References of "Bartel, Alexandre 50024843"
     in
Bookmark and Share    
Peer Reviewed
See detailDésérialisation Java : Une brève introduction au ROP de haut niveau
Bartel, Alexandre UL; Klein, Jacques UL; Le Traon, Yves UL

Article for general public (2019)

Detailed reference viewed: 98 (14 UL)
Peer Reviewed
See detailDésérialisation Java : Une brève introduction
Bartel, Alexandre UL; Klein, Jacques UL; Le Traon, Yves UL

Article for general public (2018)

Detailed reference viewed: 49 (5 UL)
Peer Reviewed
See detailFini le Bac à Sable. Avec le CVE-2017-3272, devenez un grand!
Bartel, Alexandre UL; Klein, Jacques UL; Le Traon, Yves UL

Article for general public (2018)

Detailed reference viewed: 49 (6 UL)
Full Text
Peer Reviewed
See detailExploitation du CVE-2015-4843
Bartel, Alexandre UL

Article for general public (2018)

Detailed reference viewed: 20 (2 UL)
Full Text
Peer Reviewed
See detailTwenty years of Escaping the Java Sandbox
Bartel, Alexandre UL; Doe, John

Article for general public (2018)

The Java platform is broadly deployed on billions of devices, from servers and desktop workstations to consumer electronics. It was originally designed to implement an elaborate security model, the Java ... [more ▼]

The Java platform is broadly deployed on billions of devices, from servers and desktop workstations to consumer electronics. It was originally designed to implement an elaborate security model, the Java sandbox, that allows for the secure execution of code retrieved from potentially untrusted remote machines without putting the host machine at risk. Concretely, this sandboxing approach is used to secure the execution of untrusted Java applications such as Java applets in the web browser. Unfortunately, critical security bugs -- enabling a total bypass of the sandbox -- affected every single major version of the Java platform since its introduction. Despite major efforts to fix and revise the platform's security mechanisms over the course of two decades, critical security vulnerabilities are still being found. In this work, we review the past and present of Java insecurity. Our goal is to provide an overview of how Java platform security fails, such that we can learn from the past mistakes. All security vulnerabilities presented here are already known and fixed in current versions of the Java runtime, we discuss them for educational purposes only. This case study has been made in the hope that we gain insights that help us design better systems in the future. [less ▲]

Detailed reference viewed: 73 (10 UL)
Full Text
Peer Reviewed
See detailThe Multi-Generation Repackaging Hypothesis
Li, Li UL; Bissyande, Tegawendé François D Assise UL; Bartel, Alexandre UL et al

Poster (2017, May)

App repackaging is a common threat in the Android ecosystem. To face this threat, the literature now includes a large body of work proposing approaches for identifying repackaged apps. Unfortunately ... [more ▼]

App repackaging is a common threat in the Android ecosystem. To face this threat, the literature now includes a large body of work proposing approaches for identifying repackaged apps. Unfortunately, although most research involves pairwise similarity comparison to distinguish repackaged apps from their “original” counterparts, no work has considered the threat to validity of not being able to discover the true original apps. We provide in this paper preliminary insights of an investigation into the Multi-Generation Repackaging Hypothesis: is the original in a repackaging process the outcome of a previous repackaging process? Leveraging the Androzoo dataset of over 5 million Android apps, we validate this hypothesis in the wild, calling upon the community to take this threat into account in new solutions for repackaged app detection. [less ▲]

Detailed reference viewed: 181 (10 UL)
Full Text
Peer Reviewed
See detailStatic Analysis of Android Apps: A Systematic Literature Review
Li, Li UL; Bissyande, Tegawendé François D Assise UL; Papadakis, Mike UL et al

in Information and Software Technology (2017)

Context: Static analysis exploits techniques that parse program source code or bytecode, often traversing program paths to check some program properties. Static analysis approaches have been proposed for ... [more ▼]

Context: Static analysis exploits techniques that parse program source code or bytecode, often traversing program paths to check some program properties. Static analysis approaches have been proposed for different tasks, including for assessing the security of Android apps, detecting app clones, automating test cases generation, or for uncovering non-functional issues related to performance or energy. The literature thus has proposed a large body of works, each of which attempts to tackle one or more of the several challenges that program analysers face when dealing with Android apps. Objective: We aim to provide a clear view of the state-of-the-art works that statically analyse Android apps, from which we highlight the trends of static analysis approaches, pinpoint where the focus has been put, and enumerate the key aspects where future researches are still needed. Method: We have performed a systematic literature review (SLR) which involves studying 124 research papers published in software engineering, programming languages and security venues in the last 5 years (January 2011 - December 2015). This review is performed mainly in five dimensions: problems targeted by the approach, fundamental techniques used by authors, static analysis sensitivities considered, android characteristics taken into account and the scale of evaluation performed. Results: Our in-depth examination has led to several key findings: 1) Static analysis is largely performed to uncover security and privacy issues; 2) The Soot framework and the Jimple intermediate representation are the most adopted basic support tool and format, respectively; 3) Taint analysis remains the most applied technique in research approaches; 4) Most approaches support several analysis sensitivities, but very few approaches consider path-sensitivity; 5) There is no single work that has been proposed to tackle all challenges of static analysis that are related to Android programming; and 6) Only a small portion of state-of-the-art works have made their artefacts publicly available. Conclusion: The research community is still facing a number of challenges for building approaches that are aware altogether of implicit-Flows, dynamic code loading features, reflective calls, native code and multi-threading, in order to implement sound and highly precise static analyzers. [less ▲]

Detailed reference viewed: 215 (12 UL)
Full Text
See detailSecurity Analysis of Permission-Based Systems using Static Analysis: An Application to the Android Stack
Bartel, Alexandre UL

Doctoral thesis (2014)

In recent years, mobile devices, such as smart phones, have spread at an exponential rate. The most used system running on these devices, accounting for almost 80% of market share for smart phones world ... [more ▼]

In recent years, mobile devices, such as smart phones, have spread at an exponential rate. The most used system running on these devices, accounting for almost 80% of market share for smart phones world-wide, is the Android software stack. This system runs Android applications that users download from an application market. The system is called a permission-based system since it limits access to protected resources by checking that applications have the required permission(s). Users store and manipulate personal information such as contact lists or pictures using applications on their devices and trust that their data is safe. Analyzing applications and the system on top of which they are running would be an objective method to evaluate if the data is well-protected.In this thesis we aim at analyzing Android applications from the security point of view and answering to the following challenging questions: How can Android applications be analyzed? Are permissions well-defined for Android applications? Can applications leak protected data? How can dynamic analysis complement static analysis? To answer these questions we structure the thesis around four objectives. The first objective is to analyze Android applications with static analysis tools. The challenge is that Android applications are packaged with Dalvik bytecode, different in many aspects from the Java bytecode. We developed Dexpler, a tool to transform Dalvik bytecode into Jimple, an understandable format for Soot, one of the most used static analysis framework for Java-based programs. With Dexpler we can now analyze Android applications.The second objective is to check that developers do not give too many permissions to the Android applications they develop. Reducing the number of permission reduces the attack surface of an malicious user exploiting an application. We analyze the code of applications to check which permissions they really require. This requires to deeply analyze the Android framework to extract a mapping between API methods (that Android application call) and required permissions. We present an Andersen-like field-sensitive approach using novel domain-specific optimizations to extract the mapping from the Android framework. Permissions protect sensitive data. Nevertheless, applications having the right permission(s) to access the data could leak the data. This is for instance the case with malware or application packaged with aggressive advertisement libraries. The third objective is to statically analyze Android applications to detect such leaks. Android applications are different from traditional Java applications. One of the most important differences is that Android applications are made of components. Analyzing Android applications to find leaks requires to link components that communicate together and to model every component. We developed IccTA to detect privacy leaks. It connects components at the code level to perform inter-component and inter-application data-flow analysis.Analyzing Android applications statically enables to find security issues such as the GPS coordinates leaking out of the device. However, static analyses do not run directly on users’ devices and thus do not take the device’s context into account. The last objective of this thesis is to have an insight of how dynamic approaches can complement static analyses. We are the first to present a tool-chain to dynamically instrument Android applications in vivo, i.e. directly on the device. We present two use cases instrumenting applications to show that dynamic approaches are feasible, that they can leverage results from static analyses, and that they are beneficial for the user from the point of view of security or privacy. One of the use case is a fine-grained permission system prototype enabling the user to disable or enable application permissions at will. The four contributions have been validated through rigorous experiments as complete as possible. Through this thesis we provide solutions to analyze Android applications using static analysis, to check the permission set of applications, to find private data leaks in Android applications and to analyze permission-based frameworks. By analyzing what goes wrong, we can improve the security and privacy of mobile applications. [less ▲]

Detailed reference viewed: 339 (26 UL)
Full Text
See detailAutomatically Exploiting Potential Component Leaks in Android Applications
Li, Li UL; Bartel, Alexandre UL; Klein, Jacques UL et al

Report (2014)

We present PCLeaks, a tool based on inter- component communication (ICC) vulnerabilities to perform data-flow analysis on Android applications to find potential component leaks (e.g., another component ... [more ▼]

We present PCLeaks, a tool based on inter- component communication (ICC) vulnerabilities to perform data-flow analysis on Android applications to find potential component leaks (e.g., another component can potentially exploit the leak). To evaluate our approach, we run PCLeaks on 2000 apps, randomly selected from Google Play store. PCLeaks reports 986 potential component leaks in 185 apps. For each leak reported by PCLeaks, PCLeaksValidator automatically generates an Android app which tries to exploit the leak. By manually running a subset of the generated apps, we find that 75% of the reported leaks are exploitable leaks. [less ▲]

Detailed reference viewed: 353 (30 UL)
Full Text
See detailI know what leaked in your pocket: uncovering privacy leaks on Android Apps with Static Taint Analysis
Li, Li UL; Bartel, Alexandre UL; Klein, Jacques UL et al

Report (2014)

Android applications may leak privacy data carelessly or maliciously. In this work we perform inter-component data-flow analysis to detect privacy leaks between components of Android applications. Unlike ... [more ▼]

Android applications may leak privacy data carelessly or maliciously. In this work we perform inter-component data-flow analysis to detect privacy leaks between components of Android applications. Unlike all current approaches, our tool, called IccTA, propagates the context between the components, which improves the precision of the analysis. IccTA outperforms all other available tools by reaching a precision of 95.0% and a recall of 82.6% on DroidBench. Our approach detects 147 inter-component based privacy leaks in 14 applications in a set of 3000 real-world applications with a precision of 88.4%. With the help of ApkCombiner, our approach is able to detect inter-app based privacy leaks. [less ▲]

Detailed reference viewed: 169 (20 UL)
Full Text
Peer Reviewed
See detailUsing A Path Matching Algorithm to Detect Inter-Component Leaks in Android Apps
Li, Li UL; Bartel, Alexandre UL; Klein, Jacques UL et al

Scientific Conference (2014, March 12)

Detailed reference viewed: 257 (22 UL)
Full Text
Peer Reviewed
See detailDetecting privacy leaks in Android Apps
Li, Li UL; Bartel, Alexandre UL; Klein, Jacques UL et al

Scientific Conference (2014, February 26)

The number of Android apps have grown explosively in recent years and the number of apps leaking private data have also grown. It is necessary to make sure all the apps are not leaking private data before ... [more ▼]

The number of Android apps have grown explosively in recent years and the number of apps leaking private data have also grown. It is necessary to make sure all the apps are not leaking private data before putting them to the app markets and thereby a privacy leaks detection tool is needed. We propose a static taint analysis approach which leverages the control-flow graph (CFG) of apps to detect privacy leaks among Android apps. We tackle three problems related to inter- component communication (ICC), lifecycle of components and callback mechanism making the CFG imprecision. To bridge this gap, we ex- plicitly connect the discontinuities of the CFG to provide a precise CFG. Based on the precise CFG, we aim at providing a taint analysis approach to detect intra-component privacy leaks, inter-component privacy leaks and also inter-app privacy leaks. [less ▲]

Detailed reference viewed: 412 (32 UL)
Full Text
Peer Reviewed
See detailEffective Inter-Component Communication Mapping in Android with Epicc: An Essential Step Towards Holistic Security Analysis
Octeau, Damien; McDaniel, Patrick; Jha, Somesh et al

in Effective Inter-Component Communication Mapping in Android with Epicc: An Essential Step Towards Holistic Security Analysis (2013)

Many threats present in smartphones are the result of interactions between application components, not just artifacts of single components. However, current techniques for identifying inter-application ... [more ▼]

Many threats present in smartphones are the result of interactions between application components, not just artifacts of single components. However, current techniques for identifying inter-application communication are ad hoc and do not scale to large numbers of ap- plications. In this paper, we reduce the discovery of inter-component communication (ICC) in smartphones to an instance of the Interprocedural Distributive Environment (IDE) problem, and develop a sound static analysis technique targeted to the Android platform. We apply this analysis to 1,200 applications selected from the Play store and characterize the locations and substance of their ICC. Experiments show that full specifications for ICC can be identified for over 93% of ICC locations for the applications studied. Further the analysis scales well; analysis of each application took on average 113 seconds to complete. Epicc, the resulting tool, finds ICC vulnerabilities with far fewer false positives than the next best tool. In this way, we develop a scalable vehicle to extend current security analysis to entire collections of applications as well as the interfaces they export. [less ▲]

Detailed reference viewed: 482 (7 UL)
Full Text
Peer Reviewed
See detailDexpler: Converting Android Dalvik Bytecode to Jimple for Static Analysis with Soot
Bartel, Alexandre UL; Klein, Jacques UL; Monperrus, Martin et al

in ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2012) (2012)

This paper introduces Dexpler, a software package which converts Dalvik bytecode to Jimple. Dexpler is built on top of Dedexer and Soot. As Jimple is Soot’s main internal rep- resentation of code, the ... [more ▼]

This paper introduces Dexpler, a software package which converts Dalvik bytecode to Jimple. Dexpler is built on top of Dedexer and Soot. As Jimple is Soot’s main internal rep- resentation of code, the Dalvik bytecode can be manipu- lated with any Jimple based tool, for instance for performing point-to or flow analysis. [less ▲]

Detailed reference viewed: 163 (11 UL)
Full Text
See detailImproving Privacy on Android Smartphones Through In-Vivo Bytecode Instrumentation
Bartel, Alexandre UL; Klein, Jacques UL; Monperrus, Martin et al

Report (2012)

In this paper we claim that a widely applicable and efficient means to fight against malicious mobile Android applications is: 1) to perform runtime monitoring 2) by instrumenting the application bytecode ... [more ▼]

In this paper we claim that a widely applicable and efficient means to fight against malicious mobile Android applications is: 1) to perform runtime monitoring 2) by instrumenting the application bytecode and 3) in-vivo, i.e. directly on the smartphone. We present a tool chain to do this and present experimental results showing that this tool chain can run on smartphones in a reasonable amount of time and with a realistic effort. Our findings also identify challenges to be addressed before running powerful runtime monitoring and instrumentations directly on smartphones. We implemented two use-cases leveraging the tool chain: FineGPolicy, a fine-grained user centric permission policy system and AdRemover an advertisement remover. Both prototypes improve the privacy of Android systems thanks to in-vivo bytecode instrumentation. [less ▲]

Detailed reference viewed: 240 (26 UL)
Full Text
Peer Reviewed
See detailAutomatically Securing Permission-Based Software by Reducing the Attack Surface: An Application to Android
Bartel, Alexandre UL; Klein, Jacques UL; Monperrus, Martin et al

in IEEE/ACM International Conference on Automated Software Engineering (2012)

In the permission-based security model (used e.g. in An- droid and Blackberry), applications can be granted more permissions than they actually need, what we call a permission gap?. Malware can leverage ... [more ▼]

In the permission-based security model (used e.g. in An- droid and Blackberry), applications can be granted more permissions than they actually need, what we call a permission gap?. Malware can leverage the unused permissions for achieving their malicious goals, for instance using code injection. In this paper, we present an approach to detecting permission gaps using static analysis. Using our tool on a dataset of Android applications, we found out that a non negligible part of applications suffers from permission gaps, i.e. does not use all the permissions they declare. [less ▲]

Detailed reference viewed: 125 (5 UL)
Full Text
Peer Reviewed
See detailModel Driven Mutation Applied to Adaptative Systems Testing
Bartel, Alexandre UL; Baudry, Benoit; Munoz, Freddy et al

in Mutation 2011 (@ICST) (2011)

Dynamically Adaptive Systems modify their behavior and structure in response to changes in their surrounding environment and according to an adaptation logic. Critical systems increasingly incorporate ... [more ▼]

Dynamically Adaptive Systems modify their behavior and structure in response to changes in their surrounding environment and according to an adaptation logic. Critical systems increasingly incorporate dynamic adaptation capabilities, examples include disaster relief and space exploration systems. In this paper, we focus on mutation testing of the adaptation logic. We propose a fault model for adaptation logics that classifies faults into environmental completeness and adaptation correctness. Since there are several adaptation logic languages relying on the same underlying concepts, the fault model is expressed independently from specific adaptation languages. Taking benefit from model-driven engineering technology, we express these common concepts in a metamodel and define the operational semantics of mutation operators at this level. Mutation is applied on model elements and model transformations are used to propagate these changes to a given adaptation policy in the chosen formalism. Preliminary results on an adaptive web server highlight the difficulty of killing mutants for adaptive systems, and thus the difficulty of generating efficient tests. [less ▲]

Detailed reference viewed: 124 (5 UL)
Full Text
See detailAutomatically Securing Permission-Based Software by Reducing the Attack Surface: An Application to Android
Bartel, Alexandre UL; Klein, Jacques UL; Monperrus, Martin et al

in Automatically Securing Permission-Based Software by Reducing the Attack Surface: An Application to Android (Tech Report) (2011)

Android based devices are becoming widespread. As a result and since those devices contain personal and confidential data, the security model of the android software stack has been analyzed extensively ... [more ▼]

Android based devices are becoming widespread. As a result and since those devices contain personal and confidential data, the security model of the android software stack has been analyzed extensively. One key feature of the security model is that applications must declare a list of permissions they are using to access resources. Using static analysis, we first extracted a table from the Android API which maps methods to permissions. Then, we use this mapping within a tool we developed to check that applications effectively need all the permissions they declare. Using our tool on a set of android applications, we found out that a non negligible part of the applications do not use all the permissions they declare. Consequently, the attack surface of such applications can be reduced by removing the non-needed permissions. [less ▲]

Detailed reference viewed: 161 (5 UL)