Abstract
In this study, we present the uitHyDroid system, which allows the detection of sensitive data leakage via multi-applications using hybrid analysis. uitHyDroid uses static analysis to collect user interface elements that must interact to illuminate possible sensitive data flows. In addition, dynamic analysis is used to capture inter-application communications to link partial sensitive data flows from static analysis. This approach is faster than using only dynamic analysis. In this study, we use hooking technology to conduct dynamic analysis phase emulator modification. The experimental results show that the proposed system can detect most sensitive data leakages for both our dataset and real-world applications.
Similar content being viewed by others
References
Android.com: Application fundamentals. https://developer.android.com/guide/components/fundamentals.html
Arzt, S., Rasthofer, S., Fritz, C., Bodden, E., Bartel, A., Klein, J., Traon, Y.L., Octeau, D., McDaniel, P.: Flowdroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. ACM SIGPLAN Not. 49, 259–269 (2014)
Azim, T., Neamtiu, I.: Targeted and depth-first exploration for systematic testing of android apps. SIGPLAN Not. 48(10), 641–660 (2013)
Bagheri, H., Sadeghi, A., Garcia, J., Malek, S.: Covert: compositional analysis of android inter-app permission leakage. IEEE Trans. Softw. Eng. 41, 866–886 (2015)
Bla, X., Sing, T., Batyuk, L., Schmidt, A.D., Camtepe, S.A., Albayrak, S.: An android application sandbox system for suspicious software detection. In: 2010 5th International Conference on Malicious and Unwanted Software (MALWARE), pp. 55–62 (2010)
Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (2011)
Cam, N.T., Hau, P., Nguyen, T.: Android Security Analysis Based on Inter-application Relationships. Springer, Singapore (2016)
Chin, E., Felt, A.P., Greenwood, K., Wagner, D.: Analyzing inter-application communication in android. In: Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services (2011)
A.S.Developer: Ui/application exerciser monkey. http://developer.android.com/tools/help/monkey.html (2016)
A.T.Developer: Apktool. https://github.com/iBotPeaches/Apktool (2015)
E.Developers: Emma: a free java code coverage tool. http://emma.sourceforge.net/ (2017)
Dini, G., Martinelli, F., Saracino, A., Sgandurra, D.: Madam: a multi-level anomaly detector for android malware. In: International Conference on Mathematical Methods, Models, and Architectures for Computer Network Security (2012)
Enck, W., Gilbert, P., Chun, B.G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. 32, 5 (2010)
Enck, W., Ongtang, M., McDaniel, P.: On lightweight mobile phone application certification. In: Proceedings of the 16th ACM Conference on Computer and Communications Security (2009)
Fuchs, A.P., Chaudhuri, A., Foster, J.S.: Scandroid: automated security certification of android. Technical report, University of Maryland (2009)
Huang, C.Y., Tsai, Y.T., Hsu, C.H.: Performance Evaluation on Permission-Based Detection for Android Malware, Smart Innovation, Systems and Technologies. Book Section 12, vol. 21. Springer, Berlin (2013)
IDC: Smartphone OS market share, 2016 q3. http://www.idc.com/promo/smartphone-market-share/os (2016)
Jung, T.: Quickcheck for java. https://bitbucket.org/blob79/quickcheck
Klieber, W., Flynn, L., Bhosale, A., Jia, L., Bauer, L.: Android taint flow analysis for app sets. In: Proceedings of the 3rd ACM SIGPLAN International Workshop on the State of the Art in Java Program Analysis (2014)
Lantz: Droidbox. https://code.google.com/p/droidbox/ (2015)
Li, L., Bartel, A., Bissyande, T.F., Klein, J., Traon, Y.: ApkCombiner: Combining Multiple Android Apps to Support Inter-App Analysis, IFIP Advances in Information and Communication Technology. Book Section 34, vol. 455. Springer, Cham (2015)
Li, L., Bartel, A., Bissyande, T., Klein, J., Traon, Y.L., Arzt, S., Rasthofer, S., Bodden, E., Octeau, D., McDaniel, P.: Iccta: Detecting inter-component privacy leaks in android apps. In: Proceedings of the 37th International Conference on Software Engineering (2015)
Machiry, A., Tahiliani, R., Naik, M.: Dynodroid: an input generation system for android apps. In: Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering (2013)
Michael, S., Felix, F., Florian, E., Thomas, S., Johannes, H.: Mobile-sandbox: having a deeper look into android applications. In: Proceedings of the 28th Annual ACM Symposium on Applied Computing, pp. 1808–1815 (2013)
Milano, D.T.: Android view client. https://github.com/dtmilano/AndroidViewClient (2016)
Octeau, D., McDaniel, P., Jha, S., Bartel, A., Bodden, E., Klein, J., Traon, Y.L.: Effective inter-component communication mapping in android with epicc: an essential step towards holistic security analysis. In: Proceedings of the 22nd USENIX Conference on Security (2013)
Peng, H., Gates, C., Sarma, B., Li, N., Qi, Y., Potharaju, R., Nita-Rotaru, C., Molloy, I.: Using probabilistic generative models for ranking risks of android apps. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security (2012)
Portokalidis, G., Homburg, P., Anagnostakis, K., Bos, H.: Paranoid android: versatile protection for smartphones. In: Proceedings of the 26th Annual Computer Security Applications Conference (2010)
Rasthofer, S., Arzt, S., Bodden, E.: A machine-learning approach for classifying and categorizing android sources and sinks. http://www.internetsociety.org/doc/machine-learning-approach-classifying-and-categorizing-android-sources-and-sinks (2014)
Sanz, B., Santos, I., Laorden, C., Ugarte-Pedrero, X., Nieves, J., Bringas, P.G., Alvarez Maranon, G.: Mama: manifest analysis for malware detection in android. Cybern. Syst. 44(6–7), 469–488 (2013)
Sasnauskas, R., Regehr, J.: Intent fuzzer: crafting intents of death. In: Proceedings of the 2014 Joint International Workshop on Dynamic Analysis (WODA) and Software and System Performance Testing, Debugging, and Analytics (PERTEA) (2014)
Selendroid: Selendroid: selenium for android. http://selendroid.io (2016)
Shabtai, A., Kanonov, U., Elovici, Y., Glezer, C., Weiss, Y.: ”Andromaly”: a behavioral malware detection framework for android devices. J. Intell. Inf. Syst. 38(1), 161–190 (2012)
Shuang, L., Xiaojiang, D.: Permission-combination-based scheme for android mobile malware detection. In: 2014 IEEE International Conference on Communications (ICC), pp. 2301–2306 (2013)
SPRIDE, E.: Droidbench—benchmarks. http://sseblog.ec-spride.de/tools/droidbench/ (2016)
Symantec: 2015 internet security threat report, vol. 20, Web Page May. https://www.symantec.com/content/dam/symantec/docs/reports/istr-20-2015-en.pdf (2015)
Symantec: 2017 internet security threat report. Report, Symantec. https://www.symantec.com/content/dam/symantec/docs/reports/istr-22-2017-en.pdf (2017)
Veen, V.V.D.: Tracedroid—dynamic android app analysis. http://tracedroid.few.vu.nl/ (2014)
Xiong, P., Wang, X., Niu, W., Zhu, T., Li, G.: Android malware detection with contrasting permission patterns. Communications 11(8), 1–14 (2014)
Xposed: Xposed framework. http://repo.xposed.info/ (2016)
Yan, L.K., Yin, H.: Droidscope: seamlessly reconstructing the OS and Dalvik semantic views for dynamic android malware analysis. In: USENIX Security Symposium (2012)
Zheng, C., Zhu, S., Dai, S., Gu, G., Gong, X., Han, X., Zou, W.: Smartdroid: an automatic system for revealing ui-based trigger conditions in android applications. In: Proceedings of the Second ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (2012)
Acknowledgements
This research is funded by Vietnam National University HoChiMinh City (VNU-HCM) under Grant No. B2016-26-01.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Cam, N.T., Pham, VH. & Nguyen, T. Detecting sensitive data leakage via inter-applications on Android using a hybrid analysis technique. Cluster Comput 22 (Suppl 1), 1055–1064 (2019). https://doi.org/10.1007/s10586-017-1260-2
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10586-017-1260-2