TaintBench: Automatic Real-World Malware Benchmarking of Android Taint Analyses

Linghui Luo, Felix Pauck, Goran Piskachev, Manuel Benz, Ivan Pashchenko, Martin Mory, Eric Bodden, Ben Hermann, Fabio Massacci

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

21 Downloads (Pure)

Abstract

Due to the lack of established real-world benchmark suites for static taint analyses of Android applications, evaluations of these analyses are often restricted and hard to compare. Even in evaluations that do use real-world applications, details about the ground truth in those apps are rarely documented, which makes it difficult to compare and reproduce the results. Our recent study fills this gap. It first defines a set of sensible construction criteria for such a benchmark suite. It further proposes the TaintBench benchmark suite designed to fulfil these construction criteria. Along with the suite, this paper introduces the TaintBench framework, which allows tool-assisted benchmark suite construction, evaluation and inspection. Our experiments using TaintBench reveal new insights of popular Android taint analysis tools.

Original languageEnglish
Title of host publicationSoftware Engineering 2022 (SE 2022) - Fachtagung des GI-Fachbereichs Softwaretechnik
Subtitle of host publication[Proceedings]
EditorsLars Grunske, Janet Siegmund, Andreas Vogelsang
PublisherGesellschaft fur Informatik (GI)
Pages65-67
Number of pages3
ISBN (Electronic)9783885797142
DOIs
Publication statusPublished - 2022
EventFachtagung des GI-Fachbereichs Softwaretechnik, Software Engineering 2022 - Conference of the GI Software Engineering Section, Software Engineering 2022 - Virtual, Online, Germany
Duration: 21 Feb 202225 Feb 2022

Publication series

NameLecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI)
VolumeP-320
ISSN (Print)1617-5468

Conference

ConferenceFachtagung des GI-Fachbereichs Softwaretechnik, Software Engineering 2022 - Conference of the GI Software Engineering Section, Software Engineering 2022
Country/TerritoryGermany
CityVirtual, Online
Period21/02/2225/02/22

Bibliographical note

Publisher Copyright:
© 2022 Gesellschaft fur Informatik (GI). All rights reserved.

Keywords

  • Android malware
  • Benchmark
  • Real-world benchmark
  • Taint analysis

Fingerprint

Dive into the research topics of 'TaintBench: Automatic Real-World Malware Benchmarking of Android Taint Analyses'. Together they form a unique fingerprint.

Cite this