Uranine: Real-time Privacy Leakage Monitoring without System Modification for Android

Similar documents
Phosphor: Illuminating Dynamic. Data Flow in Commodity JVMs

L.C.Smith. Privacy-Preserving Offloading of Mobile App to the Public Cloud

SieveDroid: Intercepting Undesirable Private-Data Transmissions in Android Applications at Runtime

2 Lecture Embedded System Security A.-R. Darmstadt, Android Security Extensions

DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices

Phosphor: Illuminating Dynamic Data Flow in Commodity JVMs

6.858 Quiz 2 Review. Android Security. Haogang Chen Nov 24, 2014

Phosphor: Illuminating Dynamic Data Flow in the JVM

Ripple: Reflection Analysis for Android Apps in Incomplete Information Environments

Dynamic Taint Tracking for Java with Phosphor (Demo)

Field Analysis. Last time Exploit encapsulation to improve memory system performance

Estimating Mobile Application Energy Consumption Using Program Analysis

Maxoid: Transparently Confining Mobile Applications with Custom Views of State

A Characterization of State Spill in Modern OSes

ReDroid: Prioritizing Data Flows and Sinks for App Security Transformation

Profiling & Optimization

a bayesian approach to privacy enforcement in smartphones

Practical DIFC Enforcement on Android

Profiling & Optimization

Efficient, Context-Aware Privacy Leakage Confinement for Android Applications without Firmware Modding

Jupiter: A Modular and Extensible JVM

LazyTainter : Memory-Efficient Taint Tracking in Managed Runtimes. Zheng Wei

Calculating Source Line Level Energy Information for Android Applications

QuantDroid: Quantitative Approach towards Mitigating Privilege Escalation on Android

Trace-based JIT Compilation

Secure Programming Lecture 15: Information Leakage

Chronicler: Lightweight Recording to Reproduce Field Failures

Optimising Multicore JVMs. Khaled Alnowaiser

Lecture 9. PSiOS: Bring Your Own Privacy & Security to ios Devices. Tim Werthmann, Ralf Hund, Lucas Davi, Ahmad-Reza Sadeghi and Thorsten Holz

Detecting Advanced Android Malware by Data Flow Analysis Engine. Xu Hao & pll

Information-Flow Analysis of Android Applications in DroidSafe

CleanOS: Limiting Mobile Data Exposure with Idle Eviction

Mobile Security for Banking on Android Platform

Formal Security Analysis of Android Apps

Energy-Aware, Security-Conscious Code Offloading for the Mobile Cloud

Lecture Embedded System Security

Better Performance Through Thread-local Emulation

A Trace-based Java JIT Compiler Retrofitted from a Method-based Compiler

CMSC 430 Introduction to Compilers. Fall Language Virtual Machines

Swift: A Register-based JIT Compiler for Embedded JVMs

Unit Test Virtualization with VMVM

Android Analysis Tools. Yuan Tian

CuriousDroid: Automated User Interface Interaction for Android Application Analysis Sandboxes

ARTist: The Android Runtime Instrumentation and Security Toolkit

ios vs Android By: Group 2

A Framework for Evaluating Mobile App Repackaging Detection Algorithms

Moving Databases to Oracle Cloud: Performance Best Practices

Virtualizing JBoss Enterprise Middleware with Azul

DBT Tool. DBT Framework

FLOWMINER: Automatic Extraction of Library Data-Flow Semantics for Partial Program Analysis

Things You May Not Know About Android (Un)Packers: A Systematic Study based on Whole- System Emulation

H.-S. Oh, B.-J. Kim, H.-K. Choi, S.-M. Moon. School of Electrical Engineering and Computer Science Seoul National University, Korea

Androsia Securing 'data in process' for your Android Apps

SARRE: Semantics-Aware Rule Recommendation and Enforcement for Event Paths on Android

Honours/Master/PhD Thesis Projects Supervised by Dr. Yulei Sui

Just-In-Time Compilation

User Control Mechanisms for Privacy Protection Should Go Hand in Hand with Privacy-Consequence Information: The Case of Smartphone Apps

arxiv: v1 [cs.cr] 22 Jul 2016

Interactively Verifying Absence of Explicit Information Flows in Android Apps

CS260 Intro to Java & Android 04.Android Intro

Compiler Construction

MultiJav: A Distributed Shared Memory System Based on Multiple Java Virtual Machines. MultiJav: Introduction

A Method-Based Ahead-of-Time Compiler For Android Applications

CSCE 813 Internet Security Final Exam Preview

Hierarchical Pointer Analysis

On Mobile Malware Infections N. Asokan

Transparent Resource Management with Java RM API

Ubiquitous and Mobile Computing CS 525M: Virtually Unifying Personal Storage for Fast and Pervasive Data Accesses

KLIMAX: Profiling Memory Write Patterns to Detect Keystroke-Harvesting Malware

Hao Chen Benjamin Davis. University of California, Davis. HELIX Project Review Meeting, August 6,2010

Programming Languages FILS Andrei Vasilateanu

Executive Summary. It is important for a Java Programmer to understand the power and limitations of concurrent programming in Java using threads.

Lifecycle-Aware Components Live Data ViewModel Room Library

More On inheritance. What you can do in subclass regarding methods:

Fiji VM Safety Critical Java

Assumptions. History

PennBench: A Benchmark Suite for Embedded Java

JiST Java in Simulation Time An efficient, unifying approach to simulation using virtual machines

Security-enabled Middleware for Android on Odroid

Exam Questions. Give an example network topology where GPSR cannot find a way from a source to a sink. Explain your answer.

Using Scala for building DSL s

Operating Systems (2INC0) 2018/19. Introduction (01) Dr. Tanir Ozcelebi. Courtesy of Prof. Dr. Johan Lukkien. System Architecture and Networking Group

Java Performance: The Definitive Guide

Android App Protection via Interpretation Obfuscation

Java language. Part 1. Java fundamentals. Yevhen Berkunskyi, NUoS

Modeling the Android Platform

Weiss Chapter 1 terminology (parenthesized numbers are page numbers)

Application Security Using Runtime Protection

Measuring and Improving the Potential Parallelism of Sequential Java Programs

Hybrid Static-Dynamic Analysis for Statically Bounded Region Serializability

엄현상 (Eom, Hyeonsang) School of Computer Science and Engineering Seoul National University COPYRIGHTS 2017 EOM, HYEONSANG ALL RIGHTS RESERVED

IBM Research - Tokyo 数理 計算科学特論 C プログラミング言語処理系の最先端実装技術. Trace Compilation IBM Corporation

Managed runtimes & garbage collection. CSE 6341 Some slides by Kathryn McKinley

Managed runtimes & garbage collection

Optimizing Higher-Order Functions in Scala

Ubiquitous and Mobile Computing CS 528:EnergyEfficiency Comparison of Mobile Platforms and Applications: A Quantitative Approach. Norberto Luna Cano

Method-Level Phase Behavior in Java Workloads

CSc 453 Interpreters & Interpretation

Android App Development. Muhammad Sharjeel COMSATS Institute of Information Technology, Lahore

Efficient Segmentation-Aided Text Detection For Intelligent Robots

Transcription:

Uranine: Real-time Privacy Leakage Monitoring without System Modification for Android Vaibhav Rastogi 1, Zhengyang Qu 2, Jedidiah McClurg 3, Yinzhi Cao 4, and Yan Chen 2 1 University of Wisconsin and Pennsylvania State University 2 Northwestern University 3 University of Colorado Boulder 4 Lehigh University

The Privacy Problem Third-party smartphone apps becoming increasingly important Apps regularly leak private information without informing users Private information leakage is a concern for both consumers and enterprises Goal make information about privacy leaks transparent and accessible to the user 2

Outline Requirements and Approach Challenges Design Implementation and Evaluation Conclusion 3

Outline Requirements and Approach Challenges Design Implementation and Evaluation Conclusion 4

Requirements Real-time detection: enable situationally-aware decision making No platform modification: enable deployment on all devices Easily configurable: enable privacy leakage monitoring for just the apps user wants, no overhead for the rest of the system Portable: across different architectures and language runtimes Others: accuracy, performance 5

Requirements TaintDroid Phosphor Real time Yes Yes System Modification Yes Yes Configurability Little Little Portability No Yes Runtime performance Good Good Accuracy Good Good Enck, William, et al. "TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones." ACM Transactions on Computer Systems (TOCS) 32.2 (2014): 5. Bell, Jonathan Schaffer, and Gail E. Kaiser. "Phosphor: Illuminating Dynamic Data Flow in the JVM." OOPSLA (2014). 6

Uranine Inline taint tracking. Add information flow tracking code to the application Do not touch platform code No modification to the runtime No modification to the framework libraries Approximate information flow through platform code 7

Requirements TaintDroid Phosphor Real time Yes Yes System Modification Yes Yes Configurability Little Little Portability No Yes Runtime performance Good Good Accuracy Good Good Enck, William, et al. "TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones." ACM Transactions on Computer Systems (TOCS) 32.2 (2014): 5. Bell, Jonathan Schaffer, and Gail E. Kaiser. "Phosphor: Illuminating Dynamic Data Flow in the JVM." (2014). 8

Requirements TaintDroid Phosphor Uranine Real time Yes Yes Yes System Modification Yes Yes No Configurability Little Little High Portability No Yes Yes Runtime performance Good Good Good Accuracy Good Good Good Enck, William, et al. "TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones." ACM Transactions on Computer Systems (TOCS) 32.2 (2014): 5. Bell, Jonathan Schaffer, and Gail E. Kaiser. "Phosphor: Illuminating Dynamic Data Flow in the JVM." (2014). 9

Deployment Model 10

Outline Requirements and Approach Challenges Design Implementation and Evaluation Conclusion 11

Challenges Tracking taint across calls to framework libraries Accounting for the effects of callbacks Tainting objects while following Java reference semantics 12

Outline Requirements and Approach Challenges Design Implementation and Evaluation Conclusion 13

Design App Framework Code Summarization Rules To Intermediate Representation Instrumentation Taint Storage & Propagation To Bytecode Instrumented App 14

Taint Storage and Propagation Shadow taint location for each location class A { String field; } class A { String field; int field_t; } Similar for method parameters Add additional parameters for carrying taints Return taint returned via parameter Taint propagation for various operations p = q + r; p = q + r; p_t = q_t r_t; 15

Taint Storage and Propagation Introduce taint at sources String id = tm.getdeviceid(); String id = tm.getdeviceid(); int id_t = 1; Check for taint reaching sinks socket.write(devicelocation); if (devicelocation_t!= 0) sendalert(); socket.write(devicelocation); 16

Tracking Taint across library calls Pre-defined rules for summarization Catch-all policy: Combine taint of all parameters and set to the return taint and the taint of object on which method is called (receiver) Above summarization not sufficient: additionally propagate taint to all objects that refer to the object being tainted 17

Callbacks class A { private String id; public A(TelephonyManager m) { id = m.getdeviceid(); } public tostring() { return id; } } tostring() may be called by framework code and the returned string used elsewhere Solution: treat like framework code and propagate return taint to receiver 18

Java Reference Semantics Problem: tainting objects, not just object references If an object gets tainted, all references should show the taint Storing object taints should not affect garbage collection Solution: Use a weak hashtable to map objects to taints 19

Outline Requirements and Approach Challenges Design Implementation and Evaluation Conclusion 20

Implementation Employ dexlib to convert bytecode to IR A class hierarchy analysis to identify callbacks and guide the instrumentation A fine-grained instrumentation framework on top of IR Generates bytecodesequences that pass the Dalvik verifier 6000 lines of Scala code 21

Accuracy Evaluation Use TaintDroid as ground truth Small-scale manual as well as large-scale automated tests Large-scale automated runs with Android Monkey on 1490 apps Privacy leakage results consistent with TaintDroid 4 cases were identified to be Uranine false positives 22

Performance Evaluation Performance expected to be good: framework code, which does the real heavy-lifting, runs without overhead Measuring performance is difficult No macrobenchmarks for Android Microbenchmarkingwill not show true performance on real workloads Created 6 macrobenchmarks from real apps from Google Play Overhead less than 50% for 5 benchmarks, and around 10% in four benchmarks Compares favorably with TaintDroid (30%) and Phosphor (50%) 23

Scope for Optimizations Static analysis may be used to identify code paths that will not leak information Thus only a few paths need to be instrumented Such optimizations not possible for TaintDroid or Phosphor 24

Outline Requirements and Approach Challenges Design Implementation and Evaluation Conclusion 25

Conclusion Privacy is a major issue in the present digital revolution Private information leakage should be transparent Uranine tracks private information leakage in Android apps without platform modification A step towards bringing information leakage transparency to the masses 26

https://play.google.com/stor e/apps/details?id=com.webs hield.privacyshield 27

Thank you! 28

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback