https://github.com/mohannadcse/dina

A hybrid analysis tool for detecting vulnerable inter-app communication between Android Apps
https://github.com/mohannadcse/dina

Last synced: 7 months ago
JSON representation

A hybrid analysis tool for detecting vulnerable inter-app communication between Android Apps

• Host: GitHub
• URL: https://github.com/mohannadcse/dina
• Owner: Mohannadcse
• License: isc
• Created: 2019-07-08T02:22:00.000Z (over 6 years ago)
• Default Branch: master
• Last Pushed: 2022-12-06T17:46:13.000Z (almost 3 years ago)
• Last Synced: 2025-02-14T11:53:05.402Z (9 months ago)
• Language: C++
• Homepage:
• Size: 29.4 MB
• Stars: 2
• Watchers: 1
• Forks: 1
• Open Issues: 2
• Metadata Files:
  • Readme: README.md
  • License: LICENSE.md

Awesome Lists containing this project

README

          
DINA

======

## 1 Overview

- This repo contains the prototype code of DINA, a hybrid analysis tool for identifying potential concealed vulnerable paths through reflection and dynamic class loading between Android Apps.

This work published at *IEEE International Conference on Computer Communications (INFOCOM) (INFOCOM'19)*.

![picture](images/WorkFlowOfDINA_V4.png)

### 1.1 Implementation

- Written in C++14.

- Uses the [Boost Graph Library (BGL)](http://www.boost.org/libs/graph/doc/).

    - Existing generic graph algorithms can be applied to Jitana data

      structures.

- Can be used as a library:

    - Run side-by-side with a virtual machine on a target device.

    - Run on a host machine talking to the target device via JDWP.

    - Used from visualization tool.

## 2 Building

DINA uses CMake which supports out-of-source build. In this document, the

following directory structure is assumed:

    .

    ├── DINA (source code downloaded)

    ├── dex    (DEX files)

    └── build  (build directory you make)

### 2.1 macOS

Install all the dependencies first. Then

    mkdir build

    cd build

    cmake -DCMAKE_BUILD_TYPE=Release ../DINA

    make -j8

### 2.2 Ubuntu

Please refer to [Compiling Jitana on Linux](https://github.com/ytsutano/jitana/blob/master/doc/jitana_on_ubuntu.md).

## 3 Running DINA

According to the workflow, DINA works in three phases, following a description of how to run each phase:

- [Collective Analysis](tools/CollectiveAnalysis/README.md)

- [Incremental Analysis](tools/IncrementalAnalysis/README.md)

- [Vulnerability Analysis](tools/VulAnalysis)

## 4 Developer

- Mohannad Alhanahnah at University of Nebraska-Lincoln.

- Please note that DINA has been developed on top of [jitana](https://github.com/ytsutano/jitana). Therefore, many of Jitana's libraries have been used as is or adapted.

## 5 License

- See [LICENSE.md](LICENSE.md) for license rights and limitations (ISC).

# Citation

If you use the source code, please cite the following paper:

M. Alhanahnah et al., "Detecting Vulnerable Android Inter-App Communication in Dynamically Loaded Code," IEEE INFOCOM 2019 - IEEE Conference on Computer Communications, Paris, France, 2019, pp. 550-558.