Detect Sensitive Data Leakage via Inter-application on Android by Using Static Analysis and Dynamic Analysis

Cam, Nguyen Tan; Pham, Van-Hau; Nguyen, Tuan

doi:10.1007/978-981-10-4154-9_35

Nguyen Tan Cam³,
Van-Hau Pham⁴ &
Tuan Nguyen⁴

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 424))

Included in the following conference series:

International Conference on Information Science and Applications

2843 Accesses

Abstract

Mobile malwares (especially spyware) target heavily Android operating system. Data is leaked if it exists a sensitive data flow (Data propagation from sensitive source to critical sink). Usually, a sensitive data flow is executed by a chain of actions. In most cases, sensitive data flows are begun and finished in the same application. However, there exist cases where these flows can pass to multi-applications by using inter-application communication. Standalone application analysis can not detect such data flows. Static analysis faces limitations when malware code is obfuscated. Besides, certain actions only take place when receiving input from user. It means that the information related to sensitive data flows is depended on the input data. Which is not available at analysis time when using static analysis technique. In this study, we propose uitHyDroid system that allows to detect sensitive data leakage via multi-applications by using hybrid analysis. uitHyDroid uses static analysis to collect sensitive data flows in each application. Meanwhile, dynamic analysis is used to capture inter-application communications. In this study, to evaluate our approach, we use the extended of DroidBench dataset and applications downloaded from GooglePlay. The experimental results show that almost of sensitive data leakages in the first dataset are correctly detected. Beside that, the proposed system detects several malwares in real-world applications.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 259.00; Price excludes VAT (USA)

Softcover Book: USD 329.99; Price excludes VAT (USA)

Hardcover Book: USD 329.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

Symantec: Internet Security Threat Report, vol. 21, April 2016. https://www.symantec.com/content/dam/symantec/docs/reports/istr-21-2016-en.pdf
Corporation, I.D. (2015). http://www.idc.com/prodserv/smartphone-os-market-share.jsp
Semantec: 2015 Internet Security Threat Report, vol. 20 (2015). http://www.symantec.com/security_response/publications/threatreport.jsp. Accessed May 2015
Li, L., et al.: IccTA: detecting inter-component privacy leaks in android apps. In: The 37th International Conference on Software Engineering (ICSE), Firenze, Italy (2015)
Google Scholar
Klieber, W., et al.: Android taint flow analysis for app sets. In: Proceedings of the 3rd ACM SIGPLAN International Workshop on the State of the Art in Java Program Analysis, pp. 1–6. ACM, Edinburgh, United Kingdom (2014)
Google Scholar
Li, L., Bartel, A., Bissyandé, Tegawendé, F., Klein, J., Traon, Y.L.: ApkCombiner: combining multiple android apps to support inter-app analysis. In: Federrath, H., Gollmann, D. (eds.) SEC 2015. IAICT, vol. 455, pp. 513–527. Springer, Heidelberg (2015). doi:10.1007/978-3-319-18467-8_34
Chapter Google Scholar
Cam, N.T., Hau, P., Nguyen, T.: Android security analysis based on inter-application relationships. In: Kim, K.J., Joukov, N. (eds.) Information Science and Applications (ICISA) 2016. LNEE, vol. 376, pp. 689–700. Springer, Heidelberg (2016). doi:10.1007/978-981-10-0557-2_68
Chapter Google Scholar
Enck, W., et al.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, pp. 1–6. USENIX Association, Vancouver, BC, Canada (2010)
Google Scholar
Shabtai, A., et al.: “Andromaly”: a behavioral malware detection framework for android devices. J. Intell. Inf. Syst. 38(1), 161–190 (2012)
Article Google Scholar
Zheng, C., et al.: SmartDroid: an automatic system for revealing UI-based trigger conditions in android applications. In: Proceedings of the Second ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 93–104. ACM, Raleigh, North Carolina, USA (2012)
Google Scholar
Sasnauskas, R., Regehr, J.: Intent fuzzer: crafting intents of death. In: Proceedings of the 2014 Joint International Workshop on Dynamic Analysis (WODA) and Software and System Performance Testing, Debugging, and Analytics (PERTEA), pp. 1–5. ACM, San Jose, CA, USA (2014)
Google Scholar
UI/Application Exerciser Monkey (2016). http://developer.android.com/tools/help/monkey.html
Machiry, A., Tahiliani, R., Naik, M.: Dynodroid: an input generation system for Android apps. In: Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering, pp. 224–234. ACM, Saint Petersburg, Russia (2013)
Google Scholar
Azim, T., Neamtiu, I.: Targeted and depth-first exploration for systematic testing of android apps. SIGPLAN Not. 48(10), 641–660 (2013)
Article Google Scholar
Arzt, S., et al.: FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps. In: Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, pp. 259–269. ACM, Edinburgh, United Kingdom (2014)
Google Scholar
Fuchs, A.P., Chaudhuri, A., Foster, J.S.: Scandroid: automated security certification of android (2009)
Google Scholar
Spride, E.: DroidBench – Benchmarks. (2016). http://sseblog.ec-spride.de/tools/droidbench/. Accessed 10 March 2016
Android.com. https://developer.android.com/guide/components/fundamentals.html. Accessed 5 May 2016
Rasthofer, S., Arzt, S., Bodden, E.: A machine-learning approach for classifying and categorizing android sources and sinks (2014)
Google Scholar
ApkTool (2015). https://github.com/iBotPeaches/Apktool
Selendroid: Selendroid: Selenium for android (2016). http://selendroid.io. Accessed 2016
Xposed framework (2016). http://repo.xposed.info/module/de.robv.android.xposed.installer. Accessed 5 July 2016

Download references

Acknowledgments

This research is funded by Vietnam National University HoChiMinh City (VNU-HCM) under grant number B2016-26-01.

Author information

Authors and Affiliations

Faculty of Science and Technology, Hoa Sen University, Ho Chi Minh City, Vietnam
Nguyen Tan Cam
Faculty of Computer Network and Communications, University of Information Technology, Vietnam National University, Ho Chi Minh City, Vietnam
Van-Hau Pham & Tuan Nguyen

Authors

Nguyen Tan Cam
View author publications
You can also search for this author in PubMed Google Scholar
Van-Hau Pham
View author publications
You can also search for this author in PubMed Google Scholar
Tuan Nguyen
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Nguyen Tan Cam .

Editor information

Editors and Affiliations

Kyonggi University, Seongnam-si, Gyeonggi, Korea (Republic of)
Kuinam Kim
modelizeIT Inc., CEO and NYU , Stony Brook, New York, USA
Nikolai Joukov

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Cam, N.T., Pham, VH., Nguyen, T. (2017). Detect Sensitive Data Leakage via Inter-application on Android by Using Static Analysis and Dynamic Analysis. In: Kim, K., Joukov, N. (eds) Information Science and Applications 2017. ICISA 2017. Lecture Notes in Electrical Engineering, vol 424. Springer, Singapore. https://doi.org/10.1007/978-981-10-4154-9_35

Download citation

DOI: https://doi.org/10.1007/978-981-10-4154-9_35
Published: 18 March 2017
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-4153-2
Online ISBN: 978-981-10-4154-9
eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics