Title: Towards an understanding of the impact of advertising on data leaks

Authors: Veelasha Moonsamy; Moutaz Alazab; Lynn Batten

Addresses: School of Information Technology, Deakin University, Australia ' School of Information Technology, Deakin University, Australia ' School of Information Technology, Deakin University, Australia

Abstract: Recent investigations have determined that many Android applications in both official and non-official online markets expose details of the user's mobile phone without user consent. In this paper, for the first time in the research literature, we provide a full investigation of why such applications leak, how they leak and where the data is leaked to. In order to achieve this, we employ a combination of static and dynamic analysis based on examination of Java classes and application behaviour for a data set of 123 samples, all pre-determined as being free from malicious software. Despite the fact that anti-virus vendor software did not flag any of these samples as malware, approximately 10% of them are shown to leak data about the mobile phone to a third-party; applications from the official market appear to be just as susceptible to such leaks as applications from the non-official markets.

Keywords: Androids; dynamic analysis; static; data leaks; DroidBox; advertising; mobile phones; cell phones; Android applications; malicious software; malware; security; online markets.

DOI: 10.1504/IJSN.2012.052540

International Journal of Security and Networks, 2012 Vol.7 No.3, pp.181 - 193

Published online: 10 Mar 2013 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article