Mind the Gap: Finding what Updates have (really) changed in Android Applications

Johannes Feichtner, Lukas Neugebauer, Dominik Ziegler

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem KonferenzbandBegutachtung

Abstract

Android apps often receive updates that introduce new functionality or tackle problems, ranging from critical security issues to usability-related bugs. Although developers tend to briefly denote changes when releasing new versions, it remains unclear what has actually been modified in the program code. Verifying even subtle changes between two Android apps is challenging due to the widespread use of code transformations and obfuscation techniques. In this paper, we present a new framework to precisely pinpoint differences between Android apps. By pursuing a multi-level comparison strategy that targets resources and obfuscation-invariant code elements, we succeed in highlighting similarities and changes among apps. In case studies, we demonstrate the need and practical benefits of our solution and show how well it is suited to verify changelogs.
Originalspracheenglisch
TitelProceedings of the 16th International Joint Conference on e-Business and Telecommunications - Volume 2: SECRYPT
ErscheinungsortPortugal
Herausgeber (Verlag)SciTePress
Seiten306-313
Seitenumfang8
ISBN (elektronisch)978-989-758-378-0
DOIs
PublikationsstatusVeröffentlicht - 2019
Veranstaltung16th International Conference on Security and Cryptography - Prague, Tschechische Republik
Dauer: 26 Juli 201928 Juli 2019
http://www.secrypt.icete.org/?y=2019

Konferenz

Konferenz16th International Conference on Security and Cryptography
KurztitelSECRYPT 2019
Land/GebietTschechische Republik
OrtPrague
Zeitraum26/07/1928/07/19
Internetadresse

Fingerprint

Untersuchen Sie die Forschungsthemen von „Mind the Gap: Finding what Updates have (really) changed in Android Applications“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren