JNFuzz-Droid:A Lightweight Fuzzing And Taint Analysis Framework For Android Native Code

The need to account for Native code within Android apps is becoming urgent as the usage of Native code is growing within both benign and malicious apps.Malware developers are increasingly using Native code to implement some of the malicious functions of Android applications,which leads to a large number of security issues.Among the many security issues,the use of Native code to leak sensitive data is one of the most prominent threats,so determining the behavior of data flow in Native code becomes a critical step in identifying such threats.However,Native code is often overlooked in most analysis tools due to the complexity of Native code itself.With increasing concern about Native code vulnerabilities in Android applications,a variety of Native analysis tools have been developed in academia and industry,but these tools still suffer from several limitations.On the one hand,existing Native dynamic analysis tools are primarily based on test input generation tools to analyze Android applications and are therefore unable to locate Native code quickly.On the other hand,existing Native static analysis tools are based on symbolic execution to explore Native code and are therefore limited by issues such as path and state explosion.In order to effectively analyze the behavior of sensitive data in the Native code,we first proposed JNFuzz,an efficient black-box fuzz testing module for the Android Native library based on C/S architecture.Then,we propose JNFuzzDroid,a lightweight automated fuzz testing,and taint analysis framework for Android Native code,based on this.JNFuzz-Droid first locates the Android Native method to which sensitive data is passed under the global view provided by static analysis,then parses the Native function corresponding to the Native method,and finally uses the JNFuzz modules to perform fuzz testing on Native code to improve Native code coverage while analyzing the data flow in Native code with a lightweight dynamic binary instrumentation tool.Experimental results on benchmarks and real-world applications show that JNFuzz-Droid can effectively detect the leakage or transfer of sensitive data in application Native code and outperforms the state-of-the-art Native analysis tools.