Presentation is loading. Please wait.

Presentation is loading. Please wait.

University of Central Florida TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones Written by Enck, Gilbert,

Published byRachel Bradford Modified over 9 years ago

Similar presentations

Presentation on theme: "University of Central Florida TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones Written by Enck, Gilbert,"— Presentation transcript:

1 University of Central Florida TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones Written by Enck, Gilbert, Chun, Cox, Jung, McDanniel, and Sheth in 2010, 9th USENIX Symposium Paper presentation by Hyanglim You Mar 19th 2014 1

2 TaintDroid: An Information-Flow Tracking System University of Central Florida Outline Background and Motivation – Threat in Privacy Information – Gathering unnecessary data – Goal & Challenges Dynamic Taint Analysis TaintDroid System – Four level tracking techniques Experiment results & Performance Weaknesses & Improvement Summary 2

3 TaintDroid: An Information-Flow Tracking System University of Central Florida Threats in Privacy Info. Smartphone App – Permissions – Information & Resources e.g., location, microphone, camera, etc. No guarantee of your privacy information will be safe 3

4 TaintDroid: An Information-Flow Tracking System University of Central Florida Gathering unnecessary data What do you expect from a WallPaper app? Are you agree a WallPaper app with gathering your phone number, subscriber identifier (e.g., IMSI), and the currently entered voice mail number on the phone? 4 Found by App Genome Project at Blackhat in July 2010 https://blog.lookout.com/blog/2010/07/29 /mobile-application-analysis-blackhat/ https://blog.lookout.com/blog/2010/07/29 /mobile-application-analysis-blackhat/ From the reference [4]

5 TaintDroid: An Information-Flow Tracking System University of Central Florida Goal Want : Use valuable information legitimately (e.g., navigation app uses location info.) Don’t want : Abuse valuable information (e.g., pervious wallpaper app example) Need : Know what applications are doing with private information Goal : Monitor app behavior to find when privacy information leaves the phone. 5

6 TaintDroid: An Information-Flow Tracking System University of Central Florida Challenge Balance between utility and private risks 6 Problems – Smart phones are constrained by resources. – A number of types of information – Constantly changing information – Applications share their information with one another

7 TaintDroid: An Information-Flow Tracking System University of Central Florida Dynamic Taint Analysis Basic idea – Tracking information dependencies from the origin Concept – Taint source – Taint sink – Taint propagation i = get_input(); two = 2; j = i + two; send_to_sink(j); 7 From the reference [2]

8 TaintDroid: An Information-Flow Tracking System University of Central Florida Dynamic Taint Analysis Basic idea – Tracks information dependencies from the origin Concept – Taint source – Taint sink – Taint propagation i = get_input(); two = 2; j = i + two; send_to_sink(j); Tag 8

9 TaintDroid: An Information-Flow Tracking System University of Central Florida Dynamic Taint Analysis Basic idea – Tracks information dependencies from an origin Concept – Taint source – Taint propagation – Taint sink i = get_input(); two = 2; j = two * i; send_to_sink(j); Tag 9

10 TaintDroid: An Information-Flow Tracking System University of Central Florida Dynamic Taint Analysis Basic idea – Tracks information dependencies from an origin Concept – Taint source – Taint propagation – Taint sink i = get_input(); two = 2; j = i + two; send_to_sink(j); Tag 10

11 TaintDroid: An Information-Flow Tracking System University of Central Florida TaintDroid Not an app but an extension to the Android mobile-phone platform to track the flow of privacy sensitive data (system-wide integration) Detect when sensitive data leaves the system via untrusted applications Existing solutions – rely on heavy-weight whole-system emulation Use Android’s VM architecture and integrate several levels of tracking techniques 11

12 TaintDroid: An Information-Flow Tracking System University of Central Florida Four levels of Tracking Tech. 12 Figure 1: From the original paper

13 TaintDroid: An Information-Flow Tracking System University of Central Florida Four levels of Tracking Tech. Labeled data 13 Figure 1: From the original paper

14 TaintDroid: An Information-Flow Tracking System University of Central Florida Variable level Tracking Tracks within VM environment by modifying Dalvik VM interpreter. Dalvik VM instance stores/propagates taint tag on variables Dalvik VM interpreter 14

15 TaintDroid: An Information-Flow Tracking System University of Central Florida Method level Tracking Applications can execute native methods using the Java Native interface (JNI ) Data flow is propagated by pre-defined method profiles 15

16 TaintDroid: An Information-Flow Tracking System University of Central Florida Message level Tracking Binder IPC (Inter Process Communication) – a component-based processing and IPC framework Message taint tags are propagated during IPC Binder IPC 16

17 TaintDroid: An Information-Flow Tracking System University of Central Florida File level Tracking Taint tags may be lost when data is written to a file Stores file taint tags in the extended attributes of the file system and updates/propagates 17

18 TaintDroid: An Information-Flow Tracking System University of Central Florida Experiment and Findings Setup – 1100 samples of the most popular Android applications – 358 of 1100 required Internet permissions or different sensitive information – Randomly selected 30 of them 18 Findings – Over 1000 TCP connections and 105 TCP connections containing private information – 15 of them were sharing the location with a third party advertisement server without notifying the user

19 TaintDroid: An Information-Flow Tracking System University of Central Florida Findings (detail) 19 Table3: From the original paper

20 TaintDroid: An Information-Flow Tracking System University of Central Florida Performance Execution time results of the CaffeineMark 3.0 Benchmark Scores correspond to the number of Java instructions / second This benchmark is useful for relative comparisons Only 14% overhead Memory overhead 4.4% IPC overhead 27% Others App load: 3% (2ms) Address book: (< 20 ms) – 5.5% create, 18% read Phone call: 10% (10ms) Take picture: 29% (0.5s) 20 Figure 5: From the original paper

21 TaintDroid: An Information-Flow Tracking System University of Central Florida Demo from http://appanalysis.org/demo/ 21

22 TaintDroid: An Information-Flow Tracking System University of Central Florida Overall overhead might not be enough Limitations/Weaknesses Approach Limitations: Only tracks data flows (i.e., explicit flows) to minimize performance overhead Taint Source Limitations: False positives can occur when the tracked information contains configuration identifiers 22 IMSI MNC MCC MSIN

23 TaintDroid: An Information-Flow Tracking System University of Central Florida Improvements Integrate with expert rating systems – to know what the most important privacy information Use machine learning techniques to decide correct taint source Combine with implicit way analysis 23

24 TaintDroid: An Information-Flow Tracking System University of Central Florida Summary Provides an efficient, system-wide information flow tracking tool that can simultaneously track multiple sources of sensitive data. Integrates four level of taint propagation (variable-level, message-level, method-level, and file-level) to achieve a 14% performance. Found 15 of the 30 applications reported users’ locations to remote advertising servers Updated continually and the source code was opened to the public – http://appanalysis.org/download.html http://appanalysis.org/download.html 24

25 TaintDroid: An Information-Flow Tracking System University of Central Florida [1] Main Paper : William Enck et al., TaintDroid: An Information- Flow Tracking System for RealTime Privacy Monitoring on Smartphones. [2] Dynamic Taint Analysis: http://users.ece.cmu.edu/~dbrumley/courses/18487-f10/files/taint- analysis-overview.pdf http://users.ece.cmu.edu/~dbrumley/courses/18487-f10/files/taint- analysis-overview.pdf [3] All You Ever Wanted to Know about Dynamic Taint Analysis and Forward Symbolic Execution (but Might Have Been Afraid to Ask) http://ieeexplore.ieee.org/xpl/login.jsp?tp=&arnumber=5504796&ur l=http%3A%2F%2Fieeexplore.ieee.org%2Fxpls%2Fabs_all.jsp%3Far number%3D5504796 http://ieeexplore.ieee.org/xpl/login.jsp?tp=&arnumber=5504796&ur l=http%3A%2F%2Fieeexplore.ieee.org%2Fxpls%2Fabs_all.jsp%3Far number%3D5504796 [4] Demo: http://appanalysis.org/demohttp://appanalysis.org/demo Principal References 25

26 TaintDroid: An Information-Flow Tracking System University of Central Florida 26

27 TaintDroid: An Information-Flow Tracking System University of Central Florida Notes Most images of the non-relevant techniques (e.g., smartphone image) in this presentation is borrowed from Google image search results Tables and charts is from the main paper 27

Download ppt "University of Central Florida TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones Written by Enck, Gilbert,"

Similar presentations

NetServ Dynamic in-network service deployment Henning Schulzrinne (Columbia University) Srinivasan Seetharaman (Georgia Tech) Volker Hilt (Bell Labs)

NetServ Dynamic in-network service deployment Henning Schulzrinne (Columbia University) Srinivasan Seetharaman (Georgia Tech) Volker Hilt (Bell Labs)
DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis Lok Kwong Yan, and Heng Yin Syracuse University.

DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis Lok Kwong Yan, and Heng Yin Syracuse University.
A new Network Concept for transporting and storing digital video…………

A new Network Concept for transporting and storing digital video…………
Presented By Abhishek Singh Computer Science Department Kent state University WILLIAM ENCK, MACHIGAR ONGTANG, AND PATRICK MCDANIEL.

Presented By Abhishek Singh Computer Science Department Kent state University WILLIAM ENCK, MACHIGAR ONGTANG, AND PATRICK MCDANIEL.
Aurasium: Practical Policy Enforcement for Android Applications By Yaoqi USENIX Security Symposium 2012.

Aurasium: Practical Policy Enforcement for Android Applications By Yaoqi USENIX Security Symposium 2012.
Mobile Security: Android Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources. See the last slide.

Mobile Security: Android Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources. See the last slide.
William Enck, Peter Gilbert, Byung-Gon Chun, Landon P

William Enck, Peter Gilbert, Byung-Gon Chun, Landon P
ECOS: Leveraging Software-Defined Networks to Support Mobile Application Offloading Aaron Gember, Christopher Dragga, Aditya Akella University of Wisconsin-Madison.

ECOS: Leveraging Software-Defined Networks to Support Mobile Application Offloading Aaron Gember, Christopher Dragga, Aditya Akella University of Wisconsin-Madison.
Smartphone Apps Development Team Weiqing Li Lijun Zhu Man Li.

Smartphone Apps Development Team Weiqing Li Lijun Zhu Man Li.
Richard Yu.  Present view of the world that is: Enhanced by computers Mix real and virtual sensory input  Most common AR is visual Mixed reality virtual.

Richard Yu.  Present view of the world that is: Enhanced by computers Mix real and virtual sensory input  Most common AR is visual Mixed reality virtual.
Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson Presented By: Rajat Khandelwal – 2009CS10209 Parikshit.

Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson Presented By: Rajat Khandelwal – 2009CS10209 Parikshit.
Protecting User Data in Ubiquitous Computing: Towards Trustworthy Environments Yitao Duan and John Canny UC Berkeley.

Protecting User Data in Ubiquitous Computing: Towards Trustworthy Environments Yitao Duan and John Canny UC Berkeley.
July 11 th, 2005 Software Engineering with Reusable Components RiSE’s Seminars Sametinger’s book :: Chapters 16, 17 and 18 Fred Durão.

July 11 th, 2005 Software Engineering with Reusable Components RiSE’s Seminars Sametinger’s book :: Chapters 16, 17 and 18 Fred Durão.
Extensible Scalable Monitoring for Clusters of Computers Eric Anderson U.C. Berkeley Summer 1997 NOW Retreat.

Extensible Scalable Monitoring for Clusters of Computers Eric Anderson U.C. Berkeley Summer 1997 NOW Retreat.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 14: Troubleshooting Windows Server 2003 Networks.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 14: Troubleshooting Windows Server 2003 Networks.
DYNAMIC DATA TAINTING AND ANALYSIS. Roadmap  Background  TaintDroid  JavaScript  Conclusion.

DYNAMIC DATA TAINTING AND ANALYSIS. Roadmap  Background  TaintDroid  JavaScript  Conclusion.
Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.

Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.
Jason Morrill NCOAUG Training Day February, 2008

Jason Morrill NCOAUG Training Day February, 2008
Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.

Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.
A METHODOLOGY FOR EMPIRICAL ANALYSIS OF PERMISSION-BASED SECURITY MODELS AND ITS APPLICATION TO ANDROID.

A METHODOLOGY FOR EMPIRICAL ANALYSIS OF PERMISSION-BASED SECURITY MODELS AND ITS APPLICATION TO ANDROID.

Similar presentations

Ads by Google