TaintDroid: An Information Flow Tracking System for Real-Time Privacy Monitoring on Smartphones

被引：116

作者：

Enck, William ^{[1
]}

Gilbert, Peter ^{[2
]}

Chun, Byung-Gon ^{[3
]}

Cox, Landon P.

Jung, Jaeyeon

McDaniel, Patrick ^{[4
]}

Sheth, Anmol N.

机构：

[1] N Carolina State Univ, Dept ment Comp Sci, Raleigh, NC 27695 USA

[2] Duke Univ, Dept Comp Sci, Durham, NC 27706 USA

[3] Seoul Natl Univ, Seoul 151, South Korea

[4] Penn State Univ, Dept Comp Sci & Engn, University Pk, PA 16802 USA

来源：

COMMUNICATIONS OF THE ACM | 2014年 / 57卷 / 03期

基金：

美国国家科学基金会;

关键词：

Sensitive data;

D O I：

10.1145/2494522

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

Today's smartphone operating systems frequently fail to provide users with adequate control over and visibility into how third-party applications use their privacy-sensitive data. We address these shortcomings with TaintDroid, an efficient, systemwide dynamic taint tracking and analysis system capable of simultaneously tracking multiple sources of sensitive data. TaintDroid provides real-time analysis by leveraging Android's virtualized execution environment. Using TaintDroid to monitor the behavior of 30 popular third-party Android applications, we found 68 instances of misappropriation of users' location and device identification information across 20 applications. Monitoring sensitive data with TaintDroid provides informed use of third-party applications for phone users and valuable input for smartphone security service firms seeking to identify misbehaving applications.

引用

页码：99 / 106

页数：8

共 25 条

[21] Vogt P., 2007, PROCEEDINGS OF THE 1
[22] Xu W, 2006, USENIX ASSOCIATION PROCEEDINGS OF THE 15TH USENIX SECURITY SYMPOSIUM, P121
[23] Yin H, 2007, CCS'07: PROCEEDINGS OF THE 14TH ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, P116
[24] Yip A., 2009, PROCEEDINGS OF THE A
[25] Zhu David Yu, 2011, Operating Systems Review, V45, P142, DOI 10.1145/1945023.1945039

← 1 2 3 →