Detection of Data Leaks from Android Applications

摘要

With the advent of technology the use of mobile phones has been increasing since its existence. Thus, the number of mobile applications that are launched daily to leverage its benefits has experienced massive growth. But the problem which has garnered the attention in recent times is the safety of these applications. It needs to be validated that all applications do not leak private information before deploying them onto the applications markets and for this, a data leak detection tool is required. This paper proposes a novel solution for detection of data leaks using dynamic and static analysis. A dataset of android applications mapped to their data leaks, permissions, activities, library classes and methods are built in this approach. During dynamic analysis, the solution uses runtime permissions and logcat information to detect the data leak type and calculate their probability of occurrence using a k-nearest neighbours similar algorithm. This approach further categorises the leaks on the basis of risk level associated with that application.