@inproceedings{ba3485b760c24572a365f4f17ffa4dbd,
title = "TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones",
abstract = "Today's smartphone operating systems frequently fail to provide users with adequate control over and visibility into how third-party applications use their private data. We address these shortcomings with TaintDroid, an efficient, system-wide dynamic taint tracking and analysis system capable of simultaneously tracking multiple sources of sensitive data. TaintDroid provides realtime analysis by leveraging Android's virtualized execution environment. TaintDroid incurs only 14% performance overhead on a CPU-bound micro-benchmark and imposes negligible overhead on interactive third-party applications. Using TaintDroid to monitor the behavior of 30 popular third-party Android applications, we found 68 instances of potential misuse of users' private information across 20 applications. Monitoring sensitive data with TaintDroid provides informed use of third-party applications for phone users and valuable input for smartphone security service firms seeking to identify misbehaving applications.",
author = "William Enck and Peter Gilbert and Chun, {Byung Gon} and Cox, {Landon P.} and Jaeyeon Jung and Patrick McDaniel and Sheth, {Anmol N.}",
note = "Funding Information: We would like to thank Intel Labs, Berkeley and Seattle for its support and feedback during the design and prototype implementation of this work. We thank Jayanth Kannon, Stuart Schechter, and Ben Greenstein for their feedback during the writing of this paper. We also thank Kevin Butler, Stephen McLaughlin, Machigar Ongtang, and the SIIS lab as a whole for their helpful comments. This material is based upon work supported by the National Science Foundation. William Enck and Patrick McDaniel were partially supported by NSF Grant No. CNS-0905447, CNS-0721579 and CNS-0643907. Landon Cox and Peter Gilbert were partially supported by NSF CAREER Award CNS-0747283. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.; 9th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2010 ; Conference date: 04-10-2010 Through 06-10-2010",
year = "2019",
language = "English (US)",
series = "Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2010",
publisher = "USENIX Association",
pages = "393--407",
booktitle = "Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2010",
}