IC3: Inter-Component Communication Analysis for Android

Motivation

Many threats present in smartphones are the result of interactions between application components, not just artifacts of single components. For example, information may flow between components in an unsafe manner. A component in an application may retrieve a user's location data or contacts. It may subsequently send the sensitive private information to a component in another application. The receiving component may then leak the sensitive information to the network, to an untrusted third party.

However, current techniques for identifying inter-component communication (ICC) are ad hoc and do not scale to large numbers of applications. That is why we developed an approach to statically study ICC that is both precise and highly scalable.

Formalizing ICC Analysis

We reduce the discovery of ICC to an instance of a composite constant propagation problem. This approach is very accurate, conservatively keeping track of multiple execution paths. It is flow-sensitive, inter-procedural and context-sensitive. Our implementation of this approach is called IC3 (Inter-Component Communication Analysis with COAL). It scales well, taking on average less than three minutes per application in a study of 500 applications. IC3 uses Java classes as input, which can be generated from Android bytecode using our Dare retargeting tool.

Our tool uses the COAL solver. This allows us to obtain solutions to composite constant propagation problems efficiently. IC3 is indeed more precise than previously released ICC tools, including our own Epicc tool.

In order to enable other researchers to apply our ICC analysis to a variety of problems, we make it available for download and we release its entire source code. Please see our installation page for instructions on how to install and use it. You can find instructions to download and build the source code on the source page.

If you wish to build an inter-component analysis on top of IC3, you can use the version of IC3 that is available from the Maven Central Repository. You can find it with groupId edu.psu.cse.siis and artifactId ic3.

This research was supported by the National Science Foundation Grants No. CNS-1064900, CNS-1228700, CNS-1228620 and CNS-1219495 and by a Google Faculty Award.

Questions and Issues

Please submit any questions or issues to the issue tracker for IC3.