Abstract
Today's smartphone operating systems frequently fail to provide users with adequate control over and visibility into how third-party applications use their private data. In this talk, I will present how we address these shortcomings with TaintDroid. TaintDroid is an efficient, system-wide dynamic taint tracking and analysis system capable of simultaneously tracking multiple sources of sensitive data. TaintDroid provides realtime analysis by leveraging Android's virtualized execution environment. TaintDroid incurs only 14% performance overhead on a CPU-bound micro-benchmark and imposes negligible overhead on interactive third-party applications. Using TaintDroid to monitor the behavior of 30 popular third-party Android applications, we found 68 instances of potential misuse of users' private information across 20 applications. Monitoring sensitive data with TaintDroid provides informed use of third-party applications for phone users and valuable input for smartphone security service firms seeking to identify misbehaving applications. Finally, I will briefly talk about our on-going effort to improve smartphone security.
Short bio
Byung-Gon Chun is a Research Scientist at Intel Labs Berkeley. His research interests are cloud computing, mobile computing with emphasis on smartphones, and secure distributed systems and networks. Prior to that, Chun was a postdoctoral researcher at the International Computer Science Institute located at Berkeley. Chun holds a Ph.D. in the Computer Science Division at the University of California, Berkeley, an M.S. from the Computer Science Department at Stanford University, and a B.S. and an M.S. from the Electronic Engineering Department at Seoul National University, South Korea. He has published papers in prestigious conferences including SOSP, OSDI, NSDI, SIGCOMM, and EuroSys.
Resources
This will be shown to users with no Flash or Javascript.
|
