DroidSecTester: Towards context-driven modelling and detection of Android application vulnerabilities ; DroidSecTester: Vers une modélisation contextuelle et une détection des vulnérabilités dans les applications Android

International audience ; In the dynamic Android application security landscape, traditional vulnerability assessment faces challenges posed by the increasing complexity of execution environments. These environments encompass a diverse array of contextual factors that influence application behavior, highlighting the imperative for adaptive testing. Current security analysis techniques for Android apps often struggle to capture the intricate interplay between static and dynamic contexts, impeding precise vulnerability detection. This constraint becomes more evident as execution environments diversify.To address these limitations, this paper introduces DroidSecTester, a novel toolchain for testing Android application security by focusing on context-driven vulnerability modeling. Our innovation lies in developing three Domain Specific Languages (DSLs): Context Definition Language (CDL), Context-Driven Modelling Language (CDML), and Vulnerability Pattern (VPat) for Model-Based Security Testing (MBST). Collectively, these DSLs provide a framework for security assessment by embracing both static and dynamic contexts intrinsic to smartphone environments.Our work resulted in VPatChecker, a tool designed to identify vulnerabilities and generate abstract exploits. Merging application and context models with a vulnerability pattern library — dynamic and expandable to accommodate new Common Vulnerability and Exposure (CVE) entries — the tool offers limitless extensibility. We evaluated the tool on the GHERA benchmark and found that at least 38% of the vulnerabilities in the benchmark can be modelled and detected. This work underscores the pivotal role of context in Android security testing and presents a solution for vulnerability identification through the integration of MBST and DSLs