Journal of Beijing University of Posts and Telecommunications

  • EI核心期刊

JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM ›› 2016, Vol. 39 ›› Issue (3): 16-21.doi: 10.13190/j.jbupt.2016.03.002

• Papers • Previous Articles     Next Articles

Sensitive Information Leakage Detection for Android Applications Based on Fine-Grained Taint Tracking Strategies

YANG Tian-chang, CUI Hao-liang, NIU Shao-zhang, SONG Wen   

  1. Beijing Key Laboratory of Intelligent Telecommunication Software and Multimedia, Beijing University of Posts and Telecommunications, Beijing 100876, China
  • Received:2016-01-10 Online:2016-06-28 Published:2016-06-27

PDF

490

Abstract:

In response to the sensitive information leakage problem of Android applications, a detection scheme based on fine-grained information flow tracking strategies and static taint tracking technology was proposed. According to the syntax and semantic of Smali code, the internal call graph of application, the Android communication mechanism, and the fine-grained taint track rules were constructed, the taint analysis was executed as well on the application according to the different leak manner and the propagation strategies. The sensitive information leakage was determined by the taint analysis result. Experiments show that the scheme can detect a variety of ways of sensitive data leakage effectively, improve the detection accuracy and flexibility, and reduce the uncomprehensive of information flow path and false positive rate in the process of detection.

Key words: information flow, taint tracking, sensitive information, information leakage

CLC Number: 

Copyright © 2018 Journal of Beijing University of Posts and Telecommunications 京ICP备14033833号

Adress: BEIJING UNIVERSITY OF POSTS AND TELECOMMUNICATIONS    Post Code: 100876    Tel: (010)62281995    QQ: 307514248    weibo    Message    E-mail: byxb@bupt.edu.cn