Title: Detection of sensitive information leakage in Android applications using signature generation
Authors: Hiroki Kuzuno; Satoshi Tonami
Addresses: Intelligent Systems Laboratory, SECOM Co., Ltd., Mitaka, Tokyo 181–8528, Japan ' Intelligent Systems Laboratory, SECOM Co., Ltd., Mitaka, Tokyo 181–8528, Japan
Abstract: There has been growth in the development of mobile device market. In particular, many mobile devices' applications are 'free', but depend on advertisement modules for their revenue. An advertisement module can collect a user's sensitive information and transmit it across the network. Such behaviour becomes an invasion of privacy. We analysed 1,188 Android applications traffic and permissions, 93% connected to multiple network destinations, and 55% required both access to sensitive information and the networking permissions. Of the 107,859 HTTP packets from these applications, 22% contained sensitive information. In an effort to enable users to control the transmission of their private information, we propose a system which, using a novel clustering method based on the HTTP destination and content distances, generates signatures from the clustering result and uses them to detect sensitive information leakage from applications. Our system detected 97% of the sensitive information leakage, with only 3% false positive results.
Keywords: Android security; privacy; Android applications; mobile devices; leakage detection; sensitive information; signature generation; clustering; HTTP destination; content distances.
International Journal of Space-Based and Situated Computing, 2015 Vol.5 No.1, pp.53 - 62
Received: 23 Oct 2014
Accepted: 17 Nov 2014
Published online: 31 Mar 2015 *