More projects by:

Hamid Bagheri
Joshua Garcia
Sam Malek

More projects in categories:

Security
Android
Analysis

COVERT: Compositional Analysis of Android Inter-Application Vulnerabilities

Principal Investigators: 
Hamid Bagheri
Sam Malek
Joshua Garcia
Project Dates: 
September 2014
For more information: 
https://www.ics.uci.edu/~seal/projects/covert/
Research Area(s): 
Security
Android
Analysis
Researchers and Staff: 
Alireza Sadeghi
Reyhaneh Jabbarvand
Project Description: 

COVERT is a tool for compositional verification of Android inter-application vulnerabilities. It automatically identifies vulnerabilities that occur due to the interaction of apps comprising a system. Subsequently, it determines whether it is safe for a bundle of apps, requiring certain permissions and potentially interacting with each other, to be installed together.

COVERT consists of two components: (1) Model Extractor that uses static code analysis techniques to elicit formal specifications (models) of the apps comprising a system as well as the phone configuration; and (2) Formal Analyzer that is intended to use lightweight formal analysis techniques to verify certain properties (e.g., known security vulnerability patterns) in the extracted specifications.