TaintBench: Automatic real-world malware benchmarking of Android taint analyses release_lacwyfdxwjbrpdsayg6qbnunra

by Linghui Luo, Felix Pauck, Goran Piskachev, Manuel Benz, Ivan Pashchenko, Martin Mory, Eric Bodden, Ben Hermann, Fabio Massacci

Published in Empirical Software Engineering by Springer Science and Business Media LLC.

2021   Volume 27

Abstract

<jats:title>Abstract</jats:title>Due to the lack of established real-world benchmark suites for static taint analyses of Android applications, evaluations of these analyses are often restricted and hard to compare. Even in evaluations that do use real-world apps, details about the ground truth in those apps are rarely documented, which makes it difficult to compare and reproduce the results. To push Android taint analysis research forward, this paper thus recommends criteria for constructing real-world benchmark suites for this specific domain, and presents <jats:sc>TaintBench</jats:sc>, the first real-world <jats:italic>malware</jats:italic> benchmark suite with documented taint flows. <jats:sc>TaintBench</jats:sc> benchmark apps include taint flows with complex structures, and addresses static challenges that are commonly agreed on by the community. Together with the <jats:sc>TaintBench</jats:sc> suite, we introduce the <jats:sc>TaintBench</jats:sc> framework, whose goal is to simplify real-world benchmarking of Android taint analyses. First, a usability test shows that the framework improves experts' performance and perceived usability when documenting and inspecting taint flows. Second, experiments using <jats:sc>TaintBench</jats:sc> reveal new insights for the taint analysis tools <jats:sc>Amandroid</jats:sc> and <jats:sc>FlowDroid</jats:sc>: (i) They are less effective on real-world malware apps than on synthetic benchmark apps. (ii) Predefined lists of sources and sinks heavily impact the tools' accuracy. (iii) Surprisingly, up-to-date versions of both tools are less accurate than their predecessors.
In application/xml+jats format

Archived Files and Locations

application/pdf  4.6 MB
file_zenxgrkqunauvi4xb4a3couacq
link.springer.com (publisher)
web.archive.org (webarchive)
Read Archived PDF
Preserved and Accessible
Type  article-journal
Stage   published
Date   2021-10-29
Language   en ?
Container Metadata
Not in DOAJ
In Keepers Registry
ISSN-L:  1382-3256
Work Entity
access all versions, variants, and formats of this works (eg, pre-prints)
Catalog Record
Revision: 2a01dfe4-4584-499b-9707-c43692647932
API URL: JSON