University of California, Irvine

Research Projects

  • SALMA: Self-Protection of Android Systems from Inter-Component Communication Attacks

    The current security mechanisms for Android apps, both static and dynamic analysis approaches, are insufficient for detection and prevention of the increasingly dynamic and sophisticated security attacks. Static analysis approaches suffer from false positives whereas dynamic analysis approaches suffer from false negatives. Moreover, they all lack the ability to efficiently analyze systems with incremental changes---such as adding/removing apps, granting/revoking permissions, and dynamic components' communications.
    Each time the system changes, the entire analysis needs to be repeated, making the existing approaches inefficient for practical use. To mitigate their shortcomings, we have developed SALMA, a novel self-protecting Android software system that monitors itself and adapts its behavior at runtime to prevent a wide-range of security risks.

    Project website

  • ☍ A Large-Scale Empirical Study on the Effects of Code Obfuscations on Android Apps and Anti-Malware Products

    The goal of this study is to assess the performance of commercial anti-malware products against various obfuscation tools and strategies. In addition, this study assesses to evaluate the ability of obfuscation tools to generate valid, installable, and runnable obfuscated Android apps.
    Project website

  • ☍ LetterBomb: Automatic Generation of Inter-Component Communication Exploits for Android Applications

    This project provides the first approach for automatically generating exploits for Android apps, called LetterBomb, relying on a combined path-sensitive symbolic execution-based static analysis, and the use of software instrumentation and test oracles.
    Project website

  • ☍ RevealDroid: Lightweight, Obfuscation-Resilient Detection and Family Identification of Android Malware

    This project presents a novel machine learning-based Android-malware detection and familyidentification approach, RevealDroid, that leverages a small, simple set of selectable features—of which the simplest set of features achieves obfuscation resiliency, efficiency, and accuracy.
    Project website

  • ☍ DELDroid: Determination and Enforcement of Least-Privilege Architecture in Android

    DELDroid is an automated system for determination of least privilege architecture in Android and its enforcement at runtime. A key contribution of our approach is the ability to limit the privileges granted to apps without the need to modify them.
    Project website

© Untitled. Design: HTML5 UP.