Abstract
Today’s Smartphone operating systems frequently fail to provide users with adequate control and visibility into how the third-party applications use their private data. With TaintDroid realized on Android system, we can detect user’s implicit taint and privacy leakage. But TaintDroid has some inherent defects. To better detect user’s implicit taint and privacy leakage in the Android platform, this paper analyzes implicit taint detection and then proposes an automated detection system based on dynamic taint tracking, called TaintChaser. Monitoring sensitive data with TaintChaser provides informed use of third-party applications for phone users and valuable input for smart-phone security service firms seeking to identify misbehaving applications. TaintChaser can detect behaviors of user’s data leakage in Android applications at a fine granularity level and the system can also analyze and test massive Android software in an automatic way. It uses TaintChaser to automatically analyze 38,268 popular Android applications and finds that 34.41 % of them may leak user’s privacy.
Highlights
In recent years, the Android system spread very quickly and became the most popular Smartphone system
For dynamic taint tracking, when carrying on the Java Native Interface (JNI) call, the code would transfer from the Java layer to the C/C++ layer, it will affect the normal tracking of tainted data which needs to appropriate process to C/C++ library involved
3.1 TaintDroid on Android Figure 1 shows an overview of TaintDroid architecture, so that we can better understand dynamic taint tracking technology
Summary
The Android system spread very quickly and became the most popular Smartphone system. According to the IDC report at the end of the third quarter of 2015, the Android operating system has accounted for 53.54 % of the global intelligent mobile phone market. It indicates an increase of 6.53 % compared to the same period in 2014 [1, 2]. With the increasing popularity of the Android system, user data privacy in mobile phones (e.g. mail list, personal information, email, etc.) has become a prominent problem. Since the number of test samples is few and new Android applications are rapidly increasing, these studies cannot fully reflect the real situation of applications of privacy information leakage in Android electronic markets. This paper puts forward and realizes an automated privacy leak detection tool which can automatically detect the mainstream of domestic electronic market in large scale
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: EURASIP Journal on Wireless Communications and Networking
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
