LeakSemantic: Identifying Abnormal Sensitive Network Transmissions in Mobile Applications

by   Hao Fu, et al.

Mobile applications (apps) often transmit sensitive data through network with various intentions. Some transmissions are needed to fulfill the app's functionalities. However, transmissions with malicious receivers may lead to privacy leakage and tend to behave stealthily to evade detection. The problem is twofold: how does one unveil sensitive transmissions in mobile apps, and given a sensitive transmission, how does one determine if it is legitimate? In this paper, we propose LeakSemantic, a framework that can automatically locate abnormal sensitive network transmissions from mobile apps. LeakSemantic consists of a hybrid program analysis component and a machine learning component. Our program analysis component combines static analysis and dynamic analysis to precisely identify sensitive transmissions. Compared to existing taint analysis approaches, LeakSemantic achieves better accuracy with fewer false positives and is able to collect runtime data such as network traffic for each transmission. Based on features derived from the runtime data, machine learning classifiers are built to further differentiate between the legal and illegal disclosures. Experiments show that LeakSemantic achieves 91 on 2279 sensitive connections from 1404 apps.


page 1

page 2

page 3

page 4


Mobile Mental Health Apps: Alternative Intervention or Intrusion?

Mental health is an extremely important subject, especially in these unp...

DeviceWatch: Identifying Compromised Mobile Devices through Network Traffic Analysis and Graph Inference

In this paper, we propose to identify compromised mobile devices from a ...

Detecting Data Leakage from Databases on Android Apps with Concept Drift

Mobile databases are the statutory backbones of many applications on sma...

Difuzer: Uncovering Suspicious Hidden Sensitive Operations in Android Apps

One prominent tactic used to keep malicious behavior from being detected...

Dissecting Android Cryptocurrency Miners

Cryptojacking applications pose a serious threat to mobile devices. Due ...

Debreach: Mitigating Compression Side Channels via Static Analysis and Transformation

Compression is an emerging source of exploitable side-channel leakage th...

Please sign up or login with your details

Forgot password? Click here to reset