• PDF / 1,763,599 Bytes
• 9 Pages / 439.37 x 666.142 pts Page_size
• 98 Downloads / 210 Views

DOWNLOAD

REPORT

Abstract An app in Android can collaborate with other apps and control personal information by using the Intent or user’s allowing of permission. However, users cannot detect when they communicate. Therefore, users might not be aware information leakage if app is malware. This paper proposes DroidTrack, a method for tracking the diffusion of personal information and preventing its leakage on an Android device. DroidTrack alerts the user of the possibility of information leakage when an app uses APIs to communicate with outside. These alerts are triggered only if the app has already called APIs to collect personal information. Users are given the option to refuse the execution of the API if it is not appropriate. Further, by illustrating how their personal data is diffused, users can have the necessary information to help them decide whether the API use is appropriate. Keywords Android


Malware
Preventing information leakage
API control

1 Introduction In recent years, adoption of the smartphone has been rapidly spreading, and Android [1] is one of the popular operating systems (OS) for smartphones. An app developer can make the app available through a Web site, such as Google Play Store [2]. However, an app [3] can hijack administrative privileges in order to exploit vulnerability in the Android OS and send out illegally collected personal information. S. Sakamoto (&)
K. Okuda
R. Nakatsuka
T. Yamauchi Graduate School of Natural Science and Technology, Okayama University, Okayama, Japan e-mail: [email protected] T. Yamauchi e-mail: [email protected]

J. J. (Jong Hyuk) Park et al. (eds.), Multimedia and Ubiquitous Engineering, Lecture Notes in Electrical Engineering 240, DOI: 10.1007/978-94-007-6738-6_31,  Springer Science+Business Media Dordrecht(Outside the USA) 2013

243

244

S. Sakamoto et al.

Malware that target the Android OS are usually intended to illegally collect personal information. A mobile device contains a large amount of personal information, such as name, address, phone number, etc. and their information can be easily obtained by apps using the Android API. In addition, many users are unaware that mobile phones are not secure and usually do not come with any antimalware software. For this reason, there is a possibility of information leakage while user did not notice the infection of malware. An Android app is executed in sandbox, and communication with other apps is severely restricted, except using Intent [4]. Key features such as external communications and the acquisition of personal information require permissions from the user. However, the user cannot detect when the personal information is obtained by the app and whether that personal information was leaked. In this paper, we propose DroidTrack: a method for tracking information leakage diffusion and preventing information leakage on Android, tracks information diffusion after the app has obtained personal information. DroidTrack alerts the user if there is a possibility of information leakage, and al

Recommend Documents

Study of Tourism Information System Based on Android Platform

203 112 352KB

Theory of Leakage Preventing Layer

142 64 17MB

Business agility and diffusion of information technology

176 26 86KB

Robust Object Tracking via Information Theoretic Measures

189 84 3MB

Information Leakage Via Electromagnetic Emanations and Evaluation of Tempest Countermeasures

175 95 691KB

Leakage Assessment Through Neural Estimation of the Mutual Information

206 3 39MB

Unprovability of Leakage-Resilient Cryptography Beyond the Information-Theoretic Limit

184 75 16MB

Blog Topic Diffusion Prediction Model Based on Link Information Flow

119 15 12MB

Study on Information Diffusion in Online Social Network

176 44 206KB

STDNeut: Neutralizing Sensor, Telephony System and Device State Information on Emulated Android Environments

158 14 25MB

Multi-object Tracking Combines Motion and Visual Information

193 97 16MB

Design and Implementation of Educational Administration Information Access System Based on Android Platform

160 86 649KB