Name
Abstract | ||
|---|---|---|
User data is touted as new oil in our times of digital economy. Colluding apps can pose a threat to leak private information in Android. In this paper, a technique is proposed to address the threat emanating from multiple colluding Android applications (apps). Android framework is not made to protect the data that is going outside an app. In such a scenario, individual app shall appear benign whereas conspiring apps, if present, can leak sensitive end-user data to other sinks. This phenomenon of intentional data leakage is termed as collusion, and involved apps are called colluding apps. Existing app analyzers focused on single app analysis which gets defeated by scattering leaking instructions across multiple apps. We present SneakLeak+, a model-checking based technique for detection of app collusion. The proposed method can analyze multiple apps simultaneously to identify the set of colluding apps. SneakLeak+ statically analyzes the reverse engineered intermediate code of each app, extract security relevant information, and represent the extracted information into a compact form suitable for formal verification. The formal analysis engine is used to verify the presence/absence of potential inter-app communication-based leakage. Since, official Android app repository, Google Play Store offer massive number of apps, volumetric analysis is crucial for purposeful contribution. To maintain scalability of the proposed method, we build an abstract model of the apps that represent only potential leaks. Currently, there is no standard app dataset available to verify efficacy and scalability of methods dealing with collusion detection. Hence, we developed 64 apps exhibiting collusion as our benchmark dataset, now, available as open-source. To demonstrate the efficacy and scalability of our proposal, we conduct a set of experiments on 11,000 apps from Google Play Store and benchmark datasets. Our experiments show that SneakLeak+ achieves highest precision (100%), highest recall (93.3%) and highest F-measure (0.97) as compared to existing state-of-art approaches. On an average, it will take around 142 min to analyze the entire device. |
Year | DOI | Venue |
|---|---|---|
2020 | 10.1016/j.future.2018.05.047 | Future Generation Computer Systems |
Keywords | DocType | Volume |
Android app collusion,Multi-app analysis,Verification,Model checking,Information leakage,Privilege escalation | Journal | 109 |
ISSN | Citations | PageRank |
0167-739X | 2 | 0.36 |
References | Authors | |
18 | 6 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Shweta Bhandari | 1 | 23 | 3.14 |
| Frederic Herbreteau | 2 | 12 | 2.58 |
| Vijay Laxmi | 3 | 478 | 57.09 |
| Akka Zemmari | 4 | 171 | 26.35 |
| Manoj S. Gaur | 5 | 501 | 63.38 |
| Partha S. Roop | 6 | 356 | 48.28 |