MAPMon: A Host-Based Malware Detection Tool
PRDC '07 Proceedings of the 13th Pacific Rim International Symposium on Dependable Computing
Improving the efficiency of dynamic malware analysis
Proceedings of the 2010 ACM Symposium on Applied Computing
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Challenges and business models for mobile location-based services and advertising
Communications of the ACM
The effectiveness of application permissions
WebApps'11 Proceedings of the 2nd USENIX conference on Web application development
Crowdroid: behavior-based malware detection system for Android
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Android permissions demystified
Proceedings of the 18th ACM conference on Computer and communications security
Attacks on WebView in the Android system
Proceedings of the 27th Annual Computer Security Applications Conference
Kernel-based Behavior Analysis for Android Malware Detection
CIS '11 Proceedings of the 2011 Seventh International Conference on Computational Intelligence and Security
Don't kill my ads!: balancing privacy in an ad-supported mobile application market
Proceedings of the Twelfth Workshop on Mobile Computing Systems & Applications
Unsafe exposure analysis of mobile in-app advertisements
Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks
DroidChecker: analyzing android applications for capability leak
Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks
A framework for static detection of privacy leaks in android applications
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Analysis of Malicious and Benign Android Applications
ICDCSW '12 Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
AdDroid: privilege separation for applications and advertisers in Android
Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security
A review of GENI authentication and access control mechanisms
International Journal of Security and Networks
Can Smartphone Users Turn Off Tracking Service Settings?
Proceedings of International Conference on Advances in Mobile Computing & Multimedia
| Hi-index | 0.00 |
Recent investigations have determined that many Android applications in both official and non-official online markets expose details of the user's mobile phone without user consent. In this paper, for the first time in the research literature, we provide a full investigation of why such applications leak, how they leak and where the data is leaked to. In order to achieve this, we employ a combination of static and dynamic analysis based on examination of Java classes and application behaviour for a data set of 123 samples, all pre-determined as being free from malicious software. Despite the fact that anti-virus vendor software did not flag any of these samples as malware, approximately 10% of them are shown to leak data about the mobile phone to a third-party; applications from the official market appear to be just as susceptible to such leaks as applications from the non-official markets.