Essay Example on TaintDroid An Information-Flow Tracking System

Summary of TaintDroid An Information Flow Tracking System for Realtime Privacy Monitoring on Smartphones Saman Saman Paderborn University Abstract The following paper deals in determining adequate control and visibility to the user s when their private sensitive information leaves the phone with the help of TaintDroid TaintDroid is a analysis system and dynamic taint tracking which is capable of tracking the ow of private sensitive data through third party applications TaintDroid can be used for Android platform 30 popular third party Android applications were monitored where 20 applications were found to misuse user's personal information 1 Dalvik VM Interpreter The downloaded third party application is not to be trusted is automatically assumed by TaintDroid and it checks how these applications use the users s private data The android applications are written in JAVA but are compiled in special machine bytecode language called DEX which executes in Dalvik VM interpreter The TaintDroid uses the modi ed Dalvik VM interpreter which stores and propagates taint tags on variables Taint Tag is a set of taint markings that contain location microphone etc and different phone identi ers Taint tags are stored adjacent to variables in the memory 

Also the variables which do not have taint markings need to store the taint tag for them due to which it uses more memory space Dalvik has 5 different variables that are used for taint storage They are local variables method argument class static elds class instance elds and arrays Local variables and method argument store in internal execution stack where a new stack is pushed on it every time a method is called Taint tags are interleaved between the variables on the stack One taint tag per array is stored to minimize the overhead and performance This is done as a lot of arrays are as strings The taint tags are propagated in the execution environment by using data ow semantics Dalvik has new machine language to for taint propagation logic 2 Native Methods The applications are capable of executing native methods by using Java Native Interface JNI A lot of system libraries are contained by the android phone which can be executed by the Third party applications As the native methods are executed by the application for the known methods the data ow semantics are already known Different method pro les are written for them to automatically patch the virtual machine interpreter state to execute IPC and File propagation Applications communicate with each other using IPC Here in TaintDroid message level granularity is used for tracking purpose The application are capable of converting the memory representation of an object to a data format which is acceptable for storage and transmission or vice versa When applications write information to a le the le level granularity is used In TaintDroid one taint tag for a le is stored 

The IMSI numeric string consists of Mobile Country Code MCC Mobile Network Code MNC that are tainted together These MNC and MNC are used extensively by Android as configuration parameters when commuting their data Due to which all the information in the parcel becomes tainted and leads to an explosion of tainted information 2 1 Conclusion A lot of applications do not provide clear visibility to users into how these applications use the user's private data such as location sensors camera images and contact list To address this TaintDroid is presented which is a information ow tracking tool It can simultaneously track multiple sources of sensitive data In TaintDroid all the four granularity of taint propagation are integrated which makes TaintDroid e cient in achieving 14 performance overhead 30 applications based on Android platform were taken up and it was found that about two third of the applications were suspiciously handling the sensitive data