Enabling Precise and Automated Insecurity Analysis of Middleware on Mobile Platforms
During the past decade, middleware on mobile platforms (such as the Application Framework in Android and the Core Services layer in iOS) has been flourishing, but the insecurity analysis of such middleware has been lagging behind. For example, while comprehensive studies have been conducted at the application layer of the Android system, there is very limited work analyzing the Android Application Framework (Android Framework, for short), a middleware layer in the Android system. The two billion Android mobile devices and the many Android Things devices all rely on the system services provided by Android Framework. Recently, many vulnerabilities of Android Framework are exposed, showing that Android Framework is vulnerable and exploitable. Given the critical role of Android Framework, a vulnerability in the framework can be exploited to launch large-scale cyber attacks and cause serious harms to user security and privacy. However, the insecurity analysis of Android Framework has been rather ad hoc, imprecise, and requires much manual effort, mainly because there is a severe lack of techniques and tools developed for insecurity analysis of such middleware on mobile platforms (MoMP). This research project seeks to fill the gap by developing new techniques and tools for insecurity analysis of MoMP like Android Framework and consequently lead to more secure and trustworthy computing environments for the huge number of smartphone and Internet-of-Things (IoT) device users. Educational resources developed in this project, including course modules on mobile computing security and vulnerability discovery, will be disseminated through a dedicated web site. Collaborations with the industry will be sought to transfer the technology to interested software companies and government entities that perform insecurity analysis of MoMP.
The project will develop new architectural designs, algorithms and techniques for precise and automated insecurity analysis of MoMP. To make the research concrete, demonstrations will be created for the Android Framework for mobile smartphones, tablets and IoT devices, and the first platform for precise and automated insecurity analysis of Android Framework will be built, combining current software analysis techniques, such as symbolic execution, hybrid dynamic/static analysis, and cross-process and cross-layer software analysis, to make them capable of analyzing complex and large-sized MoMP like Android Framework. The platform will be evaluated and applied to discovering various types of zero-day vulnerabilities and generating proof-of-concept exploits.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.