Software Model Checking: A Promising Approach to Verify Mobile App Security (FTfJP 2017 - (Formal Techniques for Java-like Programs))

Write a Blog >>

Sun 18 - Fri 23 June 2017 Barcelona, Spain

co-located with PLDI, ECOOP, Curry On, DEBS, LCTES and ISMM

Who

Irina Asavoae, Hoang Nga Nguyen, Markus Roggenbach, Siraj Ahmed Shaikh

Track

FTfJP 2017

Time Zone

The program is currently displayed in (GMT+02:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna.

Use conference time zone: (GMT+02:00) Amsterdam, Berlin, Bern, Rome, Stockholm, ViennaSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Tue 20 Jun 2017 09:30 - 09:50 at Vertex WS217 - A Chair(s): Radu Grigore

Abstract

In this position paper we advocate software model check- ing as a technique suitable for security of analysis mobile apps. Our recommendation is based on promising results that we achieved on analysing app collusion in the context of the Android operating system. To this end we devel- oped the K-Android tool, which provides an encoding of the Android/Smali code semantics within the K framework. K-Android allows for software model checking of Android APK files. Though our experience so far is limited to collusion, we believe the approach to be applicable to further security properties as well as other mobile operating systems.

Link to Preprint

https://arxiv.org/abs/1706.04741

Irina Asavoae

INRIA, Paris, France

Hoang Nga Nguyen

Coventry University, Coventry, UK

Markus Roggenbach

Swansea University, Swansea, UK

Siraj Ahmed Shaikh