Volume 4 - Issue 2
DroidTrack: Tracking and Visualizing Information Diffusion for Preventing Information Leakage on Android
- Shunya Sakamoto
Graduate School of Natural Science and Technology, Okayama University, Japan
- Kenji Okuda
Faculty of Engineering, Okayama University, Japan
- Ryo Nakatsuka
Graduate School of Natural Science and Technology, Okayama University, Japan
- Toshihiro Yamauchi
Graduate School of Natural Science and Technology, Okayama University, Japan
yamauchi@cs.okayama-u.ac.jp
Keywords: android, information leakage prevention, security, visualization
Abstract
An Android app can collaborate with other apps by using an intent. It can also control personal
information or use permissions granted by a user. However, users cannot detect when their apps
communicates with other apps. Therefore, they might not be aware of any information leakage if an
app happens to be malware. In this paper, we propose a method for tracking and visualizing the diffusion
of sensitive information and preventing its leakage on an Android device. This method, which
we call DroidTrack, alerts a user that there is the possibility of information leakage when an app uses
APIs (Application Program Interfaces) to communicate externally. These alerts are triggered only if
the app has already called APIs to collect sensitive information. Users are given the option to refuse
the execution of the API if it is not appropriate. Furthermore, by illustrating how their personal data
is shared, users are provided with the necessary information to help them decide whether an API call
is appropriate.