Skip to main content
SpringerLink
Log in

A Study of Network Domains Used in Android Applications

  • Conference paper
  • First Online:
Book cover Network and System Security (NSS 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9408))

Included in the following conference series:

  • 1656 Accesses

Abstract

Numerous Android applications use the Internet to share and exchange data. Such data can range from posting simple status updates to private sensitive information such as the users’ location or business contacts. Popular Android applications from Google Play have been identified leaking private data to remote third party servers. Existing works focuses on protecting sensitive information from leaving the smartphone, or detecting which applications leak information based on API calls or the permission requests in their Manifest file. In this work, we propose to leverage the combination of static analysis and dynamic analysis to understand ultimately the network domain to which the Android applications are interacting. Network graphs are constructed and demonstrate implicitly the relation of application developers and the network domains used in the applications.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Au, K., Zhou, Y., Huang, Z., Lie, D.: Pscout: analyzing the android permission specification. In: Proceedings of the 2012 ACM, CCS 2012, pp. 217–228. ACM (2012)

    Google Scholar 

  2. Enck, W., Gilbert, P., Chun, B., Cox, L., Jung, J., McDaniel, P., Sheth, A.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of the 9th USENIX Conference on OSDI, pp. 1–6 (2010)

    Google Scholar 

  3. Enck, W., Gilbert, P., Chun, B., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.: Taintdroid: an information flow tracking system for real-time privacy monitoring on smartphones. Communications of the ACM 57(3), 99–106 (2014)

    Article  Google Scholar 

  4. Felt, A., Chin, E., Hanna, S., Song, D., Wagner, D.: Android permissions demystified. In: Proceedings of the 18th ACM, CCS 2011, pp. 627–638. ACM (2011)

    Google Scholar 

  5. Felt, A., Wang, H., Moshchuk, A., Hanna, S., Chin, E.: Permission re-delegation: attacks and defenses. In: USENIX Security Symposium (2011)

    Google Scholar 

  6. Google. Dalvik bytecode, November 2014

    Google Scholar 

  7. Google. Ui/application exerciser monkey, November 2014

    Google Scholar 

  8. Grace, M., Zhou, Y., Wang, Z., Jiang, X.: Systematic detection of capability leaks in stock android smartphones. In: NDSS (2012)

    Google Scholar 

  9. Hornyack, P., Han, S., Jung, J., Schechter, S., Wetherall, D.: These aren’t the droids you’re looking for: retrofitting android to protect data from imperious applications. In: Proceedings of the 18th ACM, CCS 2011, pp. 639–652. ACM (2011)

    Google Scholar 

  10. Jääskeläinen, A., Takala, T., Katara, M.: Model-based GUI testing of Android applications. In: Experiences of Test Automation: Case Studies of Software Test Automation, chapter 14, pp. 253–275. Addison-Wesley (2012)

    Google Scholar 

  11. Sanders, C., Shah, A., Zhang, S.: Comprehensive analysis of the android google play’s auto-update policy. In: Lopez, J., Wu, Y. (eds.) ISPEC 2015. LNCS, vol. 9065, pp. 365–377. Springer, Heidelberg (2015)

    Chapter  Google Scholar 

  12. Statista. Number of apps available in leading app stores as of May 2015 (2015)

    Google Scholar 

  13. Viennot, N., Garcia, E., Nieh, J.: A measurement study of google play. In: The 2014 ACM SIGMETRICS, pp. 221–233. ACM (2014)

    Google Scholar 

  14. Ryszard, W.: Android apktool: a tool for reverse engineering Android apk files, 2.0.0 rc2 edn., October 2014

    Google Scholar 

  15. Zhang, F., Huang, H., Zhu, S., Wu, D., Liu, P.: View-droid: towards obfuscation-resilient mobile application repackaging detection. In: Proceedings of WiSec 2014. ACM (2014)

    Google Scholar 

  16. Zhang, Y., Yang, M., Xu, B., Yang, Z., Gu, G., Ning, P., Wang, X., Zang, B.: Vetting undesirable behaviors in android apps with permission use analysis. In: Proceedings of the ACM SIGSAC, CCS 2013, pp. 611–622. ACM (2013)

    Google Scholar 

  17. Zhang, Y., Yang, M., Yang, Z., Gu, G., Ning, P., Zang, B.: Permission use analysis for vetting undesirable behaviors in android apps (2013)

    Google Scholar 

  18. Zhou, Y., Jiang, X.: Dissecting android malware: characterization and evolution. In: 2012 IEEE Symposium on Security and Privacy (SP), pp. 95–109. IEEE (2012)

    Google Scholar 

  19. Zhou, Y., Zhang, X., Jiang, X., Freeh, V.W.: Taming information-stealing smartphone applications (on android). In: McCune, J.M., Balacheff, B., Perrig, A., Sadeghi, A.-R., Sasse, A., Beres, Y. (eds.) Trust 2011. LNCS, vol. 6740, pp. 93–107. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Cybersecurity, Florida Institute of Technology, Melbourne, USA

    Mark E. Fioravanti II, Ayush Shah & Shengzhi Zhang

Authors
  1. Mark E. Fioravanti II
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ayush Shah
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Shengzhi Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shengzhi Zhang .

Editor information

Editors and Affiliations

  1. Apt. 2A, NEW YORK, New York, USA

    Meikang Qiu

  2. University of Texas, San Antonio, Texas, USA

    Shouhuai Xu

  3. Dept. of Computer Science, Columbia University, New York, New York, USA

    Moti Yung

  4. University of Otago, Dunedin, New Zealand

    Haibo Zhang

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Fioravanti, M.E., Shah, A., Zhang, S. (2015). A Study of Network Domains Used in Android Applications. In: Qiu, M., Xu, S., Yung, M., Zhang, H. (eds) Network and System Security. NSS 2015. Lecture Notes in Computer Science(), vol 9408. Springer, Cham. https://doi.org/10.1007/978-3-319-25645-0_35

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-25645-0_35

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-25644-3

  • Online ISBN: 978-3-319-25645-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation