AndroidLeaks: automatically detecting potential privacy leaks in android applications on a large scale - Citegraph

Paper Info

Title
AndroidLeaks: automatically detecting potential privacy leaks in android applications on a large scale

Abstract
As mobile devices become more widespread and powerful, they store more sensitive data, which includes not only users' personal information but also the data collected via sensors throughout the day. When mobile applications have access to this growing amount of sensitive information, they may leak it carelessly or maliciously. Google's Android operating system provides a permissions-based security model that restricts an application's access to the user's private data. Each application statically declares the sensitive data and functionality that it requires in a manifest, which is presented to the user upon installation. However, it is not clear to the user how sensitive data is used once the application is installed. To combat this problem, we present AndroidLeaks, a static analysis framework for automatically finding potential leaks of sensitive information in Android applications on a massive scale. AndroidLeaks drastically reduces the number of applications and the number of traces that a security auditor has to verify manually. We evaluate the efficacy of AndroidLeaks on 24,350 Android applications from several Android markets. AndroidLeaks found 57,299 potential privacy leaks in 7,414 Android applications, out of which we have manually verified that 2,342 applications leak private data including phone information, GPS location, WiFi data, and audio recorded with the microphone. AndroidLeaks examined these applications in 30 hours, which indicates that it is capable of scaling to the increasingly large set of available applications.

Year	DOI	Venue
2012	10.1007/978-3-642-30921-2_17	TRUST
Keywords	Field	DocType
android market,sensitive information,phone information,android application,potential privacy leak,large scale,android operating system,sensitive data,private data,wifi data,personal information,present androidleaks	Internet privacy,Android (operating system),Computer security,Computer science,Phone,Machine code,Mobile device,Global Positioning System,Personally identifiable information,Information sensitivity,Computer security model,Operating system	Conference
Citations	PageRank	References
199	7.26	6
Authors
4

Search Limit

100199

Authors (4 rows)

Cited by (100 rows)

References (6 rows)

Name	Order	Citations	PageRank
Clint Gibler	1	433	15.73
Jonathan Crussell	2	471	17.12
Jeremy Erickson	3	216	8.83
Hao Chen	4	2723	183.89

1