"TrustDroid™": Preventing the use of SmartPhones for information leaking in corporate networks through the used of static analysis taint tracking

Proceedings of the 2012 7th International Conference on Malicious and Unwanted Software, Malware 2012

Volumn , Issue , 2012, Pages 135-143

  Zhao, Zhibo ^a   Colon Osono, Fernando C ^a  

^a BRANDEIS UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ANDROID SMARTPHONE; BRING YOUR OWN DEVICES; COMPUTING ENVIRONMENTS; COMPUTING MODEL; CORPORATE NETWORKS; END POINTS; NEW MECHANISMS; PARADIGM SHIFTS; SECURITY MODEL; SENSITIVE DATAS; SENSITIVE INFORMATIONS; STATIC ANALYZERS; STEVE JOBS; TRUST DOMAIN; ZEUS BOTNET;

COMPUTER CRIME; DISTRIBUTED COMPUTER SYSTEMS; POINT CONTACTS; SIGNAL ENCODING; SMARTPHONES;

STATIC ANALYSIS;

EID: 84874579631     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/MALWARE.2012.6461017     Document Type: Conference Paper

References (15)

1. William Enck, Peter Gilbert, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, Anmol N. Sheth. "TaintDroid: An Information-Flow Tracking System for Real-time Privacy Monitoring on Smart phones" To appear at the 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI'10)
2. DEX File Format http://source.android.com/tech/Dalvik/dex-format.html
3. ANTLR http://ww.antlr.org/
4. Dalvik opcode http://ww.netmite.com/android/mydroid/Dalvik/docs/Dalvik- bytecode.html
5. Jasmin, http://jasmin.sourceforge.net/guide.html
6. Smali http://code.google.com/p/smali/
7. Mohammad Nauman, Sohail Khan, Xinwen Zhang and Jean-Pierre Seifert, "Beyond Kernel-level Integrity Measurement: Enabling Remote Attestation for the Android Platform",TRUST'10 Process Proceedings of the 3rd international conference on Trust and trustworthy computing Pages 1-15
8. Johannes Winter, "Trusted Computing Building Blocks for Embedded Linux-based ARM TrustZone Platforms", STC '08: Proceedings of the 3rd ACM workshop on Scalable
9. th ACM Symposium on Information, Computer and Communications Security. (2010)
10. Avik Chaudhuri, "Language-Based Security on Android PLAS", '09 Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
11. Mohammad Nauman, Sohail Khan, Xinwen Zhang, "Apex: extending Android permission model and enforcement with user-defined runtime constraints", ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
12. Yajin Zhou, Xinwen Zhang, Xuxian Jiang, Vincent W. Freeh, "Taming Information-Stealing Smart phone Applications (on Android)", TRUST'11: Proceedings of the 4th international conference on Trust and trustworthy computing
13. Machigar Ongtang, Stephen McLaughlin, William Enck, Patrick McDaniel, "Semantically Rich Application-Centric Security", in Android Security and Communication Networks, Volume 5 Issue, John Wiley & Sons, Inc.
14. H Yin, D Song, M Egele, C Kruegel, E Kirda, "Panorama: Capturing System-Wide InformationFlow for Malware Detection and Analysis". CCS '07 Proceedings of the 14th ACM conference on Computer and communications security
15. Trusted Computing Group, http://www.trustedcomputingroup.org/