Meetup Vulnerabilities: Escalation of Privilege and Redirection of Funds

Droid Intent Data Flow Analysis for Information Leakage (DidFail)

Droid Intent Data Flow Analysis for Information Leakage (DidFail) is an analysis method that is designed to identify and expose potential data leaks within Android applications. This methodology eventually helps developers learn about secure coding practices, eventually helping them to produce robust mobile applications that are tougher to crack. More and more leading organizations worldwide are introducing DidFail into their environments to enhance mobile application security.

DidFail utilizes the functions of two separate processes:

  • FlowDroid: detects intra-component data flows.
  • Epicc: detects action strings and other properties of intents.

The combination of these two processes allows developers to track both intra-component and inter-component information flow within the specified Android applications.

The DidFail analysis process

The DidFail analysis process can be broken down into two stages.

  • Data flows from each individual application are identified and the conditions which enable these data flows are determined.
  • The results are then enumerated in order to pinpoint malicious code, coding errors and vulnerabilities within the applications.

DidFail is available for download in either source code or binary. For more information about the analysis process, please see the SOAP 2014 workshop, Android Taint Flow Analysis for App Sets, and the Precise Static Analysis of Taint Flow for Android Application Sets.

Jump to Category