Taint droid: An information flow tracking system for real-time privacy monitoring on smartphones

William Enck, Peter Gilbert, Byung Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, Anmol N. Sheth

Research output: Contribution to journalArticlepeer-review

174 Scopus citations

Abstract

Today's smartphone operating systems frequently fail to provide users with adequate control over and visibility into how third-party applications use their privacy-sensitive data. We address these shortcomings with TaintDroid, an efficient, systemwide dynamic taint tracking and analysis system capable of simultaneously tracking multiple sources of sensitive data. TaintDroid provides real-time analysis by leveraging Android's virtualized execution environment. Using TaintDroid to monitor the behavior of 30 popular third-party Android applications, we found 68 instances of misappropriation of users' location and device identification information across 20 applications. Monitoring sensitive data with TaintDroid provides informed use of third-party applications for phone users and valuable input for smartphone security service firms seeking to identify misbehaving applications.

Original languageEnglish (US)
Pages (from-to)99-106
Number of pages8
JournalCommunications of the ACM
Volume57
Issue number3
DOIs
StatePublished - Mar 2014

All Science Journal Classification (ASJC) codes

  • General Computer Science

Fingerprint

Dive into the research topics of 'Taint droid: An information flow tracking system for real-time privacy monitoring on smartphones'. Together they form a unique fingerprint.

Cite this