To detect user's privacy leakage in Android software, this paper proposes an automated detection system based on dynamic taint tracking, called TaintChaser. TaintChaser can detect behaviors of user's data leakage in Android applications under test at a fine granularity, and the system also can analyze and test massive Android software in the automatic way. It uses TaintChaser to automatically analyze 28 369 popular Android applications and finds that 24.69% of them may leak user's privacy.%针对Android软件中存在的用户隐私信息泄露问题,基于动态污点跟踪技术实现TaintChaser自动化检测系统.该系统能对软件中存在的用户隐私信息泄露行为进行细粒度的跟踪,实现对手机软件规模化自动化的检测与分析.利用该系统对28 369个Android程序进行检测,结果表明,有24.69%的程序可能存在泄露用户隐私信息的行为.
展开▼