Research On Vulnerability Based On Software Dynamic And Static Analysis:a Case Study On Internet Socket Vulnerability

Android operating system has achieved great success in the past decade.Millions of Android applications provide people with a variety of services that greatly facilitate people's lives.However,the rapid increase in the number of Android applications has led to a mixed quality of Android applications.Many vulnerabilities have been exposed,and it seriously treats to users' information security.Thus,industry and academia have turned their attention to the detection of vulnerabilities in Android applications.But there are many difficulties in implementing vulnerability detection for Android applications.On the one hand,the Android application vulnerability detection object faced by the industry is often a large-scale Android application set.Take the leading software-security provider,Pwnzen,as an example.The software-security provider is often required to process more than 11 million mobile apps at each run.It requires vulnerability detection system to maintain high efficiency.On the other hand,commercial Android applications have higher complexity.In the existing program analysis technology,static analysis completes the security analysis by exploring all possible execution paths of the program and checking whether it meets certain security specifications.When analyzing security for highly complex commercial Android applications,it can greatly elongate the analysis time of a single Android application.In addition,Java reflection call is an important technical difficulty of the existing static analysis technology.It has not been solved.In view of the above difficulties,this paper takes the Internet Socket vulnerability as the research target.This paper designs and implements the corresponding vulnerability detection system ISVFinder.ISVFinder uses vulnerability feature technology to filter out Android applications that are not related to target vulnerabilities.It combines static analysis and dynamic analysis technology to explore the internal behavior of Android applications.With limited manual review,ISVFinder can effectively handle the vulnerability detection of large-scale Android applications and complexity of commercializing Android applications.This paper proposes an algorithm for processing Java reflection calls.The experimental results show that ISVFinder can effectively capture the dangerous execution path containing Java reflection calls after configuring this algorithm.Using ISVFinder,we find 24 Android apps with Internet Socket vulnerabilities and 3 vulnerability families,each of which has more than 50 million downloads.We conduct in-depth case studies on 3 typical applications.We also summarize 3 lessons and 2 defense methods based on the research results.