Bytecode-level dynamic taint analysis of Android applications
The importance of smartphones and the operating system Android is growing in all situations of modern life. Hence, more data, especially private information, is stored on the phones. The Android permission-model protects sensitive data from being read by applications but cannot determine flow of private information through an application and thus prevent them from being leaked. To address this problem, we present an approach injecting application-layer dynamic taint analysis into the bytecode of any Android app and thus harden the application. The dynamic taint analysis we inject into the application can track the flow of information precisely on runtime and thus detect leaks of sensitive data. In contrast to existing approaches implementing dynamic taint analysis for Android apps on application-layer, the framework is more precise as it does not reduce paths to be instrumented by performing static analysis and addresses external tunnels more precise. Other precise approaches like TaintDroid are often implemented on OS-layer and thus require modification of the Android middleware. Our approach does not need any modification of the Android system and thus is applicable to every Android version. In this paper, we describe the problem of dynamic taint analysis of Android applications and present our approach regarding design decisions and the technical implementation. Furthermore, we discuss and evaluate the effectiveness, the performance and the limitations of the dynamic taint analysis framework.
Bytecode-level dynamic taint analysis of Android applications
Supervisor(s): |
Dennis Titze ,Julian Schütte |
Status: |
finished |
Topic: |
Android stuff |
Author: |
Alexander Küchler |
Submission: |
2016-06-15 |
Type of Thesis: |
Bachelorthesis
|
Proof of Concept |
No |
Thesis topic in co-operation with the Fraunhofer Institute for Applied and Integrated Security AISEC, Garching
|
Astract:The importance of smartphones and the operating system Android is growing in all situations of modern life. Hence, more data, especially private information, is stored on the phones. The Android permission-model protects sensitive data from being read by applications but cannot determine flow of private information through an application and thus prevent them from being leaked. To address this problem, we present an approach injecting application-layer dynamic taint analysis into the bytecode of any Android app and thus harden the application. The dynamic taint analysis we inject into the application can track the flow of information precisely on runtime and thus detect leaks of sensitive data. In contrast to existing approaches implementing dynamic taint analysis for Android apps on application-layer, the framework is more precise as it does not reduce paths to be instrumented by performing static analysis and addresses external tunnels more precise. Other precise approaches like TaintDroid are often implemented on OS-layer and thus require modification of the Android middleware. Our approach does not need any modification of the Android system and thus is applicable to every Android version. In this paper, we describe the problem of dynamic taint analysis of Android applications and present our approach regarding design decisions and the technical implementation. Furthermore, we discuss and evaluate the effectiveness, the performance and the limitations of the dynamic taint analysis framework. |