TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones

TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones

Today's smartphone operating systems frequently fail to provide users with visibility into how third-party applications collect and share their private data. We address these shortcomings with TaintDroid, an efficient, system-wide dynamic taint tracking and analysis system capable of simultaneo...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:ACM transactions on computer systems 2014-06, Vol.32 (2), p.1-29
Hauptverfasser: ENCK, William, GILBERT, Peter, HAN, Seungyeop, TENDULKAR, Vasant, CHUN, Byung-Gon, COX, Landon P, JAEYEON JUNG, MCDANIEL, Patrick, SHETH, Anmol N
Format: Artikel
Sprache:eng
Schlagworte:
Applied sciences
Computer science
control theory
systems
Computer systems and distributed systems. User interface
Dynamic tests
Dynamical systems
Dynamics
Electronics
Exact sciences and technology
Information sharing
Information systems. Data bases
Integrated circuits
Integrated circuits by function (including memories and processors)
Memory organisation. Data processing
Monitoring
Monitors
Operating systems
Personal information
Privacy
Real time
Semiconductor electronics. Microelectronics. Optoelectronics. Solid state devices
Services and terminals of telecommunications
Smartphones
Software
Studies
Systems, networks and services of telecommunications
Telecommunications
Telecommunications and information theory
Telephone. Videophone
Third party
Tracking
Tracking control systems
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Today's smartphone operating systems frequently fail to provide users with visibility into how third-party applications collect and share their private data. We address these shortcomings with TaintDroid, an efficient, system-wide dynamic taint tracking and analysis system capable of simultaneously tracking multiple sources of sensitive data. TaintDroid enables realtime analysis by leveraging Android's virtualized execution environment. TaintDroid incurs only 32% performance overhead on a CPU-bound microbenchmark and imposes negligible overhead on interactive third-party applications. Using TaintDroid to monitor the behavior of 30 popular third-party Android applications, in our 2010 study we found 20 applications potentially misused users' private information; so did a similar fraction of the tested applications in our 2012 study. Monitoring the flow of privacy-sensitive data with TaintDroid provides valuable input for smartphone users and security service firms seeking to identify misbehaving applications.
ISSN:0734-2071
1557-7333
DOI:10.1145/2619091