Leak Finder: A tool for Dynamic Analysis of Android Applications
نویسنده
چکیده
In this project we implemented Leak Finder, a tool for examining how Android applications use their granted permissions. Leak Finder instruments Android applications with custom log code, then it collects the logs from actual user application runs and uses these logs to create an execution graph. Auditors can use the executing graph to examine when an applications tends to use its permissions. We used Leak Finder to audit eight different Android applications. From our results we verified that Leak Finder can give insighting the way that the application handle their permissions. We made an interesting observation that many permissions are used in a non-user interactive way.
منابع مشابه
A Survey on Potential Privacy Leaks of GPS Information in Android Applications
....................................................................... iii ACKNOWLEDGEMENTS...................................................... iv TABLE OF CONTENTS......................................................... v LIST OF TABLES................................................................. ix LIST OF FIGURES............................................................... x CHAPTE...
متن کاملCHECKERDROID : Automated Quality Assurance for Smartphone Applications
Smartphone applications’ quality is vital. However, many smartphone applications on market suffer from various bugs. One major reason is that developers lack viable techniques to help expose potential bugs in their applications. This paper presents a practical dynamic analysis tool, CheckerDroid, to help developers automatically detect both functional and non-functional bugs in their Android ap...
متن کاملStatic Analysis of Memory Leak in Android Applications
The popularity of Android applications have grown dramatically in the last few years. Android applications run on mobile devices that have limited memory resources. Although Android has its own memory manager with garbage collection support, many applications currently suffer from memory leak vulnerabilities. These applications may crash due to out of memory error while running, and this will l...
متن کاملI know what leaked in your pocket: uncovering privacy leaks on Android Apps with Static Taint Analysis
Android applications may leak privacy data carelessly or maliciously. In this work we perform inter-component dataflow analysis to detect privacy leaks between components of Android applications. Unlike all current approaches, our tool, called IccTA, propagates the context between the components, which improves the precision of the analysis. IccTA outperforms all other available tools by reachi...
متن کاملSecurity Analysis of Permission-Based Systems using Static Analysis: An Application to the Android Stack
In recent years, mobile devices, such as smart phones, have spread at an exponential rate. The most used system running on these devices, accounting for almost 80% of market share for smart phones world-wide, is the Android software stack. This system runs Android applications that users download from an application market. The system is called a permission-based system since it limits access t...
متن کامل