An Offloaded Dynamic Taint Analysis Approach for Privacy Leakage Detection on Android Hui Xu 1
Motivation: Contact List SMS Call Log Browser History AccountLocation 2
Adversary Model & State-of-the-art Work Adversary Model: Official applications may read sensitive data stored on phones, and transmit such information via network. TaintDroid, Published in USENIX 2011 Usability Issue: need OS recompilation ReadSend Memory1 Sensitive Data Program Trace Data Memory2 [Program Trace, Memory Access] => Data Leakage 3
Smartphone Behavior Profiler Our Approach: Overall Architecture Android Emulator Signature DB Applications Signatures Taint Module Behavior Profiler Detector Server Automated Testing Tool Analyzer 4
Leakage Instances Two sets of apps: Set I: Apps causing no leakage => Red Table. Set II: Apps causing leakage => Black Table Data metric Applications may leak different data (e.g., some leak contact list, some leak IMEI) sensitive data should be considered separately SituationReadSendLeakage INo IIYesNo IIIYes IVYesPerhapsYes 5