Data

Tools

Indexes

Applications

Experiments

Open Source Science

stadyna

StaDynA: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications

https://github.com/zyrikby/stadyna

Science Score: 67.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
    Found CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
    Found 2 DOI reference(s) in README
  • Academic publication links
    Links to: acm.org
  • Academic email domains
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (12.3%) to scientific vocabulary

Keywords

android android-security dynamic-analysis java python research static-analysis
Last synced: 6 months ago · JSON representation ·

Repository

StaDynA: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications

Basic Info
  • Host: GitHub
  • Owner: zyrikby
  • Default Branch: master
  • Size: 8.79 KB
Statistics
  • Stars: 23
  • Watchers: 4
  • Forks: 10
  • Open Issues: 0
  • Releases: 0
Topics
android android-security dynamic-analysis java python research static-analysis
Created almost 11 years ago · Last pushed almost 3 years ago
Metadata Files
Readme Citation

README.md

StaDynA: Addressing the Problem of Dynamic Code Updates in the Security

Analysis of Android Applications

UPDATE: From now on the code is temporary available upon request.

Please, check how to contact me on my personal website.

Description

StaDynA is a system supporting security app analysis in the presence of dynamic code update features (dynamic class loading and reflection).

Our tool combines static and dynamic analysis of Android applications in order to reveal the hidden/updated behavior and extend static analysis results with this information.

This work has been done at the University of Trento.

Publication

The results of our research were presented at the 5th ACM Conference on Data and Application Security and Privacy (ACM CODASPY 2015). Please use the following bibtex reference to cite our paper:

@inproceedings{StaDynA_Zhauniarovich2014, author = {Zhauniarovich, Yury and Ahmad, Maqsood and Gadyatskaya, Olga and Crispo, Bruno and Massacci, Fabio}, title = {{StaDynA: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications}}, booktitle = {Proceedings of the 5th ACM Conference on Data and Application Security and Privacy}, series = {CODASPY '15}, year = {2015}, pages = {37--48}, url = {http://doi.acm.org/10.1145/2699026.2699105}, doi = {10.1145/2699026.2699105}, publisher = {ACM} }

Usage

Our tool consists of two parts: a server and a client. The server side of StaDynA is a Python program that interacts with a static analysis tool. Currently, StaDynA uses AndroGuard as a static analyzer. The client side is the code run either on a real device or on an emulator.

The instructions how to build client side can be found in the corresponding folder.

To run the analysis of an Android application, after connecting a device running client side, execute the server side Python script:

python stadyna.py -i <inputApk> -o <resultFolder>

where inputApk is a path to the apk file to be analyzed, and resultFolder is the path where the results of the analysis will be stored.

Dependencies

  1. networkx released under BSD license.
  2. AndroGuard released under Apache-2.0 license.

License

The tool is distributed under Apache-2.0 license. The citation of the paper is highly appreciated.

Owner

  • Name: Yury Zhauniarovich
  • Login: zyrikby
  • Kind: user
  • Location: Netherlands

Citation (CITATION.cff) 

title: StaDynA
abstract: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications.
authors:
  - family-names: Zhauniarovich
    given-names: Yury
    orcid: "https://orcid.org/0000-0001-9116-0728"
cff-version: 1.2.0
date-released: "2015-03-29"
identifiers:
  - type: url
    value: "https://github.com/zyrikby/StaDynA/tree/52b755a8270cc7bb4419218f004fb17d3d52853d"
    description: Latest version
keywords:
  - research
  - Android
  - "dynamic code updates"
  - "static-dynamic analyzer"
license: Apache-2.0
message: If you use this software, please cite it using these metadata.
repository-code: "https://github.com/zyrikby/StaDynA"
preferred-citation:
  title: "StaDynA: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications"
  type: conference-paper
  authors:
  - family-names: "Zhauniarovich"
    given-names: "Yury"
  - family-names: "Ahmad"
    given-names: "Maqsood"
  - family-names: "Gadyatskaya"
    given-names: "Olga"
  - family-names: "Crispo"
    given-names: "Bruno"
  - family-names: "Massacci"
    given-names: "Fabio"
  collection-title: "5th ACM Conference on Data and Application Security and Privacy"
  collection-type: "proceedings"
  conference:
    name: "CODASPY"
  doi: "10.1145/2699026.2699105"
  start: 37 # First page number
  end: 48 # Last page number
  year: 2015

GitHub Events

Total
  • Watch event: 2
Last Year
  • Watch event: 2