Automatic Protocol Behavior Analysis Framework for Android Apps.
Currently, This version is incomplete. So Extractocol may can't properly perform for some apps in our dataset. Because we have modified some core modules for other projects. When we finish implementing the modules, we will update that. we will finish this work by Apr, 2017.
Extractocol has two main modules that are program slicing and signature building modules. We extended flowdroid to slice network related instructions in APK. We implement signature building module using Soot framework. Currently, the two modules are divided so you should run the modules respectively (We plan to provide an all in one script). We implement Extractocol using Eclipse and this repository includes eclipse project setting file. Therefore, you can easily set up a development environment using import existing workspace menu in eclipse.
** Program Slicing Module
A.Main Method
soot.jimple.infoflow.android.TestApps.Test
B.Arguments
APK, AndroidSDK path, --noexceptions --nostatic --aplength 1 --aliasflowins --layoutmode none --nocallbacks [--backward or --forward]
C.Example : Extracting request(backward) program slice of wish.apk.
wish.apk
D:\extractocol\AndroidSDK
--noexceptions --nostatic --aplength 1 --aliasflowins --layoutmode none --nocallbacks
--backward
** Signature Building Module
A.Main Method
Extractocol.Tester.BackendTester_Request
B.Arguments
--app (AppName) --backward
C.Example : Building request signatures for wish app. If you want to build response signatures, you should run Extractocol.Tester.BackendTester_Response class.
--app wish --backward
CC BY-NC-SA Attribution-NonCommercial-ShareAlike
Jeongmin Kim, Hyunwoo Choi, Hoon Namgung, Woohyun Choi, Byungkwon Choi, Hyunwook Choi, Yongdae Kim, Jonghyup Lee and Dongsu Han, Enabling Automatic Protocol Behavior Analysis for Android Apps, ACM CoNEXT 2016 [PDF]
Jeongmin Kim (appff at kaist.ac.kr)