Droid Intent Data Flow Analysis for Information Leakage (DidFail) is an analysis method that is designed to identify and expose potential data leaks within Android applications. This methodology eventually helps developers learn about secure coding practices, eventually helping them to produce robust mobile applications that are tougher to crack. More and more leading organizations worldwide are introducing DidFail into their environments to enhance mobile application security.
DidFail utilizes the functions of two separate processes:
- FlowDroid: detects intra-component data flows.
- Epicc: detects action strings and other properties of intents.
- Data flows from each individual application are identified and the conditions which enable these data flows are determined.
- The results are then enumerated in order to pinpoint malicious code, coding errors and vulnerabilities within the applications.