Tracking Explicit and Control Flows in Java and Native Android Apps Code

“…In our approach, the malicious process is installed in the personnel computer and not in the device. Many dynamic taint analysis approaches defined in smartphones like TaintDroid [7], AppFence [15] and Graa et al [11], [9] allow detection of sensitive data leakage by third party applications running in the Android device using the data tainting. Wang et al [28] enforce security policies on data flows for Android applications to prevent unauthorized usb hardware flows.…”

“…Dorazio et al [6] investigate how an attacker could exfiltrate data from a paired iOS device by abusing a library and a command line tool distributed with iTunes. Existing security tools [7], [8], [9], [10], [1] in Android systems focus on detection of the sensitive data leakage. While such tools may be effective in protecting against malicious third party applications installed in the Android systems, they are less suitable when the data exfiltration is performed by application installed in the personal computer requesting connection to the Android IoT device.…”

Detection and Response to Data Exfiltration from Internet of Things Android Devices

“…In our approach, the malicious process is installed in the personnel computer and not in the device. Many dynamic taint analysis approaches defined in smartphones like TaintDroid [7], AppFence [15] and Graa et al [11], [9] allow detection of sensitive data leakage by third party applications running in the Android device using the data tainting. Wang et al [28] enforce security policies on data flows for Android applications to prevent unauthorized usb hardware flows.…”

“…Dorazio et al [6] investigate how an attacker could exfiltrate data from a paired iOS device by abusing a library and a command line tool distributed with iTunes. Existing security tools [7], [8], [9], [10], [1] in Android systems focus on detection of the sensitive data leakage. While such tools may be effective in protecting against malicious third party applications installed in the Android systems, they are less suitable when the data exfiltration is performed by application installed in the personal computer requesting connection to the Android IoT device.…”

Detection and Response to Data Exfiltration from Internet of Things Android Devices

Analytical Overview on Secure Information Flow in Android Systems: Protecting Private Data Used by Smartphone Applications

Decentralized Dynamic Security Enforcement for Mobile Applications with CliSeAuDroid