| Smartphone and tablet users typically store a variety of sensitive information on their devices, including contact information, photos, SMS messages, and custom data used by various applications. On Android devices, the data is stored in SQLite databases which applications access by constructing and executing queries, either directly or via Android content provider API calls. Before installing an application that uses a content provider, a user must grant permission for the application to read and/or write the associated data. Many users grant permission with little understanding of the risks. Even more savvy users cannot make well-informed decisions, as they are only given very coarse information about what data the application accesses.;To provide users with more detailed information about how Android apps access and modify stored data, we have developed AQUA, the Android QUery Analyzer. AQUA analyzes application binary code, performing a lightweight static analysis to determine possible values of string variables that are incorporated into queries. AQUA reports on the content providers used and the database tables/attributes accessed and/or updated, allowing users to make more informed decisions about whether to grant permissions. This work describes AQUA's design and evaluates AQUA's accuracy and performance by using it to analyze 105 popular apps downloaded from Google Play.;We then describe an enhanced approach that overcomes some of the obstacles that AQUA was facing. This extension closely works with AQUA, performing call graph analysis to determine possible values of string that are associated with queries. Our implementation more accurately reports on user private data use than original AQUA does. This research includes implementation and evaluation on accuracy and performance of the our approach by using it to analyze 100 popular apps downloaded from Google Play.;Finally, we propose an efficient and accurate approach for detecting malicious Android apps that leak sensitive data of the user. The weakness of the previous approach was extra resources consumption when it only needs to identify whether an app includes malicious dataflow. Our new technique performs flow-sensitive and type-sensitive inter-procedural call analysis. The prototype of our algorithm successful identifies suspicious apps that includes activities of leaking sensitive contents of the user. Accuracy and performance of the algorithm is evaluated by running a prototype implementation on on 400 real apps downloaded from Google Play and third party app stores. |
