DAPA: Degradation-Aware Privacy Analysis of Android Apps

Abstract : When installing or executing an app on a smartphone, we grant it access to part of our (possibly confidential) data stored in the device. Traditional information-flow analyses aim to detect whether such information is leaked by the app to the external (untrusted) environment. The static analyser we present in this paper goes one step further. Its aim is to trace not only if information is possibly leaked (as this is almost always the case), but also how relevant such a leakage might become, as an under-and over-approximation of the actual degree of values degradation. The analysis captures both explicit dependences and implicit dependences, in an integrated approach. The analyser is built within the Abstract Interpretation framework on top of our previous work on datacentric semantics for verification of privacy policy compliance by mobile applications. Results of the experimental analysis on significant samples of the DroidBench library are also discussed.
Type de document :
Communication dans un congrès
STM 2016 - 12th International Workshop on Security and Trust Management, Sep 2016, Heraklion, Greece. pp.32 - 46, 2016, 〈http://stm2016.ics.forth.gr/〉. 〈10.1007/978-3-319-46598-2_3〉
Liste complète des métadonnées

Littérature citée [25 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01416504
Contributeur : Gianluca Barbon <>
Soumis le : mercredi 14 décembre 2016 - 15:25:36
Dernière modification le : jeudi 11 janvier 2018 - 06:23:43
Document(s) archivé(s) le : mercredi 15 mars 2017 - 13:21:18

Fichier

dapa_preprint.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

Collections

Citation

Gianluca Barbon, Agostino Cortesi, Pietro Ferrara, Enrico Steffinlongo. DAPA: Degradation-Aware Privacy Analysis of Android Apps. STM 2016 - 12th International Workshop on Security and Trust Management, Sep 2016, Heraklion, Greece. pp.32 - 46, 2016, 〈http://stm2016.ics.forth.gr/〉. 〈10.1007/978-3-319-46598-2_3〉. 〈hal-01416504〉

Partager

Métriques

Consultations de la notice

119

Téléchargements de fichiers

82