Ecole d'ingénieur et centre de recherche en Sciences du numérique

MobileAppScrutinator: A simple yet efficient dynamic analysis approach for detecting privacy leaks across mobile OSs

Achara, Jagdish Prasad; Roca, Vincent; Castelluccia, Claude; Francillon, Aurélien

Submitted on May 26, 2016

Smartphones, the devices we carry everywhere with us, are being heavily tracked and have undoubtedly become a major threat to our privacy. As " Tracking the trackers " has become a necessity, various static and dynamic analysis tools have been developed in the past. However, today, we still lack suitable tools to detect, measure and compare the ongoing tracking across mobile OSs. To this end, we propose MobileAppScrutinator, based on a simple yet efficient dynamic analysis approach, that works on both Android and iOS (the two most popular OSs today). To demonstrate the current trend in tracking, we select 140 most representative Apps available on both Android and iOS AppStores and test them with MobileAppScrutinator. In fact, choosing the same set of apps on both Android and iOS also enables us to compare the ongoing tracking on these two OSs. Finally, we also discuss the effectiveness of privacy safeguards available on Android and iOS. We show that neither Android nor iOS privacy safeguards in their present state are completely satisfying.                    

Hal Bibtex

Titre:MobileAppScrutinator: A simple yet efficient dynamic analysis approach for detecting privacy leaks across mobile OSs
Type:Rapport
Langue:English
Ville:
Date:
Département:Sécurité numérique
Eurecom ref:4913
Copyright: © EURECOM. Personal use of this material is permitted. The definitive version of this paper was published in Submitted on May 26, 2016 and is available at :
Bibtex: @techreport{EURECOM+4913, year = {2016}, title = {{M}obile{A}pp{S}crutinator: {A} simple yet efficient dynamic analysis approach for detecting privacy leaks across mobile {OS}s}, author = {{A}chara, {J}agdish {P}rasad and {R}oca, {V}incent and {C}astelluccia, {C}laude and {F}rancillon, {A}ur{\'e}lien}, number = {EURECOM+4913}, month = {05}, institution = {Eurecom}, url = {http://www.eurecom.fr/publication/4913},, }
Voir aussi: