Author(s):
- Rastogi, Vaibhav
- Qu, Zhengyang
- McClurg, Jedidiah
- Cao, Yinzhi
- Chen, Yan
Abstract:
Mobile devices are becoming increasingly popular. One reason for their popularity is the availability of a wide range of third-party applications, which enrich the environment and increase usability. There are however privacy concerns centered around these applications – users do not know what private data is leaked by the applications. Previous works to detect privacy leakages are either not accurate enough or require operating system changes, which may not be possible due to users’ lack of skills or locked devices. We present Uranine (Uranine is a dye, which finds applications as a flow tracer in medicine and environmental studies.), a system that instruments Android applications to detect privacy leakages in real-time. Uranine does not require any platform modification nor does it need the application source code. We designed several mechanisms to overcome the challenges of tracking information flow across framework code, handling callback functions, and expressing all information-flow tracking at the bytecode level. Our evaluation of Uranine shows that it is accurate at detecting privacy leaks and has acceptable performance overhead.
Document:
https://doi.org/10.1007/978-3-319-28865-9_14
References:
- Apktool. Android-apktool: A tool for reengineering Android apk files. http://code.google.com/p/android-apktool/
- 2.Arzt, S., Rasthofer, S., Fritz, C., Bodden, E., Bartel, A., Klein, J., Le Traon, Y., Octeau, D., McDaniel, P.: Flowdroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. In: ACM PLDI (2014)Google Scholar
- 3.Balebako, R., Jung, J., Lu, W., Cranor, L.F., Nguyen, C.: Little brothers watching you: raising awareness of data leaks on smartphones. In: Proceedings of the Ninth Symposium on Usable Privacy and Security, p. 12. ACM (2013)Google Scholar
- 4.Bell, J., Kaiser, G.E.: Phosphor: illuminating dynamic data flow in the jvm. In: OOPSLA (2014)Google Scholar
- 5.Beresford, A., Rice, A., Skehin, N., Sohan, R.: Mockdroid: trading privacy for application functionality on smartphones. In: HotMobile (2011)Google Scholar
- 6.Blackburn, S.M., Garner, R., Hoffmann, C., Khang, A.M., McKinley, K.S., Bentzur, R., Diwan, A., Feinberg, D. Frampton, S.Z., Guyer, et al. :The dacapo benchmarks: Java benchmarking development and analysis. In: ACM Sigplan Notices, vol. 41, pp. 169–190. ACM (2006)Google Scholar
- 7.Cao, Y., Fratantonio, Y., Bianchi, A., Egele, M., Kruegel, C., Vigna, G., Chen, Y.: Edgeminer: automatically detecting implicit control flow transitions through the android framework. In: Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS) (2015)Google Scholar
- 8.Chandra, D., Franz, M.: Fine-grained information flow analysis and enforcement in a java virtual machine. In: ACSAC (2007)Google Scholar
- 9.Davis, B., Chen, H.: Retroskeleton: retrofitting android apps. In: Mobisys (2013)Google Scholar
- 10.Egele, M., Kruegel, C., Kirda, E., Yin, H., Song, D.: Dynamic spyware analysis. In: Usenix ATC (2007)Google Scholar
- 11.Egele, M., Kruegel, C., Kirda, E., Vigna, G.: Pios: detecting privacy leaks in ios applications. In: NDSS (2011)Google Scholar
- 12.Enck, W., Ongtang, M., McDaniel, P.: On lightweight mobile phone application certification. In: ACSAC (2009)Google Scholar
- 13.Enck, W., Gilbert, P., Chun, B., Cox, L., Jung, J., McDaniel, P., Sheth, A.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: OSDI (2010)Google Scholar
- 14.Enck, W., Octeau, D., McDaniel, P., Chaudhuri, S.: A study of android application security. In: USENIX Security (2011)Google Scholar
- 15.Fuchs, A., Chaudhuri, A., Foster, J.: Scandroid: Automated security certification of android applications. Manuscript, Univ. of Maryland (2009). http://www.cs.umd.edu/~avik/projects/scandroidascaa
- 16.Gibler, C., Crussell, J., Erickson, J., Chen, H.: Androidleaks: automatically detecting potential privacy leaks in android applications on a large scale. In: Katzenbeisser, S., Weippl, E., Camp, L.J., Volkamer, M., Reiter, M., Zhang, X. (eds.) Trust 2012. LNCS, vol. 7344, pp. 291–307. Springer, Heidelberg (2012)CrossRefGoogle Scholar
- 17.Good. Mobile app containerization. http://www1.good.com/secure-mobility-solution/mobile-application-containerization
- 18.Haldar, V., Chandra, D., Franz, M.: Dynamic taint propagation for java. In: 21st Annual Computer Security Applications Conference (ACSAC). IEEE (2005)Google Scholar
- 19.Kang, M., McCamant, S., Poosankam, P., Song, D.: Dta++: dynamic taint analysis with targeted control-flow propagation. In: Proc. of NDSS (2011)Google Scholar
- 20.Lin, J., Amini, S., Hong, J.I., Sadeh, N., Lindqvist, J., Zhang, J.: Expectation and purpose: understanding users’ mental models of mobile app privacy through crowdsourcing. In: Proceedings of the 2012 ACM Conference on Ubiquitous Computing, pp. 501–510. ACM (2012)Google Scholar
- 21.Lu, L., Li, Z., Wu, Z., Lee, W., Jiang, G.: CHEX: statically vetting android apps for component hijacking vulnerabilities. In: ACM CCS (2012)Google Scholar
- 22.MobileIron. Appconnect. http://www.mobileiron.com/en/products/appconnect
- 23.Nauman, M., Khan, S., Zhang, X.: Apex: extending android permission model and enforcement with user-defined runtime constraints. In: ASIACCS (2010)Google Scholar
- 24.Newsome, J., Song, D.: Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In: NDSS (2005)Google Scholar
- 25.Qin, F., Wang, C., Li, Z., Kim, H., Zhou, Y., Wu, Y.: Lift: a low-overhead practical information flow tracking system for detecting security attacks. In: IEEE MICRO (2006)Google Scholar
- 26.Rastogi, V., Chen, Y., Enck, W.: AppsPlayground: automatic security analysis of smartphone applications. In: Proceedings of ACM CODASPY (2013)Google Scholar
- 27.Rosen, S., Qian, Z., Mao, Z.M.: Appprofiler: a flexible method of exposing privacy-related behavior in android applications to end users. In: Proceedings of the Third ACM Conference on Data and Application Security and Privacy, pp. 221–232. ACM (2013)Google Scholar
- 28.Saxena, P., Sekar, R., Puranik, V.: Efficient fine-grained binary instrumentationwith applications to taint-tracking. In: IEEE/ACM CGO (2008)Google Scholar
- 29.Schlegel, R., Zhang, K., Zhou, X.-Y., Intwala, M., Kapadia, A., Wang, X.: Soundcomber: a stealthy and context-aware sound trojan for smartphones. In: NDSS, vol. 11, pp. 17–33 (2011)Google Scholar
- 30.Schwartz, E., Avgerinos, T., Brumley, D.: All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask). In: IEEE SP (2010)Google Scholar
- 31.Sharif, M., Lanzi, A., Giffin, J., Lee, W.: Automatic reverse engineering of malware emulators. In: 2009 30th IEEE Symposium on Security and Privacy (2009)Google Scholar
- 32.smali. Smali: An assembler/disassembler for Android’s dex format. http://code.google.com/p/smali/
- 33.Suh, G., Lee, J., Zhang, D., Devadas, S.: Secure program execution via dynamic information flow tracking. In: ACM SIGPLAN Notices, vol. 39, pp. 85–96 (2004)Google Scholar
- 34.Xia, M., Gong, L., Lyu, Y., Qi, Z., Liu, X.: Effective real-time android application auditing. In: IEEE S&P (2015)Google Scholar
- 35.Xu, R., Saıdi, H., Anderson, R.: Aurasium: practical policy enforcement for android applications. In: Proceedings of the 21st USENIX conference on Security (2012)Google Scholar
- 36.Xu, W., Bhatkar, S., Sekar, R.: Taint-enhanced policy enforcement: a practical approach to defeat a wide range of attacks. In: USENIX Security (2006)Google Scholar
- 37.Yin, H., Song, D., Egele, M., Kruegel, C., Kirda, E.: Panorama: capturing system-wide information flow for malware detection and analysis. In: ACM CCS (2007)Google Scholar
- 38.Zhang, M., Yin, H.: Appsealer: automatic generation of vulnerability-specific patches for preventing component hijacking attacks in android applications. In: NDSS (2014)Google Scholar
- 39.Zhang, M., Yin, H.: Efficient, context-aware privacy leakage confinement for android applications without firmware modding. In: ASIACCS (2014)Google Scholar
- 40.Zhou, Y., Zhang, X., Jiang, X., Freeh, V.W.: Taming information-stealing smartphone applications (on android). In: McCune, J.M., Balacheff, B., Perrig, A., Sadeghi, A.-R., Sasse, A., Beres, Y. (eds.) Trust 2011. LNCS, vol. 6740, pp. 93–107. Springer, Heidelberg (2011)CrossRefGoogle Scholar
- 41.Zhu, D., Jung, J., Song, D., Kohno, T., Wetherall, D.: Tainteraser: protecting sensitive data leaks using application-level taint tracking. ACM SIGOPS Operating Systems Review 45(1), 142–154 (2011)CrossRefGoogle Scholar