Reconstruction of Task Lists from Android Applications

The popularity of Android devices has made Android apps attractive targets for attackers. Some static checkers have been proposed to check whether an Android app is vulnerable to privacy leakage and other attacks. However, these checkers model the control flows in the app following the ICC events, ignoring the intrinsic purpose of users' interaction with mobile devices. In fact, users carry out various tasks using mobile apps, e.g. online shopping. An Android task consists of one or more Activities, which are organized in the back stack of the task. By extracting the task lists among Activities in Android apps, we can capture all control flow transitions between them, including those bring by ICC events and back button events. We design and implement a system, which leverages the combination of static and dynamic analysis to extract the task lists. Our system can be used to detect task related attacks and help static checkers construct more complete call graphs.