Skip to content
/ MtdScout Public
forked from MtdScout/MtdS_Dataset

MtdScout: Identifying Insecure Methods in Android Apps via Source-to-Bytecode Signature Generation and Tree-based Layered Search

daoyuan14.github.io/papers/eurosp24_mtdscout.pdf
1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

VPRLab/MtdScout

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
APKs
APKs
 
 
Evaluation
Evaluation
 
 
Signatures
Signatures
 
 
readme.md
readme.md
 
 

Repository files navigation

The explanation of different folders is listed below:

APK

  • Describe the way to access our 23,962 APKs used for large-scale evaluation.

Signatures

  • 129 signatures generated by MtdScout and used for detecting method clones.
  • There are 6 'RuleX' folders representing the 6 crypto misuse rules.
  • The name of each signature represents its description. The format is as follows:

    <package_name>.<class_name>_<method_name>_<param_1>-...<param_n>.txt

  • project_name_dict_input.txt represents the <lib_id, lib_name> mapping.

Evaluation

  • MtdScout

    • matching_result.txt includes the 18,944 matching pairs output by MtdScout.
      • Each line represents one method clone pair, i.e. <msig, mdex> pair.
      • Each line follows this format:

        <signature>|<matched_DEX_method>|<dexdump_file>|<Rule>

    • running_time_MtdScout.txt records the running time of each app analyzed by MtdScout.
      • Each line follows this format:

        <App_category>:<app_name>:<running_time>

    • dexdump_size_MtdScout.txt records the dexdump file size of each app analyzed by MtdScout.
      • Each line follows this format:

        <App_category>:<app_name>:<file_size>

  • LibScout

    • Lib_jars folder contains the jar files and profiles of 18 libraries that are analyzed by both LibScout and MtdScout.
    • apk_lib_pairs.txt describes the 2,291 <lib, apk> pairs output by MtdScout (related to the 18 libraries).
    • apk_lib_pairs_libscout.txt describes the 645 <lib, apk> pairs output by LibScout (related to the 18 libraries).
    • apk_lib_result_dict_MtdScout.json stores the corresponding method clone pairs of each <lib, apk> pair output by MtdScout.

  • CryptoGuard

    • category_app_summary.xlsx records the number of apps in each category detected by Cryptoguard and MtdScout.
    • running_time_CryptoGuard.txt records the running time of each app detected by CryptoGuard.
      • Each line follows this format:

        <App_category>:<app_name>:<running_time>

    • internal_error_apk_list.txt records the list of apps that encountered internal errors during analysis by CryptoGuard.
    • timeout_apk_list.txt records the list of apps that exceeded the 30-minute timeout limit while being analyzed by CryptoGuard.

About

MtdScout: Identifying Insecure Methods in Android Apps via Source-to-Bytecode Signature Generation and Tree-based Layered Search

daoyuan14.github.io/papers/EuroSP24_MtdScout.pdf

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published