Probabilistic Inference of Inter-Component Communication in Mobile Applications

Knowing how the components of mobile applications interact is a prerequisite to many security analyses. However, no analysis can readily infer all Inter-Component Communication (ICC) precisely. We develop a static program analysis to infer the values of ICC messages. The resulting IC3 tool can infer ICC messages in 84% of the cases in a corpus of 489 applications. This makes it possible to use this approach as the basis of many different inter-component security analyses. However, as the number of applications analyzed increases, the large number of potential inter-component links quickly becomes unwieldy. In order to help sift through these potential links, we develop probabilistic models of inter-component communication that we overlay on top of the static analysis results. The models are used to rank links by likelihood that they may actually occur at runtime. Applying the approach to a corpus of 11,267 applications, we are able to rank over 636 million links and to determine that over 95.1% of them are likely false positives.
Damien Octeau got the M.Sc. and Ph.D. degrees in Computer Science and Engineering from the Pennsylvania State University in 2010 and 2014, respectively. He received his B.Sc. and Master's degrees from Ecole Centrale de Lyon, France, in 2007 and 2010, respectively. After his PhD, he was a Research Associate with a joint appointment at the Department of Computer Sciences at the University of Wisconsin-Madison and at the Department of Computer Science and Engineering at the Pennsylvania State University. He is now at Google, where he performs research in the area of mobile security.

He was awarded the Best Research Artifact Award at the 2012 International Symposium on the Foundations of Software Engineering (FSE). He also received the 2013 Penn State AT&T Graduate Fellowship. His research interests include mobile and software security, and program analysis.