Your SlideShare is downloading. ×
0
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Mobile privacysurvey presentation
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Mobile privacysurvey presentation

226

Published on

Published in: Technology, News & Politics
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
226
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Nitisha Desai, Sean Wang and Jiang ZhuNovember 23rd, 2011 1
  • 2. • Privacy in the news• TaintDroid 2
  • 3. 3
  • 4. • Addresses of websites • Share with other companies •URLS • Verizon will use this information for •Search Terms •Business & Marketing Reports• Location Details •Making relevant mobile ads• App and Device usage• Use of Verizon Products• Demographic categories •Gender •Age •Sports •Frequent Diner 4
  • 5. • “I know where you were and what you are Sharing: Exploiting P2P Communications to Invade Users‟ Privacy”• An attacker can Identify a person, their location and filesharing habits 5
  • 6. 6
  • 7. • Collected children‟s • “Unsubtantiated • P2P File Sharing personal and deceptive” exposed app users‟ information without personal parental consent information without authorization• Violated COPPA 7
  • 8. • Geolocational Privacy and Surveillance Act• Creates rules to govern the interception and disclosure of geolocation information• Prohibits unlawfully intercepted geolocation information to be used as evidence 8
  • 9. • Require companies to tell users when location data is being collected• Allow the users to decide whether or not to disclose this information to third parties 9
  • 10. 10
  • 11. • “With more than 58% of U.S. mobile users worried that their data can be easily accessed by others, a privacy policy that helps establish and maintain consumer trust is absolutely essential.”• Create a framework for developers to use to provide clear and functional privacy disclosures to consumers who use mobile applications. 11
  • 12. Policy maker Policy Language Code GuidanceResources 12
  • 13. Authors: William Enck, Peter Gilbert, Byung-Gon Chun, Landon P.Cox,Jaeyeon Jung, Patrick McDaniel and Anmo N.Sheth.Slide credits: William Enck, Steven Zittrower 13
  • 14. • What is TaintDroid• Why it‟s Important• Implementation• Costs and Tradeoffs• Results 14
  • 15. 15
  • 16. GPS/Location DataCamera/Photos/MicrophoneContactsSMS MessagesSIM Identifiers (IMSI, ICC-ID, IMEI)
  • 17. • Goals: Monitor app behavior to determine when privacy sensitive information leaves the phone• Challenges .. • Smartphones are resource constrained • Third-party applications are entrusted with several types of privacy sensitive information • Context-based privacy information is dynamic and can be difficult to identify even when sent in the clear • Applications can share information 18
  • 18. Dynamic Taint Analysis • Dynamic taint analysis is ais a technique that tracks 1. Dynamic taint analysis technique that tracks the information information dependencies from an origin dependencies from it origin. • Conceptual idea: 2. Conceptual Ideas: c = t ai nt _sour ce( ) ‣ a. Taint source Taint source ... ‣ b. Taint propagation Taint propagation c. Taint sink a = b + c ‣ Taint sink ... net wor k_send( a) • Limitations: performance and granularity is a trade-offystems and Internet Infrastructure Security Laboratory (SIIS) Page 5 19
  • 19. 20
  • 20. TaintDroid Architecture map courtesy of TaintDroid: An Information-Flow…Interpreted Code Trusted Applications Untrusted Applications 8 Trusted Library Taint Source 1 Taint Sink 2 3 6 7 9 Taint Map Taint MapUserspace Dalvik VM Dalvik VM Interpreter Interpreter 4 Binder IPC Library Binder IPC Library Binder Hook Binder Hook 5Kernel Binder Kernel Module 21
  • 21. ‣ Patches state after native method invocation ‣ Extends tracking between applications and to storage Message-level tracking Alci n o pi a Ce p to d M sg Alci n o pi a Ce p to d Va it l ru Va it l ru Variable-level Mie an ch Mie an ch tracking Method-level NvSt m rr s a eye L a t i s i i b e tracking File-level N o Itr c e r nf e t k e w a So a S a e n r t rg c dy o e tracking • Variables Local variables, arguments, class static fields, class instances, and arrays • TaintDroid is a firmware modification, not an app • Messagesystems and Internet Infrastructure Security Laboratory (SIIS) Page 6 Taint tag is upper bound of tainted variables in message • Methods Tracks and propagates system provided native libraries • Files One tag per-file, same logic as messages 22
  • 22. Sources Sinks• Low-bandwidth • Network Calls Sensors • File-system Writes• High-bandwidth Sensors• Information Databases• Devices Identifiers 23
  • 23. • The authors modified the Dalvik VM interpreter to store and propagate taint tags (a taint bit-vector) on variables.• Local variables and tags: taint tags stored adjacent to variables on the internal execution stack. -- 32-bit bitvector with each variable 24
  • 24. • Rules for passing taint markers• α←C : τα←0• β←α:τβ←τα• α„←α⊗β:τα←τα∪τβ• …• Govern steps 3, 7 of TaintDroid Architecture 25
  • 25. 26
  • 26. 27
  • 27. • 14% overall overhead. Smallest for arithmetic and logic operations; greatest for string operations• 4.4% memory overhead 28
  • 28. 25 21.88 MB 21.06 MB 19.48 MB 18.92 MB2015 10.89 ms Android 8.58 ms TaintDroid1050 App Load Time Address Book © Address Book ® 27% slower 3.5% more memory 29
  • 29. 30%25%20%15%10%5%0% App Load Addres Book Addres Book Phone Call Take Picture Time (create) (read) 63:65 348:367 101:119 96:106 1718:2216 (Android: TaintDriod in ms) 30
  • 30. 31
  • 31. • Selected 30 applications with bias on popularity and access to Internet, location, microphone, and camera • 100 minutes, 22,594 packets, 1,130 TCP connections• Of 105 flagged TCP connections, only 37 legitimate. 32
  • 32. • 15 of the 30 applications shared physical location with an ad server (admob.com, ad.qwapi.com, ads.mobclix.com, data.flurry.com)• Most traffic was plaintext (e.g., AdMob HTTP GET):• In no case was sharing obvious to user or in EULA • In some cases, periodic and occurred without app use 33
  • 33. • 7 applications sent device (IMEI) and 2 apps sent phone information (Phone #, IMSI*, ICC-ID) to a remote server without informing the user. One app‟s EULA indicated the IMEI was sent Another app sent the hash of the IMEI• Frequency was app-specific, e.g., one app sent phone information every time the phone booted.• Appeared to be sent to app developers ... 34
  • 34. 35
  • 35. • Approach Limitations • TaintDroid only tracks data flows (i.e. explicit flows). • Malicious application can game out TaintDroid and exflitrate privacy sensitive information through control flow.• Taint Source Limitations • IMSI contains country (MCC), network (MNC) and Station (MSIN) codes. All tainted together, but heavily used in Android for configuration parameters. Likely to cause false positives. • Network only as sink . Sensitive information can propagate back from network.• Requires custom OS modification. No checks on native libraries• Lack of evaluation data on power consumption• User Interface: log is too technical and need further inspection 37
  • 36. • TaintDroid provides efficient, system-wide, dynamic taint tracking and analysis for Android• 4 granularities of taint propagations • Variable-level • Message-level • Method-level • File-level• 14% performance overhead on a CPU-bound microbenchmark.• Identified 20 out of the 30 random selected applications to share information in a way that was not expected.• Findings demonstrated the effectiveness and value of enhancing Mobile Privacy on smartphone platforms. 38
  • 37. • Real-time tracking, filtering and enforcement• Eliminate or reduce false-positives through better management of variable-level tags• Integrated with Expert rating system (crowd sourcing)• Detection of bypass attempts 39
  • 38. • http://appanalysis.org/demo/TaintDroid_controller.swf 40
  • 39. nitisha@cmu.edusean.wang@sv.cmu.edujiang.zhu@sv.cmu.edu 41
  • 40. Thank you.

×