Skip to main content
SpringerLink
Log in

Android Platform Modeling and Android App Verification in the ACL2 Theorem Prover

  • Conference paper
Verified Software: Theories, Tools, and Experiments (VSTTE 2015)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 9593))

Included in the following conference series:

Abstract

We present our work in using the ACL2 theorem prover to formally model the Android platform and to formally verify Android apps. Our approach allows the verification of the full functional correctness of apps as well as security properties. It also lets us detect or prove the absence of “functional malware”, malicious app functionality that is triggered by complex conditions on state and that causes the app to calculate the wrong results or otherwise behave incorrectly. Our formal Android model is an executable simulator of a growing subset of the Android platform, and app proofs are done by automated symbolic execution of the app’s event handlers using the formal model. By induction, we prove that an app satisfies an invariant, including the correctness properties of interest, for all possible sequences of events.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Armando, A., Costa, G., Merlo, A.: Formal modeling and reasoning about the Android security framework. In: Palamidessi, C., Ryan, M.D. (eds.) TGC 2012. LNCS, vol. 8191, pp. 64–81. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  2. Armando, A., Merlo, A., Migliardi, M., Verderame, L.: Would you mind forking this process? A denial of service attack on Android (and some countermeasures). In: Gritzalis, D., Furnell, S., Theoharidou, M. (eds.) SEC 2012. IFIP AICT, vol. 376, pp. 13–24. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  3. Bläsing, T., Batyuk, L., Schmidt, A.-D., Camtepe, S.A., Albayrak, S.: An Android application sandbox system for suspicious software detection. In: Proceedings of 5th International Conference on Malicious and Unwanted Software (Malware) (2010)

    Google Scholar 

  4. Boyer, R.S., Moore, J.S.: A Computational Logic. Academic Press, New York (1979)

    MATH  Google Scholar 

  5. Chaudhuri, A.: Language-based security on Android. In: Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security (PLAS) (2009)

    Google Scholar 

  6. Chen, K.Z., Johnson, N., D’Silva, V., Dai, S., MacNamara, K., Magrino, T., Wu, E., Rinard, M., Song, D.: Contextual policy enforcement in Android applications with permission event graphs. In: Proceedings of the 20th Annual Network and Distributed System Security Symposium (NDSS) (2013)

    Google Scholar 

  7. Chin, E., Felt, A.P., Greenwood, K., Wagner, D.: Analyzing inter-application communication in Android. In: Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services (MobiSys) (2011)

    Google Scholar 

  8. Clarkson, M., Schneider, F.: Hyperproperties. J. Comput. Secur. 18(6), 1157–1210 (2010)

    Article  Google Scholar 

  9. DARPA Information Innovation Office. Automated program analysis for cybersecurity (APAC) program. http://www.darpa.mil/program/automated-program-analysis-for-cybersecurity

  10. Enck, W., Gilbert, P., Han, S., Tendulkar, V., Chun, B.-G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N., TaintDroid, : An information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. (TOCS) 32(2), 5:1–5:29 (2014)

    Google Scholar 

  11. Enck, W., Ongtang, M., McDaniel, P.: Understanding Android security. IEEE Secur. Priv. Mag. 7(1), 50–57 (2009)

    Article  Google Scholar 

  12. Felt, A.P., Finifter, M., Chin, E., Hanna, S., Wagner, D.: A survey of mobile malware in the wild. In: Proceedings of the ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (2011)

    Google Scholar 

  13. Fragkaki, E., Bauer, L., Jia, L., Swasey, D.: Modeling and enhancing Android’s permission system. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 1–18. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  14. Fuchs, A., Chaudhuri, A., Foster, J.: SCanDroid: automated security certication of Android applications. Technical report CS-TR-4991, Department of Computer Science, University of Maryland, College Park (2009)

    Google Scholar 

  15. Goguen, J., Meseguer, J.: Security policies and security models. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 11–20 (1982)

    Google Scholar 

  16. Gordon, M.I., Kim, D., Perkins, J., Gilham, L., Nguyen, N., Rinard, M.: Information-flow analysis of Android applications in DroidSafe. In: Proceedings of the 21st Annual Network and Distributed System Security Symposium (NDSS) (2014)

    Google Scholar 

  17. Harel, D., Kozen, D., Tiuryn, J.: Dynamic Logic. MIT Press, Cambridge (2000)

    MATH  Google Scholar 

  18. Hoare, C.A.R.: Proof of correctness of data representations. Acta Informatica 1(4), 271–281 (1972)

    Article  MATH  Google Scholar 

  19. Jeon, J., Micinski, K., Foster, J.: SymDroid: symbolic execution for Dalvik bytecode. Technical report CS-TR-5022, University of Maryland, College Park (2012)

    Google Scholar 

  20. The Java Modeling Language (JML). http://jmlspecs.org

  21. The KeY project. http://www.key-project.org

  22. Lange, M., Liebergeld, S., Lackorzynski, A., Warg, A., Peter, M.: L4Android: a generic operating system framework for secure smartphones. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM) (2011)

    Google Scholar 

  23. Lindholm, T., Yellin, F., Bracha, G., Buckley, A.: The Java Virtual Machine Specification - Java SE 8 Edition, March 2014. http://docs.oracle.com/javase/specs/jvms/se8/html

  24. Lineberry, A., Richardson, D.L., Wyatt, T.: These aren’t the permissions you’re looking for. In: DEFCON 18 (2010)

    Google Scholar 

  25. Manolios, P., Moore, J.S.: Partial functions in ACL2. J. Autom. Reasoning 31, 107–127 (2003)

    Article  MathSciNet  MATH  Google Scholar 

  26. Haghighi Mobarhan, M.A.: Formal specification of selected Android core applications and library functions. Master’s thesis, Chalmers University of Technology, University of Gothenburg (2011)

    Google Scholar 

  27. McCarthy, J.: A formal description of a subset of Algol. Technical report Stanford Artificial Intelligence Project Memo No. 24, Stanford University (1964)

    Google Scholar 

  28. Milner, R.: An algebraic definition of simulation between programs. Technical report CS-205, Stanford University (1971)

    Google Scholar 

  29. Moore, J.: Proving Theorems about Java and the JVM with ACL2. http://www.cs.utexas.edu/users/moore/publications/marktoberdorf-02/index.html

  30. Nauman, M., Khan, S., Zhang, X.: Apex: extending Android permission model and enforcement with user-defined runtime constraints. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security (ASIACCS) (2010)

    Google Scholar 

  31. Open Handset Alliance. Android Development Resources. http://developer.android.com

  32. Open Handset Alliance. Android Open Source Project. http://source.android.com

  33. Payet, E., Spoto, F.: An operational semantics for Android activities. In: Proceedings of the ACM SIGPLAN Workshop on Partial Evaluation and Program Manipulation (PEPM) (2014)

    Google Scholar 

  34. Shabtai, A., Fledel, Y., Kanonov, U., Elovici, Y., Dolev, S., Glezer, C.: Google Android: A comprehensive security assessment. IEEE Secur. Priv. Mag. 8(2), 35–44 (2010)

    Google Scholar 

  35. Shamili, A.S., Bauckhage, C., Alpcan, T.: Malware detection on mobile devices using distributed machine learning. In: Proceedings of the 20th International Conference on Pattern Recognition (ICPR) (2011)

    Google Scholar 

  36. Shin, W., Kiyomoto, S., Fukushima, K., Tanaka, T.: A formal model to analyze the permission authorization and enforcement in the Android framework. In: Proceedings of the IEEE Second International Conference on Social Computing (SOCIALCOM) (2010)

    Google Scholar 

  37. Smalley, S., Craig, R.: Security enhanced (SE) Android: bringing flexible MAC to Android. In: Proceedings of the 20th Annual Network and Distributed System Security Symposium (NDSS) (2013)

    Google Scholar 

  38. Smith, E.W.: Axe: an Automated Formal Equivalence Checking Tool for Programs. Ph.D. dissertation, Stanford University (2011)

    Google Scholar 

  39. University of Texas at Austin. The ACL2 theorem prover. http://www.cs.utexas.edu/moore/acl2

  40. Vidas, T., Votipka, D., Christin, N.: All your droid are belong to us: a survey of current Android attacks. In: Proceedings of the 5th USENIX Workshop on Offensive Technologies (WOOT) (2011)

    Google Scholar 

  41. Rubin, X., Saïdi, H., Anderson, R.: Aurasium: practical policy enforcement for Android applications. In: Proceedings of the USENIX Security Symposium (2012)

    Google Scholar 

Download references

Acknowledgments

This material is based on research sponsored by DARPA under agreement number FA8750-12-X-0110. The U.S. Government is authorized to reproduce and distribute reprints for Governmental purposes notwithstanding any copyright notation thereon.

We would also like to thank Garrin Kimmell, James McDonald, and Allen Goldberg for their helpful reviews of this paper.

Author information

Authors and Affiliations

  1. Kestrel Institute, Palo Alto, USA

    Eric Smith & Alessandro Coglio

Authors
  1. Eric Smith
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alessandro Coglio
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Alessandro Coglio .

Editor information

Editors and Affiliations

  1. Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA, USA

    Arie Gurfinkel

  2. Department of Electrical Engineering and Computer Science, University of California, Berkeley, USA

    Sanjit A. Seshia

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Smith, E., Coglio, A. (2016). Android Platform Modeling and Android App Verification in the ACL2 Theorem Prover. In: Gurfinkel, A., Seshia, S.A. (eds) Verified Software: Theories, Tools, and Experiments. VSTTE 2015. Lecture Notes in Computer Science(), vol 9593. Springer, Cham. https://doi.org/10.1007/978-3-319-29613-5_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-29613-5_11

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-29612-8

  • Online ISBN: 978-3-319-29613-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation