Analyzing HTTP-Based Information Exfiltration of Malicious Android Applications

Soham Kelkar, Timothy Kraus, Daria Morgan, Junjie Zhang, Rui Dai

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Exfiltrating sensitive information from smartphones has become one of the most significant security threats. We have built a system to identify HTTP-based information exfiltration of malicious Android applications. In this paper, we discuss the method to track the propagation of sensitive information in Android applications using static taint analysis. We have studied the leaked information, destinations to which information is exfiltrated, and their correlations with types of sensitive information. The analysis results based on 578 malicious Android applications have revealed that a significant portion of these applications are interested in identity-related sensitive information. The vast majority of malicious applications leak multiple types of sensitive information. We have also identified servers associated with three country codes including CN, US, and SG are most active in collecting sensitive information. The analysis results have also demonstrated that a wide range of non-default ports are used by suspicious URLs.

Original languageEnglish
Title of host publication2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)
PublisherIEEE
Pages1642-1645
Number of pages4
ISBN (Electronic)978-1-5386-4388-4
ISBN (Print)978-1-5386-4389-1
DOIs
StatePublished - Sep 5 2018
Externally publishedYes
Event17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications and 12th IEEE International Conference on Big Data Science and Engineering, Trustcom/BigDataSE 2018 - New York, United States
Duration: Jul 31 2018Aug 3 2018

Conference

Conference17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications and 12th IEEE International Conference on Big Data Science and Engineering, Trustcom/BigDataSE 2018
Country/TerritoryUnited States
CityNew York
Period7/31/188/3/18

ASJC Scopus Subject Areas

  • Computer Networks and Communications
  • Hardware and Architecture
  • Information Systems
  • Information Systems and Management
  • Safety, Risk, Reliability and Quality

Keywords

  • Android Applications
  • HTTP Based
  • Information Exfiltration

Disciplines

  • Computer Sciences
  • Engineering

Cite this