Project Details
Detecting Anomalies in Reactive Systems
Applicant
Professor Dr.-Ing. Andreas Zeller, Ph.D.
Subject Area
Software Engineering and Programming Languages
Security and Dependability, Operating-, Communication- and Distributed Systems
Security and Dependability, Operating-, Communication- and Distributed Systems
Term
from 2018 to 2022
Project identifier
Deutsche Forschungsgemeinschaft (DFG) - Project number 392215324
What is it that makes a program malicious? In this project, we investigate the hypothesis that a "malicious'' program is one that does not work as advertised. Our idea is to make use of large collections of programs, especially apps in app stores, and to learn associations between advertised and implemented behavior from them. As advertised behavior, we make use of natural language descriptions as presented in user interface elements; as implemented behavior, we check the functionality triggered by these UI elements. The result is a model of actions and reactions that characterizes "normal'' behavior; Given a new app, we can then check its model automatically whether the observed actions and reactions are "normal'' or not. We can thus highlight problems related to security (the implementation does not work as advertised) as well as usability (the description does not match the implementation). During execution, a sandbox detects "abnormal'' and explicitly disallowed sequences, and blocks the associated resource accesses and UI elements: "The 'Download' button is greyed out because it sends your address book to a server in Bezerkistan''.The project brings together expertise in program analysis, test generation, natural language processing, model inference, and model checking. It makes significant contributions in all these fields to achieve its overall goal of detecting and preventing abnormal behavior in reactive systems.
DFG Programme
Research Grants
International Connection
China
Partner Organisation
National Natural Science Foundation of China
Cooperation Partner
Professor Dr. Lijun Zhang