ABSTRACT
Android phones often carry personal information, attracting malicious developers to embed code in Android applications to steal sensitive data. With known techniques in the literature, one may easily determine if sensitive data is being transmitted out of an Android phone. However, transmission of sensitive data in itself does not necessarily indicate privacy leakage; a better indicator may be whether the transmission is by user intention or not. When transmission is not intended by the user, it is more likely a privacy leakage. The problem is how to determine if transmission is user intended. As a first solution in this space, we present a new analysis framework called AppIntent. For each data transmission, AppIntent can efficiently provide a sequence of GUI manipulations corresponding to the sequence of events that lead to the data transmission, thus helping an analyst to determine if the data transmission is user intended or not. The basic idea is to use symbolic execution to generate the aforementioned event sequence, but straightforward symbolic execution proves to be too time-consuming to be practical. A major innovation in AppIntent is to leverage the unique Android execution model to reduce the search space without sacrificing code coverage. We also present an evaluation of AppIntent with a set of 750 malicious apps, as well as 1,000 top free apps from Google Play. The results show that AppIntent can effectively help separate the apps that truly leak user privacy from those that do not.
- Android instrumentationtestrunner. http://developer.android.com/reference/android/test/InstrumentationTestRunner.html.Google Scholar
- Android intent. http://developer.android.com-/reference/android/content/Intent.html.Google Scholar
- anzhuoduanxin. http://dx.91.com/.Google Scholar
- Appintent demo: Anzhuoduanxin. http://www.youtube.com/watch?v=RRqWQk4ztmI.Google Scholar
- Appintent demo: Tapsnake. http://www.youtube.com/watch?v=L4IvXzpYqzw.Google Scholar
- Choco data constraint solver. http://www.emn.fr/z-info/choco-solver/.Google Scholar
- Google map. http://www.google.com/mobile/maps/.Google Scholar
- soot analysis framework. http://www.sable.mcgill.ca/soot/.Google Scholar
- S. Anand, M. Naik, H. Yang, and M. J. Harrold. Automated concolic testing of smartphone apps. In Proc. FSE, 2012. Google ScholarDigital Library
- S. Anand, C. S. Pasareanu, and W. Visser. Jpf-se: A symbolic execution extension to java pathfinder. In TACAS 2007, pages 134--138, 2007. Google ScholarDigital Library
- D. Babic, L. Martignoni, S. McCamant, and D. Song. Statically-directed dynamic automated test generation. In Proc. ISSTA, pages 12--22, 2011. Google ScholarDigital Library
- A. Bartel, J. Klein, Y. Le Traon, and M. Monperrus. Dexpler: converting android dalvik bytecode to jimple for static analysis with soot. In Proc. SOAP, 2012. Google ScholarDigital Library
- P. Bisht, T. Hinrichs, N. Skrupsky, and V. N. Venkatakrishnan. Waptec: whitebox analysis of web applications for parameter tampering exploit construction. In CCS, pages 575--586, 2011. Google ScholarDigital Library
- P. Boonstoppel, C. Cadar, and D. R. Engler. Rwset: Attacking path explosion in constraint-based test generation. In TACAS, 2008. Google ScholarDigital Library
- D. Brumley, J. Newsome, D. Song, H. Wang, and S. Jha. Towards automatic generation of vulnerability signatures. In IEEE Symposium on Security and Privacy, 2006. Google ScholarDigital Library
- C. Cadar, D. Dunbar, and D. R. Engler. Klee: Unassisted and automatic generation of high-coverage tests for complex systems programs. In OSDI, pages 209--224, 2008. Google ScholarDigital Library
- C. Cadar, V. Ganesh, P. M. Pawlowski, D. L. Dill, and D. R. Engler. Exe: automatically generating inputs of death. In CCS, pages 322--335, 2006. Google ScholarDigital Library
- K. Z. Chen, N. Johnson, V. D'Silva, S. Dai, K. MacNamara, T. Magrino, E. X. Wu, M. Rinard, and D. Song. Contextual policy enforcement in android applications with permission event graphs. In Proc. NDSS, 2013.Google Scholar
- C. Y. Cho, D. Babic, P. Poosankam, K. Z. Chen, D. Song, and E. X. Wu. Mace: Model-inference-assisted concolic exploration for protocol and vulnerability discovery. In USENIX Security, 2011. Google ScholarDigital Library
- M. Costa, M. Castro, L. Zhou, L. Zhang, and M. Peinado. Bouncer: securing software by blocking bad input. In SOSP, pages 117--130, 2007. Google ScholarDigital Library
- M. Egele, C. Kruegel, E. Kirda, and G. Vigna. Pios: Detecting privacy leaks in ios applications. In NDSS, 2011.Google Scholar
- W. Enck, P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In OSDI, pages 1--6, 2010. Google ScholarDigital Library
- W. Enck, D. Octeau, P. McDaniel, and S. Chaudhuri. A Study of Android Application Security. In USENIX Security, 2011. Google ScholarDigital Library
- S. R. Ganov, C. Killmar, S. Khurshid, and D. E. Perry. Test generation for graphical user interfaces based on symbolic execution. In AST, pages 33--40, 2008. Google ScholarDigital Library
- S. R. Ganov, C. Killmar, S. Khurshid, and D. E. Perry. Event listener analysis and symbolic execution for testing gui applications. In ICFEM, 2009. Google ScholarDigital Library
- P. Gilbert, B.-G. Chun, L. P. Cox, and J. Jung. Vision: automated security validation of mobile apps at app markets. In Proc. MCS), 2011. Google ScholarDigital Library
- P. Godefroid. Compositional dynamic test generation. In POPL, pages 47--54, 2007. Google ScholarDigital Library
- P. Godefroid, N. Klarlund, and K. Sen. Dart: directed automated random testing. In PLDI, pages 213--223, 2005. Google ScholarDigital Library
- M. C. Grace, W. Zhou, X. Jiang, and A.-R. Sadeghi. Unsafe exposure analysis of mobile in-app advertisements. In WiSec, 2012. Google ScholarDigital Library
- P. Hornyack, S. Han, J. Jung, S. Schechter, and D. Wetherall. These aren't the droids you're looking for: retrofitting android to protect data from imperious applications. In CCS, pages 639--652, 2011. Google ScholarDigital Library
- A. Kieyzun, P. J. Guo, K. Jayaraman, and M. D. Ernst. Automatic creation of sql injection and cross-site scripting attacks. In ICSE, pages 199--209, 2009. Google ScholarDigital Library
- L. Lu, V. Yegneswaran, P. Porras, and W. Lee. Blade: an attack-agnostic approach for preventing drive-by malware infections. In Proc. CCS, pages 440--450, 2010. Google ScholarDigital Library
- K.-K. Ma, K. Y. Phang, J. S. Foster, and M. Hicks. Directed symbolic execution. In Proc. SAS, 2011. Google ScholarDigital Library
- D. Molnar, X. C. Li, and D. A. Wagner. Dynamic test generation to find integer bugs in x86 binary linux programs. In USENIX Security, pages 67--82, 2009. Google ScholarDigital Library
- G. Patrice, Y. L. Michael, and A. M. David. Automated whitebox fuzz testing. In NDSS, 2008.Google Scholar
- N. Rungta, E. G. Mercer, and W. Visser. Efficient testing of concurrent programs with abstraction-guided symbolic execution. In Proc. SPIN, 2009. Google ScholarDigital Library
- R. Santelices and M. J. Harrold. Exploiting program dependencies for scalable multiple-path symbolic execution. In Proc. ISSTA, 2010. Google ScholarDigital Library
- P. Saxena, D. Akhawe, S. Hanna, F. Mao, S. McCamant, and D. Song. A symbolic execution framework for javascript. Security and Privacy, IEEE Symposium on, 0:513--528, 2010. Google ScholarDigital Library
- K. Sen, D. Marinov, and G. Agha. Cute: a concolic unit testing engine for c. In ESEC/SIGSOFT FSE, pages 263--272, 2005. Google ScholarDigital Library
- O. Tripp, M. Pistoia, S. J. Fink, M. Sridharan, and O. Weisman. Taj: effective taint analysis of web applications. In PLDI, pages 87--97, 2009. Google ScholarDigital Library
- N. Vachharajani, M. J. Bridges, J. Chang, R. Rangan, G. Ottoni, J. A. Blome, G. A. Reis, M. Vachharajani, and D. I. August. Rifle: An architectural framework for user-centric information-flow security. In MICRO, pages 243--254, 2004. Google ScholarDigital Library
- T. Wang, T. Wei, Z. Lin, and W. Zou. Intscope: Automatically detecting integer overflow vulnerability in x86 binary using symbolic execution. In NDSS, 2009.Google Scholar
- T. Xie, N. Tillmann, P. de Halleux, and W. Schulte. Fitness-guided path exploration in dynamic symbolic execution. In Proc. DSN, 2009.Google ScholarCross Ref
- Y. Zhang, M. Yang, B. Xu, Z. Yang, G. Gu, P. Ning, X. Wang, and B. Zang. Vetting undesirable behaviors in android apps with permission use analysis. In CCS, 2013. Google ScholarDigital Library
- C. Zheng, S. Zhu, S. Dai, G. Gu, X. Gong, and W. Zou. Smartdroid: An automatic system for revealing ui-based trigger conditions in android applications. In Proc. SPSM, October 2012. Google ScholarDigital Library
- Y. Zhou and X. Jiang. Dissecting android malware: Characterization and evolution. In IEEE Symposium on Security and Privacy, 2012. Google ScholarDigital Library
Index Terms
- AppIntent: analyzing sensitive data transmission in android for privacy leakage detection
Recommendations
SymFinder: Privacy Leakage Detection using Symbolic Execution on Android Devices
ICINS '16: Proceedings of the 4th International Conference on Information and Network SecurityAndroid system has a large number of users and application markets, but its security situation is worrying. Unlike most of the PC apps, Android apps manipulates private information such as contacts and SMS messages, and leakage of such information may ...
DroidJust: automated functionality-aware privacy leakage analysis for Android applications
WiSec '15: Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile NetworksAndroid applications (apps for short) can send out users' sensitive information against users' intention. Based on the stats from Genome and Mobile-Sandboxing, 55.8% and 59.7% Android malware families feature privacy leakage. Prior approaches to ...
AntMonitor: Network Traffic Monitoring and Real-Time Prevention of Privacy Leaks in Mobile Devices
S3 '15: Proceedings of the 2015 Workshop on Wireless of the Students, by the Students, & for the StudentsMobile devices play an essential role in the Internet today, and there is an increasing interest in using them as a vantage point for network measurement from the edge. At the same time, these devices store personal, sensitive information, and there is ...
Comments