DroidReach++: Exploring the reachability of native code in android applications

Modern Android applications often incorporate numerous native C/C++ libraries to efficiently handle CPU-intensive tasks or interact at a low level with specific hardware, such as performing specialized GPU rendering. Recent research on Android security has revealed that these libraries are frequentl...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Computers & security Jg. 159; S. 104657
Hauptverfasser: Borzacchiello, Luca, Cornacchia, Matteo, Maiorca, Davide, Giacinto, Giorgio, Coppa, Emilio
Format: Journal Article
Sprache:Englisch
Veröffentlicht: Elsevier Ltd 01.12.2025
Schlagworte:
Android
Mobile security
Static analysis
Mobile security
Static analysis
Android
ISSN:0167-4048
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Modern Android applications often incorporate numerous native C/C++ libraries to efficiently handle CPU-intensive tasks or interact at a low level with specific hardware, such as performing specialized GPU rendering. Recent research on Android security has revealed that these libraries are frequently adopted by third-party developers and may pose security risks if not regularly updated, as publicly disclosed vulnerabilities in outdated libraries can be exploited by malicious actors. To determine whether these known vulnerabilities represent an immediate and tangible threat, it is essential to assess whether the vulnerable functions can be executed during application runtime – a research problem commonly known as function reachability. In this article, we introduce DroidReach++, a novel static analysis approach for evaluating the reachability of native function calls in Android applications. Our framework overcomes the limitations of existing state-of-the-art methods by combining heuristics with symbolic execution, enabling a more precise reconstruction of Inter-procedural Control-Flow Graphs (ICFGs). When applied to the top 500 applications from the Google Play Store, DroidReach++ identifies a significantly higher number of execution paths compared to previous techniques. Finally, two case studies demonstrate how DroidReach++ serves as an effective tool for vulnerability assessment.
ISSN:0167-4048
DOI:10.1016/j.cose.2025.104657