@inproceedings{04f781301c944007b782e61bea0ca255,
title = "Execution enhanced static detection of android privacy leakage hidden by dynamic class loading",
abstract = "Mobile apps often need to collect and/or access sensitive user information to fulfill their purposes, but they may also leak such information either intentionally or accidentally, causing financial and/or emotional damages to users. In the past few years, researchers have developed various techniques to detect privacy leakage in mobile apps, however, such detection remains a challenging task when privacy leakage is implemented via dynamic class loading (DCL). In this work, we propose the DL2 technique that enhances static analysis with dynamic app execution to effectively detect privacy leakage implemented via DCL in Android apps. To evaluate DL2, we construct a benchmark of 88 subject apps with 2578 injected privacy leaks and apply DL2 to the apps. DL2 was able to detect 1073, or 42%, of the leaks, significantly outperforming existing state-of-the-art privacy leakage detection tools.",
keywords = "Constraint Solving, Dynamic Class Loading, Privacy Leakage Detection, Taint Analysis",
author = "Yufei Yang and Wenbo Luo and Yu Pei and Minxue Pan and Tian Zhang",
year = "2019",
month = jul,
doi = "10.1109/COMPSAC.2019.00029",
language = "English",
series = "Proceedings - International Computer Software and Applications Conference",
publisher = "IEEE Computer Society",
pages = "149--158",
editor = "Vladimir Getov and Jean-Luc Gaudiot and Nariyoshi Yamai and Stelvio Cimato and Morris Chang and Yuuichi Teranishi and Ji-Jiang Yang and Leong, {Hong Va} and Hossian Shahriar and Michiharu Takemoto and Dave Towey and Hiroki Takakura and Atilla Elci and Susumu Takeuchi and Satish Puri",
booktitle = "Proceedings - 2019 IEEE 43rd Annual Computer Software and Applications Conference, COMPSAC 2019",
address = "United States",
note = "43rd IEEE Annual Computer Software and Applications Conference, COMPSAC 2019 ; Conference date: 15-07-2019 Through 19-07-2019",
}