Masters Thesis Defense "Detecting Information Leakage in Android Malware using Static Taint Analysis" By Soham Kelkar

Committee:  Drs. Junjie Zhang, Advisor, Adam Bryant, and Yong Pei

ABSTRACT:
According to Google Android now runs on 1.4 billion devices. The growing popularity has attracted attackers to use Android as a platform to conduct malicious activities. To accomplish these malicious activities, some attackers prefer to develop malicious Apps to steal information from the Android users. As the modern day, Android smartphones process a lot of sensitive information, information security, and privacy are becoming potential targets for the attacker. The malicious Apps steal information from the infected phone and send this information to malicious URLs using various Android sink functions. Therefore, it necessary to protect data as it can prove detrimental if sensitive data of the user gets leaked to the malicious attacker. In this thesis research, we first discuss our static taint analysis framework which is used to track sensitive information flow from source to sink. We then study the relationship between the leaked data and URLs involved in the information leakage. We tested our framework over more than 2000 malicious samples to determine whether the samples leak any sensitive information to any external suspicious URLs or any other information sinks. We found 30 percent of malware samples leaks various Android sensitive information to around 330 suspicious URLs. We then study to derive associations between the leaked data and the suspicious URLs to gain more intelligence on information security and privacy threat from information leaking malware samples. We conclude our research by discussing some interesting information leakage scenarios other than suspicious URLs. Our study also raises awareness in both network security and information security domains where programmers fail to follow secure coding practices.