The Android application ecosystem has thrived, with hundreds of thousands of applications (apps) available to users; however, not all of them are safe or privacy-friendly. Analyzing these many apps for malicious behaviors is an important but challenging area of research as malicious apps tend to use prevalent stealth techniques, e.g., encryption, code transformation, and other obfuscation approaches to bypass detection. Academic researchers and security companies have realized that the traditional signature-based and static analysis methods are inadequate to deal with this evolving
threat. In recent years, a number of static and dynamic code analysis proposals for analyzing Android apps have been introduced in academia and in the commercial world. Moreover, as a single detection approach may be ineffective against advanced obfuscation techniques, multiple frameworks for privacy leakage detection have been shown to yield better results when used in conjunction. In this dissertation, our contribution is two-fold. First, we organize 32 of the most recent and promising privacy-oriented proposals on Android apps analysis into two categories: static and dynamic analysis. For each category, we survey the state of-the-art proposals and provide a high-level overview of the methodology they rely on to detect privacy-sensitive leakages and app behaviors. Second, we choose one popular proposal from each category to analyze and detect leakages in 5,000 Android apps. Our toolchain setup consists of IntelliDroid (static) to find and trigger sensitive API (Application Program Interface) calls in target apps and leverages TaintDroid (dynamic) to detect leakages in these apps. We found that about 33%
of the tested apps leak privacy-sensitive information over the network (e.g., IMEI, location, UDID), which is consistent with existing work. Furthermore, we highlight the efficiency of combining IntelliDroid and TaintDroid in comparison with Android Monkey and TaintDroid as used in most prior work. We report an overall increase in the frequency of leakage of identifiers. This increase may indicate that IntelliDroid is a better approach over Android Monkey
