Abstract
Mobile malwares (especially spyware) target heavily Android operating system. Data is leaked if it exists a sensitive data flow (Data propagation from sensitive source to critical sink). Usually, a sensitive data flow is executed by a chain of actions. In most cases, sensitive data flows are begun and finished in the same application. However, there exist cases where these flows can pass to multi-applications by using inter-application communication. Standalone application analysis can not detect such data flows. Static analysis faces limitations when malware code is obfuscated. Besides, certain actions only take place when receiving input from user. It means that the information related to sensitive data flows is depended on the input data. Which is not available at analysis time when using static analysis technique. In this study, we propose uitHyDroid system that allows to detect sensitive data leakage via multi-applications by using hybrid analysis. uitHyDroid uses static analysis to collect sensitive data flows in each application. Meanwhile, dynamic analysis is used to capture inter-application communications. In this study, to evaluate our approach, we use the extended of DroidBench dataset and applications downloaded from GooglePlay. The experimental results show that almost of sensitive data leakages in the first dataset are correctly detected. Beside that, the proposed system detects several malwares in real-world applications.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Symantec: Internet Security Threat Report, vol. 21, April 2016. https://www.symantec.com/content/dam/symantec/docs/reports/istr-21-2016-en.pdf
Corporation, I.D. (2015). http://www.idc.com/prodserv/smartphone-os-market-share.jsp
Semantec: 2015 Internet Security Threat Report, vol. 20 (2015). http://www.symantec.com/security_response/publications/threatreport.jsp. Accessed May 2015
Li, L., et al.: IccTA: detecting inter-component privacy leaks in android apps. In: The 37th International Conference on Software Engineering (ICSE), Firenze, Italy (2015)
Klieber, W., et al.: Android taint flow analysis for app sets. In: Proceedings of the 3rd ACM SIGPLAN International Workshop on the State of the Art in Java Program Analysis, pp. 1–6. ACM, Edinburgh, United Kingdom (2014)
Li, L., Bartel, A., Bissyandé, Tegawendé, F., Klein, J., Traon, Y.L.: ApkCombiner: combining multiple android apps to support inter-app analysis. In: Federrath, H., Gollmann, D. (eds.) SEC 2015. IAICT, vol. 455, pp. 513–527. Springer, Heidelberg (2015). doi:10.1007/978-3-319-18467-8_34
Cam, N.T., Hau, P., Nguyen, T.: Android security analysis based on inter-application relationships. In: Kim, K.J., Joukov, N. (eds.) Information Science and Applications (ICISA) 2016. LNEE, vol. 376, pp. 689–700. Springer, Heidelberg (2016). doi:10.1007/978-981-10-0557-2_68
Enck, W., et al.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, pp. 1–6. USENIX Association, Vancouver, BC, Canada (2010)
Shabtai, A., et al.: “Andromaly”: a behavioral malware detection framework for android devices. J. Intell. Inf. Syst. 38(1), 161–190 (2012)
Zheng, C., et al.: SmartDroid: an automatic system for revealing UI-based trigger conditions in android applications. In: Proceedings of the Second ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 93–104. ACM, Raleigh, North Carolina, USA (2012)
Sasnauskas, R., Regehr, J.: Intent fuzzer: crafting intents of death. In: Proceedings of the 2014 Joint International Workshop on Dynamic Analysis (WODA) and Software and System Performance Testing, Debugging, and Analytics (PERTEA), pp. 1–5. ACM, San Jose, CA, USA (2014)
UI/Application Exerciser Monkey (2016). http://developer.android.com/tools/help/monkey.html
Machiry, A., Tahiliani, R., Naik, M.: Dynodroid: an input generation system for Android apps. In: Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering, pp. 224–234. ACM, Saint Petersburg, Russia (2013)
Azim, T., Neamtiu, I.: Targeted and depth-first exploration for systematic testing of android apps. SIGPLAN Not. 48(10), 641–660 (2013)
Arzt, S., et al.: FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps. In: Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, pp. 259–269. ACM, Edinburgh, United Kingdom (2014)
Fuchs, A.P., Chaudhuri, A., Foster, J.S.: Scandroid: automated security certification of android (2009)
Spride, E.: DroidBench – Benchmarks. (2016). http://sseblog.ec-spride.de/tools/droidbench/. Accessed 10 March 2016
Android.com. https://developer.android.com/guide/components/fundamentals.html. Accessed 5 May 2016
Rasthofer, S., Arzt, S., Bodden, E.: A machine-learning approach for classifying and categorizing android sources and sinks (2014)
ApkTool (2015). https://github.com/iBotPeaches/Apktool
Selendroid: Selendroid: Selenium for android (2016). http://selendroid.io. Accessed 2016
Xposed framework (2016). http://repo.xposed.info/module/de.robv.android.xposed.installer. Accessed 5 July 2016
Acknowledgments
This research is funded by Vietnam National University HoChiMinh City (VNU-HCM) under grant number B2016-26-01.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Cam, N.T., Pham, VH., Nguyen, T. (2017). Detect Sensitive Data Leakage via Inter-application on Android by Using Static Analysis and Dynamic Analysis. In: Kim, K., Joukov, N. (eds) Information Science and Applications 2017. ICISA 2017. Lecture Notes in Electrical Engineering, vol 424. Springer, Singapore. https://doi.org/10.1007/978-981-10-4154-9_35
Download citation
DOI: https://doi.org/10.1007/978-981-10-4154-9_35
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-4153-2
Online ISBN: 978-981-10-4154-9
eBook Packages: EngineeringEngineering (R0)