[Soot-list] Instrumenting and flow analysis

[claudio]

Hi all,

I am Claudio, PhD student working on Android security.

At the moment I am using Soot to instrument applications and then 
perform a flow analysis (using FlowDroid), comparing the result from the 
flow analysis performed on the original application and the instrumented 
one.


However, I have a very nasty problem: my instrumentation should not 
remove flows present in the original app, but should eventually add new 
ones. Unfortunately this is not the case and the analysis of my 
instrumented app results with some flows missing.

I spent a lot of time thinking that the problem could have been the way 
I instrument. However, this is not the case; indeed, if I only generate 
code but i DO NOT insert this code into the application, differences in 
flows are still found.

Basically what I do is: use soot to generate code, this code never gets 
added to the app. I take the original app and the generated (but 
unmodified) one, I perform the analysis and the nasty results show.


I thought it may be the fact that soot performs some optimizations that 
can mess with  FlowDroid, could be it the case? Also, can it be the case 
that the application is obfuscated and then create some trouble?

I tried to replicate the problem on my own application but I couldn't.


Please if someone can help with this, it would be appreciated!


Bests,

Claudio