Please use this identifier to cite or link to this item:
https://doi.org/10.21256/zhaw-28347Full metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Sutter, Thomas | - |
| dc.contributor.author | Tellenbach, Bernhard | - |
| dc.date.accessioned | 2023-07-27T09:21:00Z | - |
| dc.date.available | 2023-07-27T09:21:00Z | - |
| dc.date.issued | 2023-05-14 | - |
| dc.identifier.isbn | 979-8-3503-1182-2 | de_CH |
| dc.identifier.uri | https://digitalcollection.zhaw.ch/handle/11475/28347 | - |
| dc.description.abstract | Supply chain attacks are an evolving threat to the IoT and mobile landscape. Recent malware findings have shown that even sizeable mobile phone vendors cannot defend their operating systems fully against pre-installed malware. Detecting and mitigating malware and software vulnerabilities on Android firmware is a challenging task requiring expertise in Android internals, such as customised firmware formats. Moreover, as users cannot choose what software is pre-installed on their devices, there is a fundamental lack of transparency and control. To make Android firmware analysis more accessible and regain some transparency, we present FirmwareDroid, a novel open-source security framework for Android firmware analysis that automates the extraction and analysis of pre-installed software.FirmwareDroid streamlines the process of software extraction from Android firmware for static security and privacy assessments. With FirmwareDroid, we lay the groundwork for researchers to automate the security assessment of Android firmware at scale, and we demonstrated the capabilities of FirmwareDroid by analysing 5,728 Android firmware samples from various vendors. We analysed 75,141 unique pre-installed Android applications to study how common advertising tracker libraries (a piece of software that collects user usage data) are used and which permissions pre-installed Android apps inherit. We conclude that 20.53% of all apps in our dataset include advertising trackers and that 88.14% of all used permissions are signature-based. | de_CH |
| dc.language.iso | en | de_CH |
| dc.publisher | IEEE | de_CH |
| dc.rights | http://creativecommons.org/licenses/by-nc-nd/4.0/ | de_CH |
| dc.subject | Android | de_CH |
| dc.subject | Firmware | de_CH |
| dc.subject | Static analysis | de_CH |
| dc.subject | Security | de_CH |
| dc.subject | Tracking | de_CH |
| dc.subject | Permission | de_CH |
| dc.subject.ddc | 005: Computerprogrammierung, Programme und Daten | de_CH |
| dc.title | FirmwareDroid : towards automated static analysis of pre-installed android apps | de_CH |
| dc.type | Konferenz: Paper | de_CH |
| dcterms.type | Text | de_CH |
| zhaw.departement | School of Engineering | de_CH |
| zhaw.organisationalunit | Institut für Informatik (InIT) | de_CH |
| dc.identifier.doi | 10.1109/MOBILSoft59058.2023.00009 | de_CH |
| dc.identifier.doi | 10.21256/zhaw-28347 | - |
| zhaw.conference.details | 10th International Conference on Mobile Software Engineering and Systems (MOBILESoft), Melbourne, Australia, 14-15 May 2023 | de_CH |
| zhaw.funding.eu | No | de_CH |
| zhaw.originated.zhaw | Yes | de_CH |
| zhaw.pages.end | 22 | de_CH |
| zhaw.pages.start | 12 | de_CH |
| zhaw.parentwork.editor | Klein, Jacques | - |
| zhaw.parentwork.editor | Wei, Lili | - |
| zhaw.publication.status | publishedVersion | de_CH |
| zhaw.publication.review | Peer review (Publikation) | de_CH |
| zhaw.title.proceedings | 2023 IEEE/ACM 10th International Conference on Mobile Software Engineering and Systems (MOBILESoft) | de_CH |
| zhaw.webfeed | Information Security | de_CH |
| zhaw.funding.zhaw | Dynamic Analysis of Internal Android Systems | de_CH |
| zhaw.author.additional | No | de_CH |
| zhaw.display.portrait | Yes | de_CH |
| Appears in collections: | Publikationen School of Engineering | |
Files in This Item:
| File | Description | Size | Format | |
|---|---|---|---|---|
| 2023_Sutter-Tellenbach_FirmwareDroid-towards-automated-static-analysis-of-pre-installed-Android-apps.pdf | 832.73 kB | Adobe PDF |  View/Open |
Show simple item record
Sutter, T., & Tellenbach, B. (2023). FirmwareDroid : towards automated static analysis of pre-installed android apps [Conference paper]. In J. Klein & L. Wei (Eds.), 2023 IEEE/ACM 10th International Conference on Mobile Software Engineering and Systems (MOBILESoft) (pp. 12–22). IEEE. https://doi.org/10.1109/MOBILSoft59058.2023.00009
Sutter, T. and Tellenbach, B. (2023) ‘FirmwareDroid : towards automated static analysis of pre-installed android apps’, in J. Klein and L. Wei (eds) 2023 IEEE/ACM 10th International Conference on Mobile Software Engineering and Systems (MOBILESoft). IEEE, pp. 12–22. Available at: https://doi.org/10.1109/MOBILSoft59058.2023.00009.
T. Sutter and B. Tellenbach, “FirmwareDroid : towards automated static analysis of pre-installed android apps,” in 2023 IEEE/ACM 10th International Conference on Mobile Software Engineering and Systems (MOBILESoft), May 2023, pp. 12–22. doi: 10.1109/MOBILSoft59058.2023.00009.
SUTTER, Thomas und Bernhard TELLENBACH, 2023. FirmwareDroid : towards automated static analysis of pre-installed android apps. In: Jacques KLEIN und Lili WEI (Hrsg.), 2023 IEEE/ACM 10th International Conference on Mobile Software Engineering and Systems (MOBILESoft). Conference paper. IEEE. 14 Mai 2023. S. 12–22. ISBN 979-8-3503-1182-2
Sutter, Thomas, and Bernhard Tellenbach. 2023. “FirmwareDroid : Towards Automated Static Analysis of Pre-Installed Android Apps.” Conference paper. In 2023 IEEE/ACM 10th International Conference on Mobile Software Engineering and Systems (MOBILESoft), edited by Jacques Klein and Lili Wei, 12–22. IEEE. https://doi.org/10.1109/MOBILSoft59058.2023.00009.
Sutter, Thomas, and Bernhard Tellenbach. “FirmwareDroid : Towards Automated Static Analysis of Pre-Installed Android Apps.” 2023 IEEE/ACM 10th International Conference on Mobile Software Engineering and Systems (MOBILESoft), edited by Jacques Klein and Lili Wei, IEEE, 2023, pp. 12–22, https://doi.org/10.1109/MOBILSoft59058.2023.00009.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.