A Survey on Potential Privacy Leaks of GPS Information in Android Applications

نویسنده

  • Srinivas Kalyan Yellanki
چکیده

....................................................................... iii ACKNOWLEDGEMENTS...................................................... iv TABLE OF CONTENTS......................................................... v LIST OF TABLES................................................................. ix LIST OF FIGURES............................................................... x CHAPTER 1 INTRODCUTION..................................................1 1.1 Android History...........................................................1 1.2 Pre-Commercial Release Versions......................................3 1.2.1 Alpha Version...................................................3 1.2.2 Beta Version....................................................3 1.3 Outline......................................................................4 1.4 Motivation..................................................................5 1.5 Attacking Procedure.......................................................6 CHAPTER 2 ANDROID ARCHITECTURE..................................8 2.1 Android Security Architecture...........................................8 2.2 System and Kernel Security..............................................9 2.3 Application Security in Android.......................................10 2.4 Sandbox...................................................................11 vi 2.4.1 Functionality...................................................13 2.5 Droidbox..................................................................14 CHAPTER 3 VULNERABILITIES............................................17 3.1 Vulnerabilities of Data Leakage in Android Applications.........17 Data Leak through the Android App Structure..........................17 3.1.1 ContentProvider and Permission............................17 3.1.2 Data Leak through Reverse Engineering...................20 a) Using Dedexer Tool.......................................21 b) Data Leak through Apk Manager........................22 c) Proguard....................................................23 3.2 Vulnerabilities of Data Leakage in Android GPS Applications...24 CHAPTER 4 LEAKAGE DETECTION ANALYSIS......................28 Detecting Leakage Analysis in GPS Applications.......................28 Approaches....................................................................29 4.1 LeakMiner A Static Taint Analysis.................................29 Functionality.............................................................31 4.1.1 Fundamental activity lifecycle callbacks...................31 4.1.2 Activity supplementary callbacks...........................32 4.1.3 Basic service lifecycle callbacks............................32 4.1.4 Service supplementary callbacks............................32 vii 4.2 TaintDroid – a Dynamic Taint approach.............................33 4.3 Detection Leakage through Hybrid Analysis........................38 4.4 Detection Leakage through Cloud based analysis..................39 4.5 Leak Detection through Kynoid........................................41 4.6 DroidVulMon............................................................43 4.6.1Security Architecture for malicious App detection........43 4.7 Overall Comparison....................................................46 CHAPTER 5 ANDROID APPTRCK ME...................................48 5.1 Location Tracking Applications.......................................47 5.2 Case Study................................................................49 5.3 Personalized Android app – Track Me...............................51 Functionality..........................................................51 5.3.1 Welcome Screen...............................................52 5.3.2 Go to application..............................................53 5.3.3 Contacts.........................................................54 5.3.4 Choosing a Contact...........................................55 5.3.5 Start Updating.................................................56 5.3.6 Text Message Notification...................................57 5.3.7 Google Map View.............................................58 viii CHAPTER 6 RECOMMENDATIONS FOR SECURE APPS...............59 CHAPTER 7 CONCLUSION AND FUTURE WORK.....................61 BIBLIOGRAPHY..................................................................62 VITA

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

I know what leaked in your pocket: uncovering privacy leaks on Android Apps with Static Taint Analysis

Android applications may leak privacy data carelessly or maliciously. In this work we perform inter-component dataflow analysis to detect privacy leaks between components of Android applications. Unlike all current approaches, our tool, called IccTA, propagates the context between the components, which improves the precision of the analysis. IccTA outperforms all other available tools by reachi...

متن کامل

Using An Instrumentation based Approach to Detect Inter-Component Leaks in Android Apps

The success of the Android OS in its user base as well as in its developer base can partly be attributed to its communication model, named Inter-Component Communication (ICC), which promotes the development of loosely-coupled applications. By dividing applications into components that can exchange data within a single application and across several applications, Android encourages software reus...

متن کامل

Security Analysis of Permission-Based Systems using Static Analysis: An Application to the Android Stack

In recent years, mobile devices, such as smart phones, have spread at an exponential rate. The most used system running on these devices, accounting for almost 80% of market share for smart phones world-wide, is the Android software stack. This system runs Android applications that users download from an application market. The system is called a permission-based system since it limits access t...

متن کامل

A Sudy on Information Privacy Issue on Social Networks

In the recent years, social networks (SN) are now employed for communication and networking, socializing, marketing, as well as one’s daily life. Billions of people in the world are connected though various SN platforms and applications, which results in generating massive amount of data online. This includes personal data or Personally Identifiable Information (PII). While more and more data a...

متن کامل

Detecting Privacy Leaks in Android Apps

The number of Android apps have grown explosively in recent years and the number of apps leaking private data have also grown. It is necessary to make sure all the apps are not leaking private data before putting them to the app markets and thereby a privacy leaks detection tool is needed. We propose a static taint analysis approach which leverages the control-flow graph (CFG) of apps to detect...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2017