Abstract—Smartphone applications can steal users ’ private data and send it out behind their back. The worldwide Android smartphone market is growing, which raises security and privacy concerns. However, current Android’s permissionbased approach is not enough to ensure the security of private information. In this paper, we present SCANDAL, a sound and automatic static analyzer for detecting privacy leaks in Android applications. We analyzed 90 popular applications using SCANDAL from Android Market and detected privacy leaks in 11 applications. We also analyzed 8 known malicious applications from third-party markets and detected privacy leaks in all 8 applications. Keywords-Android; privacy; static analysis; security; A. Problem I
To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.