Privacy Analysis of Android Apps: Implicit Flows and Quantitative Analysis

Abstract : A static analysis is presented, based on the theory of abstract interpretation, for verifying privacy policy compliance by mobile applications. This includes instances where, for example, the application releases the user’s location or device ID without authorization. It properly extends previous work on datacentric semantics for verification of privacy policy compliance by mobile applications by (i) tracking implicit information flow, and (ii) performing a quantitative analysis of information leakage. This yields to a novel combination of qualitative and quantitative analyses of information flows in mobile applications.
Document type :
Conference papers
Complete list of metadatas

https://hal.inria.fr/hal-01444523
Contributor : Hal Ifip <>
Submitted on : Tuesday, January 24, 2017 - 10:46:17 AM
Last modification on : Tuesday, August 6, 2019 - 4:56:13 PM
Long-term archiving on : Tuesday, April 25, 2017 - 2:13:16 PM

File

978-3-319-24369-6_1_Chapter.pd...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Gianluca Barbon, Agostino Cortesi, Pietro Ferrara, Marco Pistoia, Omer Tripp. Privacy Analysis of Android Apps: Implicit Flows and Quantitative Analysis. 14th Computer Information Systems and Industrial Management (CISIM), Sep 2015, Warsaw, Poland. pp.3-23, ⟨10.1007/978-3-319-24369-6_1⟩. ⟨hal-01444523⟩

Share

Metrics

Record views

107

Files downloads

239