6 Applications Research
This part of the report is to study the application by using TaintDroid to analyze 30 models popular applications is how to use sensitive user data. Select the application in accordance with the appropriate permissions can Internet to obtain a wide variety of user data. We found that two-thirds of these data revealed the location of the user detailed information, marked only phone, and phone numbers by granting some seemingly no danger at the time of installation access. This finding confirms the TaintDroid can be used to monitor user run-time data and privacy of sensitive data can be accurately monitored through the relevant application of exposure.
6.1 experimental device
In 2010 a survey was early on in the Android Market each category on the most popular 50 models free application (the total number is 1100 Ge) revealed that about one-third of applications ( 358/1100 ) by networking get the location, cameras, and audio data. From the software which we randomly selected 30 models of the most popular applications (accounting for the total sample 8.4% ) covering 12 categories. Table 2 lists these applications are required privileges to install. Note that these do not reflect the use of sensitive data and enter.
We studied were thirty downloaded application by starting the application, perform any initialization operations, which are necessary for registration, and then manually perform these functions. We recorded by the system logs from TraintDroid information: labeled binder of information, marked file output, network information is marked and remote network addresses. Throughout the experiment (in 2010 years 5 months) continued to slightly more than 100 minutes, and generated 22,594 packets ( 8.6MB ) and 1,130 a TCP link. In order to verify our results, we also recorded the same network traffic by using tcpdunmp in WiFi interface and repeated experiments in multiple Nexus One phone, perform the same version of the TaintDroid built on Android 2.1 on. Although the mobile phone used in the experiments has a valid SIM card, but the SIM card is blocked events, forcing all the data packets are transmitted via a wireless interface. Packet trace only for verification by TaintDroid data contaminated contact marks.
Crude network connection tracking, we also pointed out that if an application to obtain the consent of users (display or implicit) export of sensitive information. This identifies the possible privacy violations by the additional contextual information. For example, by selecting the "Use my location" in the weather application, user is the default agreed to disclose the geographical coordinates to the weather server.
Table 2 set of applications required permission ( L : laocation, C: Camera, A: Audio, P: Phone State ) .android Market market segments shown in brackets, showing the diversity of the application.
Note: The name is listed in the corresponding installation on the phone's name is not listed in the Android Market on the market. All the applications listed require access to Internet .
6.2 Findings
Table 3 summarizes our findings. TaintDroid marked 105 th TCP pollution information contains connection privacy sensitive data. We manually labeled according to the information available for each context, including remote server name and time-related application log messages. We used the remote host name as a description data is sent to the application server functionality is provided by a third party or used. Typically, the information includes plaintext copy categories, EG , a HTTP GET request includes geographic location coordinates. However, 21 is are labeled contains binary information data. Our survey shows that information by the phone's Google Maps and FluryAgent of APIs and contain privacy-sensitive data pollution. These conclusions are supported by when APP received a parcel stain will spread message immediately after passing through the system manager location. We now extend our findings to expand each category and the reaction potential privacy violations.
Table 3 applications have studied 20 Existence potential privacy violations. Note that three applications have multiple violations, which have a range of those three categories.
Note TaintDroid marked this type of 9 applications listed, but only 7 academicians spread IMEI no mention of this practice in the EULA . To our knowledge, the binary message contains the location data of contamination.
Telephone Information: Table 2 demonstrated in 30 application (s) in 21 applicants permission to read phone state and networking. We found that 21 one in the 2 application (s) delivered to their server ( 1 ) cell phone numbers, ( 2 ) IMSI number which is a 15 data coded bits used to identify individual users in the GSM network functions, ( 3 ) ICC-ID number is a unique SIM card serial number. We verify that the message payload is correct by checking the mark plaintext. In either case you can inform the user of the information dissemination of information on the phone.
This finding demonstrated Android 's coarsegrained access control provides adequate protection against third-party applications attempt to collect sensitive data. In addition, we found a phone restart each application will be sent when the telephone information. Although this application displays the terms of use for the first time, do not specify the terms of use and highly sensitive data collection. Surprisingly, the application data before passing the phone after installation, first use.
Device unique ID : device IMEI likewise exposed applications. IMEI number is used to uniquely identify a cell phone and used to block stolen mobile phone to access the mobile network. TaintDroid mark have demonstrated 9 apps in the dissemination IMEI number. In this 9 models in 7 models are either not present End User License Agreement ( the EULA ) or collected does not specify the EULA . One of the 7 sections of the application is a popular social network applications or some location information-based application services. In addition, we found that 7 Ge among the 2 application (s) containing IMEI when the transmission equipment to their geographic coordinates content server, the potential use of the IMEI as client ID .
In contrast, this 9 Ge among the 2 application (s) processing IMEI more cautious, so we do not belong to them are summarized in this category of potential invasion of privacy. An application demonstrated a privacy statement expressed device applications collect ID . Other uses hash the IMEI instead of the number itself. We acknowledge this fact by comparing the results from two different phones.
Location data from the ad server: half of the study demonstrate the application of the exposure position data to a third party ad server without any implicit or displayed to let the user know. In this one of 15 application (s), with only two demonstrated EULA time in the first run; and EULA also demonstrated this approach. Exhibit location information is also binary form plaintext. Exposed location information is in clear text and binary. The latter emphasizes the TaintDroid advantage of simple packet-based scanning mode information. Application to send location data to the plaintext admob.com, ad.qwapi.com, ads.mobclix.com (11 application (s) ) using the binary program to FlurryAgent ( . 4 application programs). Plain text at the position exposed AdMob occurs HTTP Get string:
...&s=a14a4a93f1e4c68&..&t=062A1CB1D476DE85B717D9195A6722A9&d%5Bcoord%5D=47.661227890000006%2C-122.31589477&...
In the survey AdMob 's SDK shows s = parameter, it is a unique application represents publishers and coord = parameter provides geographical coordinates.
For FlurryAgent, we confirmed the location of some of the information at the following events exposed. First, a named " FlurryAgent " components registered with the location manager to receive an updated location. Then, TaintDroid print out information application receives show the stain from the wrapping location manager. Finally, the application report "to send reports http://data.flurry.com/aar.do " When receiving the tainted packages.
Our experiments show that the 15 sections of the application to collect location data is then transmitted to the advertisers. In the case of these columns among geographic ad server data transmission even if no ads appear on the application.
Reproduced in: https: //www.cnblogs.com/james1207/p/3279947.html