March 2015 • Software
DidFail uses static analysis to detect potential leaks of sensitive information within a set of Android apps.
DidFail (Droid Intent Data Flow Analysis for Information Leakage) combines and augments FlowDroid (which identifies intra-component information flows) and Epicc (which identifies properties of intents such as its action string) to track both inter-component and intra-component data flow in a set of Android applications.
DidFail's two-phase analysis allows for fast user-response time by using precomputed phase-1 analysis results. The two phases of DidFail are (1) determine (for a set of applications) the data flows enabled individually by each application and the conditions under which these are possible, and (2) build on these results to enumerate the potentially dangerous data flows enabled by the set of applications as a whole.
Additional DidFail Resources
- DidFail: Coverage and Precision Enhancement (SEI technical report)
- Using DidFail to Analyze Flow of Sensitive Information in Sets of Android Apps (presentation)
- An Enhanced Tool for Securing Android Apps (blog post)
- Making DidFail Succeed: Enhancing the CERT Static Taint Analyzer for Android App Sets (SEI technical report)
- Android Taint Flow Analysis for App Sets (SOAP 2014 workshop paper)
- Android Taint Flow Analysis for App Sets (SOAP 2014 presentation)
- Precise Static Analysis of Taint Flow for Android Application Sets (2014 thesis)
- Secure Coding for the Android Platform (blog post)
- Two Secure Coding Tools for Analyzing Android Apps (blog post)