Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/mohannadcse/dina

A hybrid analysis tool for detecting vulnerable inter-app communication between Android Apps
https://github.com/mohannadcse/dina

Last synced: 4 days ago
JSON representation

A hybrid analysis tool for detecting vulnerable inter-app communication between Android Apps

Host: GitHub
URL: https://github.com/mohannadcse/dina
Owner: Mohannadcse
License: isc
Created: 2019-07-08T02:22:00.000Z (over 5 years ago)
Default Branch: master
Last Pushed: 2022-12-06T17:46:13.000Z (about 2 years ago)
Last Synced: 2024-12-06T15:50:09.530Z (20 days ago)
Language: C++
Homepage:
Size: 29.4 MB
Stars: 2
Watchers: 1
Forks: 1
Open Issues: 2
Metadata Files:
- Readme: README.md
- License: LICENSE.md

Awesome Lists containing this project

README

DINA
======

## 1 Overview

- This repo contains the prototype code of DINA, a hybrid analysis tool for identifying potential concealed vulnerable paths through reflection and dynamic class loading between Android Apps.

This work published at *IEEE International Conference on Computer Communications (INFOCOM) (INFOCOM'19)*.

![picture](images/WorkFlowOfDINA_V4.png)

### 1.1 Implementation

- Written in C++14.
- Uses the [Boost Graph Library (BGL)](http://www.boost.org/libs/graph/doc/).
- Existing generic graph algorithms can be applied to Jitana data
structures.
- Can be used as a library:
- Run side-by-side with a virtual machine on a target device.
- Run on a host machine talking to the target device via JDWP.
- Used from visualization tool.

## 2 Building

DINA uses CMake which supports out-of-source build. In this document, the
following directory structure is assumed:

.
├── DINA (source code downloaded)
├── dex (DEX files)
└── build (build directory you make)

### 2.1 macOS

Install all the dependencies first. Then

mkdir build
cd build
cmake -DCMAKE_BUILD_TYPE=Release ../DINA
make -j8

### 2.2 Ubuntu

Please refer to [Compiling Jitana on Linux](https://github.com/ytsutano/jitana/blob/master/doc/jitana_on_ubuntu.md).

## 3 Running DINA

According to the workflow, DINA works in three phases, following a description of how to run each phase:
- [Collective Analysis](tools/CollectiveAnalysis/README.md)
- [Incremental Analysis](tools/IncrementalAnalysis/README.md)
- [Vulnerability Analysis](tools/VulAnalysis)

## 4 Developer

- Mohannad Alhanahnah at University of Nebraska-Lincoln.
- Please note that DINA has been developed on top of [jitana](https://github.com/ytsutano/jitana). Therefore, many of Jitana's libraries have been used as is or adapted.

## 5 License

- See [LICENSE.md](LICENSE.md) for license rights and limitations (ISC).

# Citation
If you use the source code, please cite the following paper:

M. Alhanahnah et al., "Detecting Vulnerable Android Inter-App Communication in Dynamically Loaded Code," IEEE INFOCOM 2019 - IEEE Conference on Computer Communications, Paris, France, 2019, pp. 550-558.