Dynamic Taint Tracking Simulation

Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 1247)


Detection of unauthorized disclosure of sensitive data is still an open problem. Taint tracking is one effective approach to detect information disclosure attacks. In this paper, we give an overview of dynamic taint tracking systems for Android. First, we discuss systems and identify their shortcomings. The contribution of this paper is to present a novel solution for these shortcomings. For that purpose, we have developed a simulation concept and a prototype implementation. Special features are the possibility to record simulations and play them back automatically. By comparing the original simulation with a repeated simulation a changed security level can be detected.


Android Information disclosure Taint analysis Taint tracking simulation 


  1. 1.
    Armando, A., Costa, G., Verderame, L., Merlo, A.: Securing the bring your own device paradigm. Computer 47(6), 48–56 (2014)CrossRefGoogle Scholar
  2. 2.
    Berner, F.: Simulacron: Eine Simulationsumgebung zur automatischen Testwiederholung und Erkennung von Informationsabflüssen in Android-Applikationen. In: IT-Sicherheit als Voraussetzung für eine erfolgreiche Digitalisierung; [Tagungsband ... 16. Deutschen IT-Sicherheitskongress, 21.–23. Mai 2019], pp. 167–177 (2019)Google Scholar
  3. 3.
    Berner, F., Sametinger, J.: Dynamic taint-tracking: Directions for future research. In: SECRYPT 2019 - Proceedings of the International Conference on Security and Cryptography, pp. 85–94. Scitepress Digital Library, Prague (2019)Google Scholar
  4. 4.
    Berner, F., Sametinger, J.: Information disclosure detection in cyber-physical systems. In: Anderst-Kotsis, G., et al. (eds.) DEXA 2019. CCIS, vol. 1062, pp. 85–94. Springer, Cham (2019). Scholar
  5. 5.
    Bosman, E., Slowinska, A., Bos, H.: Minemu: the world’s fastest taint tracker. In: Sommer, R., Balzarotti, D., Maier, G. (eds.) RAID 2011. LNCS, vol. 6961, pp. 1–20. Springer, Heidelberg (2011). Scholar
  6. 6.
    Dam, M., Le Guernic, G., Lundblad, A.: Treedroid: a tree automaton based approach to enforcing data processing policies. In: Proceeding CCS 2012 Proceedings of the 2012 ACM Conference on Computer and Communications Security, p. 894 (2012)Google Scholar
  7. 7.
    Enck, W., et al.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: Proceeding OSDI 2010 Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation (2010)Google Scholar
  8. 8.
    Enck, W., et al.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. 32(2), 1–29 (2014)CrossRefGoogle Scholar
  9. 9.
    Enck, W.H.: Analysis Techniques for Mobile Operating System Security. Ph.D. thesis, Pennsylvania State University, May 2011Google Scholar
  10. 10.
    Graa, M., Cuppens-Boulahia, N., Cuppens, F., Cavalli, A.: Detection of illegal control flow in android system: protecting private data used by smartphone apps. In: Cuppens, F., Garcia-Alfaro, J., Zincir Heywood, N., Fong, P.W.L. (eds.) FPS 2014. LNCS, vol. 8930, pp. 337–346. Springer, Cham (2015). Scholar
  11. 11.
    Hornyack, P., Han, S., Jung, J., Schechter, S., Wetherall, D.: These aren’t the droids you’re looking for: retrofitting android to protect data from imperious applications. In: Chen, Y., Danezis, G., Shmatikov, V. (eds.) Proceedings of the 18th ACM Conference on Computer and Communications Security, p. 639 (2011)Google Scholar
  12. 12.
    Mollus, K., Westhoff, D., Markmann, T.: Curtailing privilege escalation attacks over asynchronous channels on android. In: 14th International Conference on Innovations for Community Services (I4CS), pp. 87–94 (2014)Google Scholar
  13. 13.
    QEMU Project: Networking (2017).
  14. 14.
    Qian, C., Luo, X., Shao, Y., Chan, A.T.: On tracking information flows through JNI in android applications. In: 2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 180–191. IEEE (2014)Google Scholar
  15. 15.
    Rasthofer, S., Arzt, S., Miltenberger, M., Bodden, E.: Harvesting runtime values in android applications that feature anti-analysis techniques. In: Capkun, S. (ed.) Proceedings 2016 Network and Distributed System Security Symposium. Internet Society, 21–24 February 2016Google Scholar
  16. 16.
    Rastogi, V., Chen, Y., Enck, W.: Appsplayground: automatic security analysis of smartphone applications. In: Bertino, E., Sandhu, R., Bauer, L., Park, J. (eds.) Proceedings of the Third ACM Conference on Data and Application Security and Privacy, p. 209 (2013)Google Scholar
  17. 17.
    Russello, G., Conti, M., Crispo, B., Fernandes, E.: Moses: supporting operation modes on smartphones. In: Proceedings of the 17th ACM symposium on Access Control Models and Technologies - SACMAT 2012, p. 3. ACM Press (2012)Google Scholar
  18. 18.
    Russello, G., Crispo, B., Fernandes, E., Zhauniarovich, Y.: YAASE: yet another android security extension. In: 2011 IEEE Third International Conference on Privacy, Security, Risk and Trust (PASSAT)/2011 IEEE Third International Conference on Social Computing (SocialCom), pp. 1033–1040 (2011)Google Scholar
  19. 19.
    Sarwar, G., Mehani, O., Boreli, R., Kaafar, M.A.: On the effectiveness of dynamic taint analysis for protecting against private information leaks on android-based devices. In: Samarati, P. (ed.) SECRYPT 2013, 10th International Conference on Security and Cryptography. SciTePress (2013).
  20. 20.
    Shirey, R.: Rfc 4949: Internet security glossary, version 2 (2007).
  21. 21.
    Spreitzenbarth, M., Schreck, T., Echtler, F., Arp, D., Hoffmann, J.: Mobile-Sandbox: combining static and dynamic analysis with machine-learning techniques. Int. J. Inf. Secur. 14(2), 141–153 (2014). Scholar
  22. 22.
    Stallings, W., Brown, L., Bauer, M., Howard, M.: Computer Security: Principles and Practice. Always Learning, 2nd edn. Pearson, Boston (2012)Google Scholar
  23. 23.
    Sufatrio, Tan, D.J.J., Chua, T.W., Thing, V.L.L.: Securing android: a survey, taxonomy, and challenges. ACM Comput. Surv. 47(4), 1–45 (2015)Google Scholar
  24. 24.
    Sun, M., Wei, T., Lui, J.C.: TaintART: a practical multi-level information-flow tracking system for android runtime. In: Katzenbeisser, S., Weippl, E. (eds.) Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 331–342. ACM (2016)Google Scholar
  25. 25.
    Tam, K., Feizollah, A., Anuar, N.B., Salleh, R., Cavallaro, L.: The evolution of android malware and android analysis techniques. ACM Comput. Surv. 49(4), 1–41 (2017)CrossRefGoogle Scholar
  26. 26.
    Wei, F., Roy, S., Ou, X., Robby: Amandroid: a precise and general inter-component data flow analysis framework for security vetting of android apps. In: Ahn, G.J. (ed.) Proceedings of the 21st ACM Conference on Computer and Communications Security, pp. 1329–1341. ACM (2014)Google Scholar
  27. 27.
    Weichselbaum, L., Neugschwandter, M., Lindorfer, M., Fratantonio, Y., van der Veen, V., Platzer, C.: Andrubis: Android malware under the magnifying glass. Technical rep. TR-ISECLAB-0414-001, S. 1-10. Vienna University of Technology (2014) Google Scholar
  28. 28.
    Weisenmüller, H., Berner, F., Kaspar, F.: Sandbox-detection-angriffe gegen den android emulator: Aktuelle berichte aus forschung und lehre der fakultät informatik. Informatik Journal 2017/18(7), 135–145 (2017)Google Scholar
  29. 29.
    Xia, M., Gong, L., Lyu, Y., Qi, Z., Liu, X.: Effective real-time android application auditing. In: 2015 IEEE Symposium on Security and Privacy (SP), pp. 899–914. IEEE (2015)Google Scholar
  30. 30.
    Xu, M., et al.: Toward engineering a secure android ecosystem. ACM Comput. Surv. 49(2), 1–47 (2016)MathSciNetCrossRefGoogle Scholar
  31. 31.
    You, W., Liang, B., Shi, W., Wang, P., Zhang, X.: TaintMan: an ART-compatible dynamic taint analysis framework on unmodified and non-rooted android devices. IEEE Trans. Dependable Secure Comput. 17(1) (2017) Google Scholar
  32. 32.
    Zhang, Y., et al.: Vetting undesirable behaviors in android apps with permission use analysis. In: Sadeghi, A.R., Gligor, V., Yung, M. (eds.) The 2013 ACM SIGSAC Conference, pp. 611–622 (2013)Google Scholar
  33. 33.
    Zhauniarovich, Y., Russello, G., Conti, M., Crispo, B., Fernandes, E.: Moses: supporting and enforcing security profiles on smartphones. IEEE Trans. Dependable Secure Comput. 11(3), 211–223 (2014)CrossRefGoogle Scholar
  34. 34.
    Zheng, M., Sun, M., Lui, J.C.: DroidTrace: a ptrace based android dynamic analysis system with forward execution capability. In: 2014 International Wireless Communications and Mobile Computing Conference (IWCMC), pp. 128–133 (2014)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.LIT Secure and Correct Systems LabJohannes Kepler University LinzLinzAustria

Personalised recommendations