“…To prevent data leakage, state-of-the-art approaches fall into two general categories: (1) taint message data to track and analyze its data flow [11] [12], and (2) track call chains, as guided by a permission restriction policy for sending/receiving data [13][14] [15]. Although these approaches 4 strengthen the security of message-based communication, their high false positive rates often render them impractical for realistic communication scenarios.…”