TUM Logo

Dynamic Identification of Sources and Sinks for Data Flow Analysis on iOS Devices

Dynamic Identification of Sources and Sinks for Data Flow Analysis on iOS Devices

Supervisor(s): Alexander Küchler
Status: finished
Topic: Others
Author: Yvonne Rieck
Submission: 2022-03-15
Type of Thesis: Bachelorthesis
Thesis topic in co-operation with the Fraunhofer Institute for Applied and Integrated Security AISEC, Garching

Description

Mobile devices are an important part of daily life while collecting and 
storing a lot of privacy-related data. Static and dynamic analysis tools
enable detecting privacy violations of sensitive user data, on platforms like 
iOS or Android. Understanding data sources and sinks in a mobile application 
is an integral part of data flow analysis used by such tools. Most dynamic data 
flow analysis tools manually categorize runtime methods before analysis, which
requires a lot of time, and, in the case of private iOS frameworks, introduces 
inaccuracies since methods are not publicly available.
To reduce the need for previously categorizing iOS runtime functions, this thesis 
presents an approach that shifts the focus to a set of classes whose instances are 
integral to privacy-related iOS APIs.
coiFish, the tool presented in this thesis, cycles through observing different methods 
to find occurrences of these classes of interest and by doing so dynamically identifies 
data sources and sinks in an Objetive-C based iOS application. Additionally, data entering 
or leaving an application’s context through sources and sinks is stored, and incoming and 
outgoing network requests are logged to potentially match them to observed objects in the app.
Using coiFish, four open source applications were tested and evaluated regarding false
positives and negatives, as well as which tool-specific limitations caused analysis errors.