Investigation of taint analysis for Smartphone-implicit taint detection and privacy leakage detection

Today’s Smartphone operating systems frequently fail to provide users with adequate control and visibility into how the third-party applications use their private data. With TaintDroid realized on Android system, we can detect user’s implicit taint and privacy leakage. But TaintDroid has some inherent defects. To better detect user’s implicit taint and privacy leakage in the Android platform, this paper analyzes implicit taint detection and then proposes an automated detection system based on dynamic taint tracking, called TaintChaser. Monitoring sensitive data with TaintChaser provides informed use of third-party applications for phone users and valuable input for smart-phone security service firms seeking to identify misbehaving applications. TaintChaser can detect behaviors of user’s data leakage in Android applications at a fine granularity level and the system can also analyze and test massive Android software in an automatic way. It uses TaintChaser to automatically analyze 38,268 popular Android applications and finds that 34.41 % of them may leak user’s privacy.