TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones Presented By: Steven Zittrower William Enck ( Penn St) (Duke)

Slides:



Advertisements
Similar presentations
DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis Lok Kwong Yan, and Heng Yin Syracuse University.
Advertisements

Android architecture overview
Introduction to Android Mohammad A. Gowayyed CS334-Spring 2014.
Android Platform Overview (1)
Aurasium: Practical Policy Enforcement for Android Applications By Yaoqi USENIX Security Symposium 2012.
Mobile Security: Android Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources. See the last slide.
William Enck, Peter Gilbert, Byung-Gon Chun, Landon P
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
Using Programmer-Written Compiler Extensions to Catch Security Holes Authors: Ken Ashcraft and Dawson Engler Presented by : Hong Chen CS590F 2/7/2007.
Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson Presented By: Rajat Khandelwal – 2009CS10209 Parikshit.
Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson.
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition Chapter 2: Operating-System Structures Modified from the text book.
@2011 Mihail L. Sichitiu1 Android Introduction Platform Overview.
Asst.Prof.Dr.Ahmet Ünveren SPRING Computer Engineering Department Asst.Prof.Dr.Ahmet Ünveren SPRING Computer Engineering Department.
DYNAMIC DATA TAINTING AND ANALYSIS. Roadmap  Background  TaintDroid  JavaScript  Conclusion.
CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.
Presentation By Deepak Katta
Android Introduction Platform Overview.
Introduction to Mobile Malware
Introduction to Java CSIS 3701: Advanced Object Oriented Programming.
VMM Based Rootkit Detection on Android Class Presentation Pete Bohman, Adam Kunk, Erik Shaw.
Panorama: Capturing System-wide Information Flow for Malware Detection and Analysis Authors: Heng Yin, Dawn Song, Manuel Egele, Christoper Kruegel, and.
TAINTDROID: AN INFORMATION- FLOW TRACKING SYSTEM FOR REAL-TIME PRIVACY MONITORING ON SMARTPHONES Presented by: Mohsin Junaid Date: April-17, 2013.
D2Taint: Differentiated and Dynamic Information Flow Tracking on Smartphones for Numerous Data Sources Boxuan Gu, Xinfeng Li, Gang Li, Adam C. Champion,
Authors: William Enck The Pennsylvania State University Peter Gilbert Duke University Byung-Gon Chun Intel Labs Landon P. Cox Duke University Jaeyeon Jung.
All Your Droid Are Belong To Us: A Survey of Current Android Attacks 단국대학교 컴퓨터 보안 및 OS 연구실 김낙영
Presented by: Kushal Mehta University of Central Florida Michael Spreitzenbarth, Felix Freiling Friedrich-Alexander- University Erlangen, Germany michael.spreitzenbart,
@2011 Mihail L. Sichitiu1 Android Introduction Platform Overview.
Presented by: Tom Staley. Introduction Rising security concerns in the smartphone app community Use of private data: Passwords Financial records GPS locations.
A Presentation Of TaintDroid & Related Topics
University of Central Florida TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones Written by Enck, Gilbert,
Android Security Auditing Slides and projects at samsclass.info.
An Offloaded Dynamic Taint Analysis Approach for Privacy Leakage Detection on Android Hui Xu 1.
Android Security Extensions. Android Security Model Main objective is simplicity Users should not be bothered Does the user care? Most do not care…until.
VMM Based Rootkit Detection on Android Class Presentation Pete Bohman, Adam Kunk, Erik Shaw.
ANDROID BY:-AANCHAL MEHTA MNW-880-2K11. Introduction to Android Open software platform for mobile development A complete stack – OS, Middleware, Applications.
Created By. Jainik B Patel Prashant A Goswami Gujarat Vidyapith Computer Department Ahmedabad.
Mobile Application Security on Android Originally presented by Jesse Burns at Black Hat
Android System Security Xinming Ou. Android System Basics An open-source operating system for mobile devices (AOSP, led by Google) – Consists of a base.
Hui Xu, Yangfan Zhou, Cuiyun Gao, Yu Kang, Michael R. Lyu
Wireless and Mobile Security
Title of Presentation DD/MM/YYYY © 2015 Skycure Why Are Hackers Winning the Mobile Malware Battle.
Class Presentation Pete Bohman, Adam Kunk, Erik Shaw (ONL)
VMM Based Rootkit Detection on Android
1 Android Workshop Platform Overview. 2 What is Android?  Android is a software stack for mobile devices that includes an operating system, middleware.
Analysis And Research Of System Security Based On.
Information flow Landon Cox April 1, Information flow Crucial goal of secure system –Prevent inappropriate information flows –Can model “appropriateness”
By: Collin Molnar. Overview  Intro to Android  Security basics  Android architecture  Application isolation  Application permissions  Physical access.
DeepDroid Dynamically Enforcing Enterprise Policy Manwoong (Andy) Choi
Java & The Android Stack: A Security Analysis Pragati Ogal Rai Mobile Technology Evangelist PayPal, eBay Java.
Better Performance Through Thread-local Emulation Ali Razeen, Valentin Pistol, Alexander Meijer, and Landon P. Cox Duke University.
Presented by: Saurabh Kumar Sinha (MRT07UGBIT 186) IT VII Semester, Shobhit University Meerut.
Authors: William Enck & Patrick McDaniel In collaboration with: Duke University and Intel Labs Presentation: Ed Novak 1.
The Basics of Android App Development Sankarshan Mridha Satadal Sengupta.
Computer System Structures
Multi-level information - flow tracking system for Android Runtime
Visit for more Learning Resources
Web Application Vulnerabilities, Detection Mechanisms, and Defenses
TriggerScope: Towards Detecting Logic Bombs in Android Applications
Dynamic information-flow tracking
Android System Security
CASE STUDY 1: Linux and Android
TaintART: A Practical Multi-level Information-Flow Tracking System for Android RunTime Sadiq Basha.
Information Flow Control
Operating System Structure
CMPE419 Mobile Application Development
Methodologies for Data Preservation in IoT Platform
Chapter 2: System Structures
Android Introduction Platform Mihail L. Sichitiu.
CMPE419 Mobile Application Development
Presentation transcript:

TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones Presented By: Steven Zittrower William Enck ( Penn St) (Duke) Peter Gilbert Byung-Gon Chun (Intel) (Duke) Landon P. Cox Jaeyeon Jung (Intel) (Penn St) Pat McDaniel Anmol Sheth (Intel) Authors: Presented at OSDI 2010

Overview  What is TaintDroid  Why it’s Important  Implementation  Costs and Tradeoffs  Results ?

Modern Smartphones GPS/Location Data Camera/Photos/Microphone Contacts SMS Messages SIM Identifiers (IMSI, ICC-ID, IMEI)

TaintDroid 1. Identifies Sensitive Data 2. Taints and Tracks Data Flow via  Variables, Messages, Methods, and Files 3. Monitors Behavior of Running Applications in Realtime 4. Identifies Misuse of Private Data

Android: The OS  Built on the Linux kernel  Applications run on top of middleware  Written in JAVA  Stack-based  Executed in the Dalvik VM Interpreter  Register-based  Allows access to certain native libraries

Android architecture graphic courtesy of Google

TaintDroid Architecture Trusted ApplicationsUntrusted Applications Dalvik VM Interpreter Binder IPC Library Binder Kernel Module Binder IPC Library Dalvik VM Interpreter Trusted Library Taint Source Taint Sink Binder Hook Interpreted Code Kernel Userspace Taint Map TaintDroid Architecture map courtesy of TaintDroid: An Information-Flow…

Types of Tainted Data  Variables  Locals, arguments, statics, classes, and arrays  Messages  Taint tag is upper bound of tainted variables in message  Methods  Tracks and propagates system provided native libraries  Files  One tag per-file, same logic as messages

How Things Get Tainted Sources  Low-bandwidth Sensors  High-bandwidth Sensors  Information Databases  Devices Identifiers Sinks  Network Calls  File-system Writes

Taint Propagation  Rules for passing taint markers  α←C : τ α ←0  β←α:τ β ←τ α  α←α ⊗ β:τ α ←τ α ∪ τ β  …  Govern steps 3, 7 of TaintDroid Architecture

Experiments  30 random popular applications  100 minutes, 22,594 packets, 1,130 TCP connections  Logged all TaintDroid messages  Verified by logging network traffic

Performance Overhead

Throughput Overhead

Performance Takeaways  14% performance overhead  Most operations less than 20ms slower  IPC 27% slower than normal Android OS  Due to continual copying of tags as values placed in buffers  3.5% more memory is used

Results

Contributions  Detects leakage of private after entering applications  Previous work deals with securing data from non-trusted applications  Works even if data is encrypted  Identifies insecure, malicious, and unethical mobile applications  Modest performance overheads

Weaknesses  Requires custom OS modification  No checks on native libraries  No power overhead data  Network traffic only sink tested  Malicious attackers can bypass TaintDroid

Improvements  Real-time tracking and filtering  Eliminate or reduce false-positives through better management of variable-level tags  Detection of bypass attempts

References and Contributions  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smart Phones  Google (  Clip-art courtesy of  Norebbo.com  NASA.com  Linuxchixla.org

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.