Practical Dynamic Information-Flow Tracking on Mobile Devices

<p>Today's consumer mobile platforms such as Android and iOS manage large ecosystems of untrusted third-party applications. It is common for an application to request one or more types of sensitive data. Unfortunately, users have no insight into how their data is used. Given the sensitivity of the data accessible by these applications, it is paramount that mobile operating systems prevent apps from leaking it.</p><p>This dissertation shows that it is possible to improve the soundness of dynamic information-flow tracking on a mobile device without sacrificing precision, performance, or transparency. We extend the state of the art in dynamic information-flow tracking on Android and address two major limitations: quantifying implicit flow leaks in Dalvik bytecode and tracking explicit flows in native code. Our goal is to deliver seamless end-to-end taint tracking across Dalvik bytecode and native code.</p><p>We propose SpanDex, a system that quantifies implicit flow leaks in Dalvik bytecode for apps handling password data. SpanDex computes a bound of revealed tainted data by recording the control-flow dependencies and for each password character, keeps track of the possible set of values that have been inferred. We also propose TaintTrap, a taint tracking system for native code in third party apps. We explore native taint tracking performance bottlenecks and hardware acceleration techniques to improve instrumentation performance.</p>Dissertatio

Better Performance Through Thread-local Emulation

ABSTRACT Mobile platforms are shifting away from managed code and toward native code. For example, the most recent versions of Android compile Dalvik bytecodes to native code at installtime, and apps frequently use third-party native libraries. The trend toward native code on mobile platforms calls us to develop new ways of building dynamic taint-tracking tools, such as TaintDroid, that achieve good performance. In this paper, we argue that the key to good performance is to track only when necessary, e.g., when an app handles sensitive data. We argue that thread-local emulation is a feature that captures this goal. In this paper, we discuss the motivation for thread-local emulation, the software and hardware techniques that may be used to implement it, results from preliminary work, and the many challenges that remain

Spandex: Secure password tracking for android

Abstract This paper presents SpanDex, a set of extensions to Android&apos;s Dalvik virtual machine that ensures apps do not leak users&apos; passwords. The primary technical challenge addressed by SpanDex is precise, sound, and efficient handling of implicit information flows (e.g., information transferred by a program&apos;s control flow). SpanDex handles implicit flows by borrowing techniques from symbolic execution to precisely quantify the amount of information a process&apos; control flow reveals about a secret. To apply these techniques at runtime without sacrificing performance, SpanDex runs untrusted code in a data-flow sensitive sandbox, which limits the mix of operations that an app can perform on sensitive data. Experiments with a SpanDex prototype using 50 popular Android apps and an analysis of a large list of leaked passwords predicts that for 90% of users, an attacker would need over 80 login attempts to guess their password. Today the same attacker would need only one attempt for all users