Download presentation
Presentation is loading. Please wait.
Published byRodney Flynn Modified over 8 years ago
1
An Offloaded Dynamic Taint Analysis Approach for Privacy Leakage Detection on Android Hui Xu 1
2
Motivation: Contact List SMS Call Log Browser History AccountLocation 2
3
Adversary Model & State-of-the-art Work Adversary Model: Official applications may read sensitive data stored on phones, and transmit such information via network. TaintDroid, Published in USENIX 2011 Usability Issue: need OS recompilation ReadSend Memory1 Sensitive Data Program Trace Data Memory2 [Program Trace, Memory Access] => Data Leakage 3
4
Smartphone Behavior Profiler Our Approach: Overall Architecture Android Emulator Signature DB Applications Signatures Taint Module Behavior Profiler Detector Server Automated Testing Tool Analyzer 4
5
Leakage Instances Two sets of apps: Set I: Apps causing no leakage => Red Table. Set II: Apps causing leakage => Black Table Data metric Applications may leak different data (e.g., some leak contact list, some leak IMEI) sensitive data should be considered separately SituationReadSendLeakage INo IIYesNo IIIYes IVYesPerhapsYes 5
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.