Please note: This master’s research paper presentation will take place in DC 2314.
Adeola Tijani, Master’s candidate
David R. Cheriton School of Computer Science
Supervisor: Professor Yousra Aafer
The Android framework enforces access control through various conditional checks. However, these checks are inconsistently applied, especially across customized vendor frameworks. AceDroid was developed to detect and normalize these diverse access control checks into a canonical form to identify security inconsistencies. In this work, we replicate AceDroid’s key findings, implement path-sensitive analysis based on interprocedural control flow graphs (ICFGs), and enhance the normalization logic to capture both explicit and implicit security checks. Our experiments confirm AceDroid’s insights while proposing improvements in data dependency modeling and compound condition detection. We successfully replicate canonical security conditions across several Android system methods and offer a critical assessment of equivalence check modeling. This paper serves as a reproducibility and enhancement effort of AceDroid, contributing new findings on check modeling fidelity and performance tuning.