Filters








2,477 Hits in 2.0 sec

POSTER

Shweta Bhandari, Frederic Herbreteau, Vijay Laxmi, Akka Zemmari, Partha S. Roop, Manoj Singh Gaur
2017 Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security - ASIA CCS '17  
Sensitive (private) information can escape from one app to another using one of the multiple communication methods provided by Android for inter-app communication. This leakage can be malicious.  ...  In this work in progress, we present, a new model-checking based approach for inter-app collusion detection. The proposed technique takes into account simultaneous analysis of multiple apps.  ...  Hence it is challenging to detect such leakage paths. This paper addresses the major challenges of multi-app analysis leading to information leakage.  ... 
doi:10.1145/3052973.3055163 dblp:conf/ccs/BhandariHLZRG17 fatcat:dzjybddvbfggviyb5r44g7vw4q

Comnoid: Information Leakage Detection using Data Flow Analysis on Android Devices

Sunita Dhavale, Bhushan Lokhande
2016 International Journal of Computer Applications  
Generally, taint analysis techniques are used for information flow tracking and data leakage detection purpose.  ...  Static Taint analysis techniques can detect the leakages that may not be exposed in runtime.  ...  From results, it is found that proposed Comnoid tool can detect inter-app data leakage instances for DroidBench benchmark successfully.  ... 
doi:10.5120/ijca2016907855 fatcat:vvyakdpgyzeqpaoyzajouur7ge

Container-Based Privacy Preserving Scheme for Android Applications

Haoliang Cui, Shuai Shao, Shaozhang Niu, Wen Zhang, Yang Yuan
2020 Chinese journal of electronics  
The scheme generates a privacy protection policy file by constructing leakage paths for privacy data propagation in Android applications, and monitors privacy leakage in the running environment of the  ...  Android component life cycle and system calls are first studied, and the taint propagation path under the cross-component scenario in static analysis is optimized.  ...  From the aspect of sensitive information leakage detection, Lu et al.  ... 
doi:10.1049/cje.2020.06.001 fatcat:jcvjebtocfekthqdnbaa4kbnom

Review of Works Content Analyzer for Information Leakage Detection and Prevention in Android Smart Devices

T. Okebule, Afe Babalola University, Ado-Ekiti, Nigeria, Oluwaseyi A. Adeyemo, K. A. Olatunji, A. S. Awe, Afe Babalola University, Ado-Ekiti, Nigeria
2022 ABUAD International Journal of Natural and Applied Sciences  
This study presents a literature review of works on content Analyzers for information leakage detection and prevention on android-based devices.  ...  The advent of android operating systems introduced tools to keep track of users' information activities and prevent information leakage which bridged the trust between application developers and consumers  ...  Inter-App Information Leakage Paths.  ... 
doi:10.53982/aijnas.2022.0201.02-j fatcat:xltm3eyeczcibl37m52l5v23za

Efficient Privacy Leakage Discovery for Android Applications Based on Static Analysis

Songyang Wu, Yong Zhang, Xiong Xiong
2016 International Journal of Hybrid Information Technology  
We present an evaluation with a typical Android malicious app. The result of case study shows that our scheme can effectively help discover the privacy leakage behaviors in the malicious apps.  ...  Android smart phones often carry personal sensitive information, which makes Android a tempting target for malwares.  ...  ., work [5] selectively inserts instrumentation code into the app to keep track of private information and detect leakage at runtime.  ... 
doi:10.14257/ijhit.2016.9.3.19 fatcat:z2akj3fcivbstkj5xgk5krstzy

Android inter-app communication threats and detection techniques

Shweta Bhandari, Wafa Ben Jaballah, Vineeta Jain, Vijay Laxmi, Akka Zemmari, Manoj Singh Gaur, Mohamed Mosbah, Mauro Conti
2017 Computers & security  
Each participating app accomplish its part and communicate information to another app through Inter Component Communication (ICC). ICC do not require any special permissions.  ...  Academic researchers and commercial anti-malware companies are putting great effort to detect such malicious apps.  ...  The shared permission set exposes sensitive information leakage path and thus emanate collusion.  ... 
doi:10.1016/j.cose.2017.07.002 fatcat:owzn5l7bvrcitix4mlfiabdhee

A Fog Computing Solution for Context-Based Privacy Leakage Detection for Android Healthcare Devices

Jingjing Gu, Ruicong Huang, Li Jiang, Gongzhe Qiao, Xiaojiang Du, Mohsen Guizani
2019 Sensors  
Then, we propose a context-based privacy leakage detection method based on the combination of dynamic and static information.  ...  Experimental results show that the proposed method can achieve higher detection accuracy and lower energy consumption compared with other state-of-art methods.  ...  making the information of upper and lower levels inter-operable, data analysis and management, and security protection.  ... 
doi:10.3390/s19051184 fatcat:s3zlf3xhuvgzfks5pwl7amlzfy

Information flow based defensive chain for data leakage detection and prevention: a survey [article]

Ning Xi, Chao Chen, Jun Zhang, Cong Sun, Shigang Liu, Pengbin Feng, Jianfeng Ma
2021 arXiv   pre-print
Research communities and industries have proposed many Information Flow Control (IFC) techniques for data leakage detection and prevention, including secure modeling, type system, static analysis, dynamic  ...  We propose an information flow based defensive chain, which provides a new framework to systematically understand various IFC techniques for data leakage detection and prevention in Mobile and IoT applications  ...  Besides, new taint analysis approaches are also adopted for the data leakage detection on IoT apps. b. Inter-language static taint analysis.  ... 
arXiv:2106.04951v1 fatcat:apib4mmp3va43dv5he7xu3aay4

DeviceWatch: Identifying Compromised Mobile Devices through Network Traffic Analysis and Graph Inference [article]

Euijin Choo, Mohamed Nabeel, Mashael Alsabah, Issa Khalil, Ting Yu, Wei Wang
2019 arXiv   pre-print
Moreover, we validate our results by showing that detected compromised devices indeed present undesirable behavior in terms of their privacy leakage and network infrastructure accessed.  ...  Intuitively, inadvertent users (and thus their devices) who download apps through untrustworthy markets are often allured to install malicious apps through in-app advertisement or phishing.  ...  Privacy Leakage It is known that devices having bad apps often leak private information [66, 67] . We examine samples of classified good and bad devices to study private information leakage on them.  ... 
arXiv:1911.12080v1 fatcat:wfw2vwjokrfq7j5welnxggw6s4

Distributed Malware Detection Algorithm (DMDA)

Aiman A. Abu Samra, Hasan N. Qunoo, Alaa M. Al Salehi
2017 International Journal of Computer Network and Information Security  
We introduce a Distributed Malware Detection Algorithm (DMDA), which is an algorithm to detect distributed malware on app versions.  ...  The algorithm detected 150 transient data sources, 200 transient loss of data point and two leakages of data.  ...  Its focus is the intercomponent (e.g. between two activities in the same app) and inter-app data flow. IV.  ... 
doi:10.5815/ijcnis.2017.08.07 fatcat:devcx2rxszfgvox5ly7anw3efy

POSTER

Jyoti Gajrani, Li Li, Vijay Laxmi, Meenakshi Tripathi, Manoj Singh Gaur, Mauro Conti
2017 Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security - ASIA CCS '17  
We evaluate EspyDroid on 28 benchmark apps employing major reflection categories. Our technique show improved results over FlowDroid via detection of additional undetected flows.  ...  These flows have potential to leak sensitive and private information of the users, through various sinks.  ...  In the original representative dataset, FlowDroid could identify 19 leakage paths while the same tool could identify 47 leakage paths in the instrumented apps when used in conjunction with EspyDroid.  ... 
doi:10.1145/3052973.3055162 dblp:conf/ccs/GajraniLLTGC17 fatcat:6imcqiqchbhx7gjltuhd7axmae

Dexteroid: Detecting malicious behaviors in Android apps using reverse-engineered life cycle models

Mohsin Junaid, Donggang Liu, David Kung
2016 Computers & security  
A prototype implementation of Dexteroid detects two types of attacks: (1) leakage of private information, and (2) sending SMS to premium-rate numbers.  ...  The effectiveness of current tools relies on the app model as well as the malware detection algorithm which analyzes the app model.  ...  Taint analysis is then performed on paths of the CFG to detect information leakage.  ... 
doi:10.1016/j.cose.2016.01.008 fatcat:xmeywlpx5zeonmvulcsgghekpm

User Privacy and Data Flow Control for Android Apps: Systematic Literature Review

Zainab Rashid Alkindi, Mohamed Sarrab, Nasser Alzeidi
2021 Journal of Cyber Security and Mobility  
Many mobile apps misbehave and upload users' data without permission which confirmed the possibility of privacy leakage through different network channels.  ...  Android mobile apps gain access to numerous users' private data. Users of different Android mobile apps have less control over their sensitive data during their installation and run-time.  ...  The researchers address data leakage channels by developing a ChannelCheck tool that uses to detect the leakage of channels automatically.  ... 
doi:10.13052/jcsm2245-1439.1019 fatcat:ztxz4fikrnax3lxiuvir22dvdm

AppIntent

Zhemin Yang, Min Yang, Yuan Zhang, Guofei Gu, Peng Ning, X. Sean Wang
2013 Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security - CCS '13  
We also present an evaluation of AppIntent with a set of 750 malicious apps, as well as 1,000 top free apps from Google Play.  ...  Android phones often carry personal information, attracting malicious developers to embed code in Android applications to steal sensitive data.  ...  Since privacy leakage detection approaches do not cover leakage of local logging, such apps could bypass existing detection tools.  ... 
doi:10.1145/2508859.2516676 dblp:conf/ccs/YangYZGNW13 fatcat:5gadorblffcrterp7ocmphcmzm

Detecting GPS information leakage in Android applications

Siyuan Ma, Zhushou Tang, Qiuyu Xiao, Jiafa Liu, Tran Triet Duong, Xiaodong Lin, Haojin Zhu
2013 2013 IEEE Global Communications Conference (GLOBECOM)  
Furthermore, we develop a location information leakage detection tool named Brox.  ...  Brox is based on dalvik-opcode specification, which uses data flow analysis framework equipped with flowsensitive, context-sensitive, and inter-procedure techniques to detect potential information leakage  ...  Our experiments show that Brox can still detect location information leakage by the geinimi virus. Figure 4 is the analysis results automatically generated by Brox for Mobile Spy.  ... 
doi:10.1109/glocom.2013.6831175 dblp:conf/globecom/MaTXLDLZ13 fatcat:qsdqm6ywvja7rb3gohadiws4qy
« Previous Showing results 1 — 15 out of 2,477 results