I know what leaked in your pocket: uncovering privacy leaks on Android Apps with Static Taint Analysis

Abstract

Android applications may leak privacy data carelessly or maliciously. In this work we perform inter-component dataflow analysis to detect privacy leaks between components of Android applications. Unlike all current approaches, our tool, called IccTA, propagates the context between the components, which improves the precision of the analysis. IccTA outperforms all other available tools by reaching a precision of 95.0% and a recall of 82.6% on DroidBench. Our approach detects 147 inter-component based privacy leaks in 14 applications in a set of 3000 real-world applications with a precision of 88.4%. With the help of ApkCombiner, our approach is able to detect inter-app based privacy leaks.

Extracted Key Phrases

12 Figures and Tables

01020201520162017
Citations per Year

Citation Velocity: 8

Averaging 8 citations per year over the last 3 years.

Learn more about how we calculate this metric in our FAQ.

Cite this paper

@article{Li2014IKW, title={I know what leaked in your pocket: uncovering privacy leaks on Android Apps with Static Taint Analysis}, author={Li Li and Alexandre Bartel and Jacques Klein and Yves Le Traon and Steven Arzt and Siegfried Rasthofer and Eric Bodden and Damien Octeau and Patrick D. McDaniel}, journal={CoRR}, year={2014}, volume={abs/1404.7431} }