Name
Abstract | ||
|---|---|---|
A new security problem on smartphones is the wide spread of spyware nested in apps, which occasionally and silently collects user's private data in the background. The state-of-the-art work for privacy leakage detection is dynamic taint analysis, which, however, suffers usability issues because it requires flashing a customized system image to track the taint propagation and consequently incurs great overhead. Through a real-world privacy leakage case study, we observe that the spyware behaviors share some common features during execution, which may further indicate a correlation between the data flow of privacy leakage and some specific features of program execution traces. In this work, we examine such a hypothesis using the newly proposed SpyAware framework, together with a customized TaintDroid as the ground truth. SpyAware includes a profiler to automatically profile app executions in binder calls and system calls, a feature extractor to extract feature vectors from execution traces, and a classifier to train and predict spyware executions based on the feature vectors. We conduct an evaluation experiment with 100 popular apps downloaded from Google Play. Experimental results show that our approach can achieve promising performance with 67.4% accuracy in detecting device id spyware executions and 78.4% in recognizing location spyware executions. |
Year | DOI | Venue |
|---|---|---|
2015 | 10.1109/ISSRE.2015.7381828 | International Symposium on Software Reliability Engineering |
Keywords | Field | DocType |
privacy leakage signatures,app execution traces,smartphones,privacy leakage detection,dynamic taint analysis,usability issues,spyware behaviors,data flow,program execution traces,SpyAware framework,customized TaintDroid,automatic profile app executions,binder calls,system calls,feature extractor,classifier,Google Play | System image,Feature vector,Leakage (electronics),Computer science,Computer security,Usability,Ground truth,Taint checking,Classifier (linguistics),Data flow diagram | Conference |
Citations | PageRank | References |
3 | 0.36 | 24 |
Authors | ||
5 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| hui xu | 1 | 16 | 3.93 |
| Yangfan Zhou | 2 | 232 | 29.72 |
| Cuiyun Gao | 3 | 50 | 10.05 |
| Yu Kang | 4 | 70 | 7.77 |
| Michael R. Lyu | 5 | 10985 | 529.03 |