Skip to main content
SpringerLink
Log in

Uranine: Real-time Privacy Leakage Monitoring without System Modification for Android

  • Conference paper
Book cover Security and Privacy in Communication Networks (SecureComm 2015)

Abstract

Mobile devices are becoming increasingly popular. One reason for their popularity is the availability of a wide range of third-party applications, which enrich the environment and increase usability. There are however privacy concerns centered around these applications – users do not know what private data is leaked by the applications. Previous works to detect privacy leakages are either not accurate enough or require operating system changes, which may not be possible due to users’ lack of skills or locked devices. We present Uranine (Uranine is a dye, which finds applications as a flow tracer in medicine and environmental studies.), a system that instruments Android applications to detect privacy leakages in real-time. Uranine does not require any platform modification nor does it need the application source code. We designed several mechanisms to overcome the challenges of tracking information flow across framework code, handling callback functions, and expressing all information-flow tracking at the bytecode level. Our evaluation of Uranine shows that it is accurate at detecting privacy leaks and has acceptable performance overhead.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Apktool. Android-apktool: A tool for reengineering Android apk files. http://code.google.com/p/android-apktool/

  2. Arzt, S., Rasthofer, S., Fritz, C., Bodden, E., Bartel, A., Klein, J., Le Traon, Y., Octeau, D., McDaniel, P.: Flowdroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. In: ACM PLDI (2014)

    Google Scholar 

  3. Balebako, R., Jung, J., Lu, W., Cranor, L.F., Nguyen, C.: Little brothers watching you: raising awareness of data leaks on smartphones. In: Proceedings of the Ninth Symposium on Usable Privacy and Security, p. 12. ACM (2013)

    Google Scholar 

  4. Bell, J., Kaiser, G.E.: Phosphor: illuminating dynamic data flow in the jvm. In: OOPSLA (2014)

    Google Scholar 

  5. Beresford, A., Rice, A., Skehin, N., Sohan, R.: Mockdroid: trading privacy for application functionality on smartphones. In: HotMobile (2011)

    Google Scholar 

  6. Blackburn, S.M., Garner, R., Hoffmann, C., Khang, A.M., McKinley, K.S., Bentzur, R., Diwan, A., Feinberg, D. Frampton, S.Z., Guyer, et al. :The dacapo benchmarks: Java benchmarking development and analysis. In: ACM Sigplan Notices, vol. 41, pp. 169–190. ACM (2006)

    Google Scholar 

  7. Cao, Y., Fratantonio, Y., Bianchi, A., Egele, M., Kruegel, C., Vigna, G., Chen, Y.: Edgeminer: automatically detecting implicit control flow transitions through the android framework. In: Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS) (2015)

    Google Scholar 

  8. Chandra, D., Franz, M.: Fine-grained information flow analysis and enforcement in a java virtual machine. In: ACSAC (2007)

    Google Scholar 

  9. Davis, B., Chen, H.: Retroskeleton: retrofitting android apps. In: Mobisys (2013)

    Google Scholar 

  10. Egele, M., Kruegel, C., Kirda, E., Yin, H., Song, D.: Dynamic spyware analysis. In: Usenix ATC (2007)

    Google Scholar 

  11. Egele, M., Kruegel, C., Kirda, E., Vigna, G.: Pios: detecting privacy leaks in ios applications. In: NDSS (2011)

    Google Scholar 

  12. Enck, W., Ongtang, M., McDaniel, P.: On lightweight mobile phone application certification. In: ACSAC (2009)

    Google Scholar 

  13. Enck, W., Gilbert, P., Chun, B., Cox, L., Jung, J., McDaniel, P., Sheth, A.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: OSDI (2010)

    Google Scholar 

  14. Enck, W., Octeau, D., McDaniel, P., Chaudhuri, S.: A study of android application security. In: USENIX Security (2011)

    Google Scholar 

  15. Fuchs, A., Chaudhuri, A., Foster, J.: Scandroid: Automated security certification of android applications. Manuscript, Univ. of Maryland (2009). http://www.cs.umd.edu/~avik/projects/scandroidascaa

  16. Gibler, C., Crussell, J., Erickson, J., Chen, H.: Androidleaks: automatically detecting potential privacy leaks in android applications on a large scale. In: Katzenbeisser, S., Weippl, E., Camp, L.J., Volkamer, M., Reiter, M., Zhang, X. (eds.) Trust 2012. LNCS, vol. 7344, pp. 291–307. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  17. Good. Mobile app containerization. http://www1.good.com/secure-mobility-solution/mobile-application-containerization

  18. Haldar, V., Chandra, D., Franz, M.: Dynamic taint propagation for java. In: 21st Annual Computer Security Applications Conference (ACSAC). IEEE (2005)

    Google Scholar 

  19. Kang, M., McCamant, S., Poosankam, P., Song, D.: Dta++: dynamic taint analysis with targeted control-flow propagation. In: Proc. of NDSS (2011)

    Google Scholar 

  20. Lin, J., Amini, S., Hong, J.I., Sadeh, N., Lindqvist, J., Zhang, J.: Expectation and purpose: understanding users’ mental models of mobile app privacy through crowdsourcing. In: Proceedings of the 2012 ACM Conference on Ubiquitous Computing, pp. 501–510. ACM (2012)

    Google Scholar 

  21. Lu, L., Li, Z., Wu, Z., Lee, W., Jiang, G.: CHEX: statically vetting android apps for component hijacking vulnerabilities. In: ACM CCS (2012)

    Google Scholar 

  22. MobileIron. Appconnect. http://www.mobileiron.com/en/products/appconnect

  23. Nauman, M., Khan, S., Zhang, X.: Apex: extending android permission model and enforcement with user-defined runtime constraints. In: ASIACCS (2010)

    Google Scholar 

  24. Newsome, J., Song, D.: Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In: NDSS (2005)

    Google Scholar 

  25. Qin, F., Wang, C., Li, Z., Kim, H., Zhou, Y., Wu, Y.: Lift: a low-overhead practical information flow tracking system for detecting security attacks. In: IEEE MICRO (2006)

    Google Scholar 

  26. Rastogi, V., Chen, Y., Enck, W.: AppsPlayground: automatic security analysis of smartphone applications. In: Proceedings of ACM CODASPY (2013)

    Google Scholar 

  27. Rosen, S., Qian, Z., Mao, Z.M.: Appprofiler: a flexible method of exposing privacy-related behavior in android applications to end users. In: Proceedings of the Third ACM Conference on Data and Application Security and Privacy, pp. 221–232. ACM (2013)

    Google Scholar 

  28. Saxena, P., Sekar, R., Puranik, V.: Efficient fine-grained binary instrumentationwith applications to taint-tracking. In: IEEE/ACM CGO (2008)

    Google Scholar 

  29. Schlegel, R., Zhang, K., Zhou, X.-Y., Intwala, M., Kapadia, A., Wang, X.: Soundcomber: a stealthy and context-aware sound trojan for smartphones. In: NDSS, vol. 11, pp. 17–33 (2011)

    Google Scholar 

  30. Schwartz, E., Avgerinos, T., Brumley, D.: All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask). In: IEEE SP (2010)

    Google Scholar 

  31. Sharif, M., Lanzi, A., Giffin, J., Lee, W.: Automatic reverse engineering of malware emulators. In: 2009 30th IEEE Symposium on Security and Privacy (2009)

    Google Scholar 

  32. smali. Smali: An assembler/disassembler for Android’s dex format. http://code.google.com/p/smali/

  33. Suh, G., Lee, J., Zhang, D., Devadas, S.: Secure program execution via dynamic information flow tracking. In: ACM SIGPLAN Notices, vol. 39, pp. 85–96 (2004)

    Google Scholar 

  34. Xia, M., Gong, L., Lyu, Y., Qi, Z., Liu, X.: Effective real-time android application auditing. In: IEEE S&P (2015)

    Google Scholar 

  35. Xu, R., Saıdi, H., Anderson, R.: Aurasium: practical policy enforcement for android applications. In: Proceedings of the 21st USENIX conference on Security (2012)

    Google Scholar 

  36. Xu, W., Bhatkar, S., Sekar, R.: Taint-enhanced policy enforcement: a practical approach to defeat a wide range of attacks. In: USENIX Security (2006)

    Google Scholar 

  37. Yin, H., Song, D., Egele, M., Kruegel, C., Kirda, E.: Panorama: capturing system-wide information flow for malware detection and analysis. In: ACM CCS (2007)

    Google Scholar 

  38. Zhang, M., Yin, H.: Appsealer: automatic generation of vulnerability-specific patches for preventing component hijacking attacks in android applications. In: NDSS (2014)

    Google Scholar 

  39. Zhang, M., Yin, H.: Efficient, context-aware privacy leakage confinement for android applications without firmware modding. In: ASIACCS (2014)

    Google Scholar 

  40. Zhou, Y., Zhang, X., Jiang, X., Freeh, V.W.: Taming information-stealing smartphone applications (on android). In: McCune, J.M., Balacheff, B., Perrig, A., Sadeghi, A.-R., Sasse, A., Beres, Y. (eds.) Trust 2011. LNCS, vol. 6740, pp. 93–107. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  41. Zhu, D., Jung, J., Song, D., Kohno, T., Wetherall, D.: Tainteraser: protecting sensitive data leaks using application-level taint tracking. ACM SIGOPS Operating Systems Review 45(1), 142–154 (2011)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Wisconsin, Madison, USA

    Vaibhav Rastogi

  2. Pennsylvania State University, State College, USA

    Vaibhav Rastogi

  3. Northwestern University, Evanston, USA

    Zhengyang Qu & Yan Chen

  4. University of Colorado Boulder, Boulder, USA

    Jedidiah McClurg

  5. Lehigh University, Bethlehem, USA

    Yinzhi Cao

Authors
  1. Vaibhav Rastogi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zhengyang Qu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jedidiah McClurg
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yinzhi Cao
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Yan Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Vaibhav Rastogi .

Editor information

Editors and Affiliations

  1. The University of Texas at Dallas, Richardson, Texas, USA

    Bhavani Thuraisingham

  2. Indiana University at Bloomington, Bloomington, Indiana, USA

    XiaoFeng Wang

  3. SRI International, Menlo Park, California, USA

    Vinod Yegneswaran

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Rastogi, V., Qu, Z., McClurg, J., Cao, Y., Chen, Y. (2015). Uranine: Real-time Privacy Leakage Monitoring without System Modification for Android. In: Thuraisingham, B., Wang, X., Yegneswaran, V. (eds) Security and Privacy in Communication Networks. SecureComm 2015. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 164. Springer, Cham. https://doi.org/10.1007/978-3-319-28865-9_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-28865-9_14

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-28864-2

  • Online ISBN: 978-3-319-28865-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation