NUS PLSE - Programming Languages & Software Engineering @ NUS

TaintBench: Automatic Real-World Malware Benchmarking of Android Taint Analyses

04/10/2020

Speaker

Linghui Luo (Paderborn University)

Abstract

Due to the lack of established real-world benchmark suites for Android taint analysis, evaluations of these analyses are often restricted and hard to compare. Even in evaluations that do use real-world apps, details about the ground truth in those apps are rarely documented, which makes it difficult tocompare and reproduce the results.

In this work, we recommend criteria for constructing real-world benchmark suites for this specific domain, and presents TaintBench, the first real-world malware benchmark suite with documented taint flows. Together with the TaintBench suite, we introduce the TaintBench framework, whose goal is to simplify real-world benchmarking of Android taint analyses. Experiments using TaintBench reveal newinsights for the taint analysis tools Amandroid and FlowDroid.

PLSE@NUS

Programming Languages & Software Engineering @ NUS

TaintBench: Automatic Real-World Malware Benchmarking of Android Taint Analyses

Speaker

Abstract