TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones

William Enck, Peter Gilbert, Seungyeop Han, Vasant Tendulkar, Byung Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, Anmol N. Sheth

Research output: Contribution to journalArticlepeer-review

891 Scopus citations


Today's smartphone operating systems frequently fail to provide users with visibility into how third-party applications collect and share their private data. We address these shortcomings with TaintDroid, an efficient, system-wide dynamic taint tracking and analysis system capable of simultaneously tracking multiple sources of sensitive data. TaintDroid enables realtime analysis by leveraging Android's virtualized execution environment. TaintDroid incurs only 32% performance overhead on a CPU-bound microbenchmark and imposes negligible overhead on interactive third-party applications. Using TaintDroid to monitor the behavior of 30 popular third-party Android applications, in our 2010 study we found 20 applications potentially misused users' private information; so did a similar fraction of the tested applications in our 2012 study. Monitoring the flow of privacy-sensitive data with TaintDroid provides valuable input for smartphone users and security service firms seeking to identify misbehaving applications.

Original languageEnglish (US)
Article number5
JournalACM Transactions on Computer Systems
Issue number2
StatePublished - Jun 2014

All Science Journal Classification (ASJC) codes

  • Computer Science(all)


Dive into the research topics of 'TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones'. Together they form a unique fingerprint.

Cite this