Loading...

Information-flow Analysis in Android Apps for Protecting User Privacy

Barkhordari, Alireza | 2016

725 Viewed
  1. Type of Document: M.Sc. Thesis
  2. Language: Farsi
  3. Document No: 48790 (19)
  4. University: Sharif University of Technology
  5. Department: Computer Engineering
  6. Advisor(s): Amini, Morteza
  7. Abstract:
  8. The rapid growth of Android operating system alongside its open-source nature has made it as the most popular operating system of mobile devices. On the other hand, regarding the increasing computational power of mobile devices, a wide variety of applications are coming to this type of devices. Meanwhile unfortunately many malicious softwares trying to keep up with other applications, are targeting this popular operating system. Therefore with regard to the fact that this type of devices usually store private and sensitive information of their users, security of mobile operating systems is considered very important. Having this matter in mind, the goal of this research work has been dedicated to identifying information-flows in Android applications. Currently in the area of information-flow analysis of Android applications, there is a pernicious gap which pertains to taking into account the information-flows of native parts. In this research, using a path-sensitive approach with focus on information-flow analysis of native parts, it has been attempted to bridge this gap. To accomplish this purpose, by having translated assembly code of native parts into an anstract model consisting of REIL instructions and their repective SMT problem, it has been tried to indentify flow points. In addition, in order to track sensitive data, a simple taint tracking appraoch on REIL instructions has been adopted. In this document, after surveying the background, the proposed approach is investigated and subsequently considerations on evaluating it are discussed. Evaluation results show that the proposed appraoch is able to identify explicit flows inside native parts of Android applications, with high level of precision and inference. At the end, some of notable achievements and shortcomings of the proposed appraoch are enumerated
  9. Keywords:
  10. Static Analysis ; Android Operating System ; Information Flow ; Privacy Preserving ; Android Security

 Digital Object List

 Bookmark

...see more