) analyzer and a (lightweight) checker. The analyzer verifies the conformance of a given application to a specified property and generates a certificate attesting the validity of the analysis result. It suffices then for the checker just to test the consistency of the proof instead of constructing it. We set out to study the applicability of this technique in the context of data- flow analysis. In particular, we want to know if there is a significant performance difference between the analyzer and the checker. Therefore, we developed a tool, called DCert, implementing an inter-procedural context and flow-sensitive data-flow analyzer and checker for Android. Applying our tool to real-world large applications, we found out that checking can be up to 8 times faster than verification. This important gain in time suggests a potential for equipping applications on app stores with certificates that can be checked on mobile devices which are limited in computation and storage resources. We describe our implementation and report on experimental results.

Mohamed Nassim Seghir

We propose a flow-insensitive analysis that prunes out portions of code which are irrelevant to a specified set of data-flow paths. Our approach is fast and scalable, in addition to being able to generate a certificate as an audit for the computed result. We have implemented our technique in a tool called DSlicer and applied it to a set of 10600 real-world Android applications. Results are conclusive, we found out that the program code can be significantly reduced by 36% on average with respect to a specified set of data leak paths.

Mohamed Nassim Seghir, David Aspinall

We present DroidGen a tool for automatic anti-malware policy inference. DroidGen employs a data-driven approach: it uses a training set of malware and benign applications and makes call to a constraint solver to generate a policy under which a maximum of malware is excluded and a maximum of benign applications is allowed. Preliminary results are encouraging. We are able to automatically generate a policy which filters out 91% of the tested Android malware. Moreover, compared to black-box machine learning classifiers, our method has the advantage of generating policies in a declarative readable format. We illustrate our approach, describe its implementation and report on the preliminary results.