Title: Detection of sensitive information leakage in Android applications using signature generation

Authors: Hiroki Kuzuno; Satoshi Tonami

Addresses: Intelligent Systems Laboratory, SECOM Co., Ltd., Mitaka, Tokyo 181–8528, Japan ' Intelligent Systems Laboratory, SECOM Co., Ltd., Mitaka, Tokyo 181–8528, Japan

Abstract: There has been growth in the development of mobile device market. In particular, many mobile devices' applications are 'free', but depend on advertisement modules for their revenue. An advertisement module can collect a user's sensitive information and transmit it across the network. Such behaviour becomes an invasion of privacy. We analysed 1,188 Android applications traffic and permissions, 93% connected to multiple network destinations, and 55% required both access to sensitive information and the networking permissions. Of the 107,859 HTTP packets from these applications, 22% contained sensitive information. In an effort to enable users to control the transmission of their private information, we propose a system which, using a novel clustering method based on the HTTP destination and content distances, generates signatures from the clustering result and uses them to detect sensitive information leakage from applications. Our system detected 97% of the sensitive information leakage, with only 3% false positive results.

Keywords: Android security; privacy; Android applications; mobile devices; leakage detection; sensitive information; signature generation; clustering; HTTP destination; content distances.

DOI: 10.1504/IJSSC.2015.067998

International Journal of Space-Based and Situated Computing, 2015 Vol.5 No.1, pp.53 - 62

Available online: 09 Mar 2015 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article