TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones

William Enck, Peter Gilbert, Byung Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, Anmol N. Sheth

Research output: Chapter in Book/Report/Conference proceedingConference contribution

208 Scopus citations

Abstract

Today's smartphone operating systems frequently fail to provide users with adequate control over and visibility into how third-party applications use their private data. We address these shortcomings with TaintDroid, an efficient, system-wide dynamic taint tracking and analysis system capable of simultaneously tracking multiple sources of sensitive data. TaintDroid provides realtime analysis by leveraging Android's virtualized execution environment. TaintDroid incurs only 14% performance overhead on a CPU-bound micro-benchmark and imposes negligible overhead on interactive third-party applications. Using TaintDroid to monitor the behavior of 30 popular third-party Android applications, we found 68 instances of potential misuse of users' private information across 20 applications. Monitoring sensitive data with TaintDroid provides informed use of third-party applications for phone users and valuable input for smartphone security service firms seeking to identify misbehaving applications.

Original languageEnglish (US)
Title of host publicationProceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2010
PublisherUSENIX Association
Pages393-407
Number of pages15
ISBN (Electronic)9781931971799
StatePublished - Jan 1 2019
Event9th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2010 - Vancouver, Canada
Duration: Oct 4 2010Oct 6 2010

Publication series

NameProceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2010

Conference

Conference9th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2010
CountryCanada
CityVancouver
Period10/4/1010/6/10

All Science Journal Classification (ASJC) codes

  • Information Systems
  • Computer Networks and Communications
  • Hardware and Architecture

Fingerprint Dive into the research topics of 'TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones'. Together they form a unique fingerprint.

  • Cite this

    Enck, W., Gilbert, P., Chun, B. G., Cox, L. P., Jung, J., McDaniel, P., & Sheth, A. N. (2019). TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2010 (pp. 393-407). (Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2010). USENIX Association.