Skip to Main Content
Frequently Asked Questions
Submit an ETD
Global Search Box
Need Help?
Keyword Search
Participating Institutions
Advanced Search
School Logo
Files
File List
Soham_Kelkar_Thesis.pdf (569.96 KB)
ETD Abstract Container
Abstract Header
Detecting Information Leakage in Android Malware Using Static Taint Analysis
Author Info
Kelkar, Soham P.
Permalink:
http://rave.ohiolink.edu/etdc/view?acc_num=wright1514202750763563
Abstract Details
Year and Degree
2017, Master of Science in Cyber Security (M.S.C.S.), Wright State University, Computer Science.
Abstract
According to Google, Android now runs on 1.4 billion devices. The growing popularity has attracted attackers to use Android as a platform to conduct malicious activities. To achieve these malicious activities some attacker choose to develop malicious Apps to steal information from the Android users. As the modern day smartphones process, a lot of sensitive information, information security, and privacy becoming a potential target for the attacker. The malicious Apps steal information from the infected phone and send this information to the attacker-controlled URLs using various Android sink functions. Therefore, it necessary to protect data as it can prove detrimental if sensitive data of the user gets leaked to the attacker. In this thesis research, we first discuss our static taint analysis framework used to track sensitive information flow from source to sink. We then study the relationship between the leaked data and URLs involved in the information leakage. The framework was tested on more than 2000 malicious samples to determine whether the samples leak information and the external URLs participating in the information leakage. The result shows that 30 percent of malware samples leak 24 unique Android sensitive information to around 330 suspicious URLs. We try to derive relations between the leaked data and the suspicious URLs to gain more intelligence on information security and privacy threat from information leaking malware samples. Finally, we conclude our research by discussing some various information leakage scenarios other than suspicious URLs. Our study raises awareness in both network security and information security domains where programmers fail to follow secure coding practices.
Committee
Junjie Zhang, Ph.D. (Advisor)
Adam Bryant, Ph.D. (Committee Member)
Yong Pei, Ph.D. (Committee Member)
Pages
74 p.
Subject Headings
Computer Engineering
;
Computer Science
;
Engineering
Keywords
Android malware
;
Android taint analysis
;
Android static code analysis
;
Android malware information leakage
;
Recommended Citations
Refworks
EndNote
RIS
Mendeley
Citations
Kelkar, S. P. (2017).
Detecting Information Leakage in Android Malware Using Static Taint Analysis
[Master's thesis, Wright State University]. OhioLINK Electronic Theses and Dissertations Center. http://rave.ohiolink.edu/etdc/view?acc_num=wright1514202750763563
APA Style (7th edition)
Kelkar, Soham.
Detecting Information Leakage in Android Malware Using Static Taint Analysis.
2017. Wright State University, Master's thesis.
OhioLINK Electronic Theses and Dissertations Center
, http://rave.ohiolink.edu/etdc/view?acc_num=wright1514202750763563.
MLA Style (8th edition)
Kelkar, Soham. "Detecting Information Leakage in Android Malware Using Static Taint Analysis." Master's thesis, Wright State University, 2017. http://rave.ohiolink.edu/etdc/view?acc_num=wright1514202750763563
Chicago Manual of Style (17th edition)
Abstract Footer
Document number:
wright1514202750763563
Download Count:
1,761
Copyright Info
© 2017, all rights reserved.
This open access ETD is published by Wright State University and OhioLINK.