Abstract
Nowadays, smartphone market has been growing rapidly, and smartphone has become essential as a business tool. One of the crucial advantages of a smartphone is an installable third-party application. Number of these has continued to grow explosively. However, vulnerabilities in smartphone applications are seemed as serious problem. This is not only for the smartphone users, also for smartphone application developers and/or vendors. Until now, most vulnerability tests on smartphone applications are targeted that has been packaged as a commercial product and distributed in application marketplaces. These tests are performed on dynamically on application binaries. In this paper, we aim to develop the static vulnerability verification tool that can be utilized for smartphone application developers and/or vendors in the implementation and/or test phase of development process. This tool intakes source codes and determine where to read the privacy information in the source codes, and determine where to write/send the information in there. Then analyze the privacy information transfer and/or transform flow and report the possibilities of privacy information leakage to application developers.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2013 |
| DOIs | |
| Publication status | Published - Apr 10 2013 |
| Event | 7th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2013 - Kota Kinabalu, Malaysia Duration: Jan 17 2013 → Jan 19 2013 |
Publication series
| Name | Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2013 |
|---|
Other
| Other | 7th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2013 |
|---|---|
| Country | Malaysia |
| City | Kota Kinabalu |
| Period | 1/17/13 → 1/19/13 |
Fingerprint
All Science Journal Classification (ASJC) codes
- Computer Networks and Communications
- Information Systems
Cite this
A proposal for the privacy leakage verification tool for android application developers. / Matsumoto, Shinichi; Sakurai, Kouichi.
Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2013. 2013. 54 (Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2013).Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
}
TY - GEN
T1 - A proposal for the privacy leakage verification tool for android application developers
AU - Matsumoto, Shinichi
AU - Sakurai, Kouichi
PY - 2013/4/10
Y1 - 2013/4/10
N2 - Nowadays, smartphone market has been growing rapidly, and smartphone has become essential as a business tool. One of the crucial advantages of a smartphone is an installable third-party application. Number of these has continued to grow explosively. However, vulnerabilities in smartphone applications are seemed as serious problem. This is not only for the smartphone users, also for smartphone application developers and/or vendors. Until now, most vulnerability tests on smartphone applications are targeted that has been packaged as a commercial product and distributed in application marketplaces. These tests are performed on dynamically on application binaries. In this paper, we aim to develop the static vulnerability verification tool that can be utilized for smartphone application developers and/or vendors in the implementation and/or test phase of development process. This tool intakes source codes and determine where to read the privacy information in the source codes, and determine where to write/send the information in there. Then analyze the privacy information transfer and/or transform flow and report the possibilities of privacy information leakage to application developers.
AB - Nowadays, smartphone market has been growing rapidly, and smartphone has become essential as a business tool. One of the crucial advantages of a smartphone is an installable third-party application. Number of these has continued to grow explosively. However, vulnerabilities in smartphone applications are seemed as serious problem. This is not only for the smartphone users, also for smartphone application developers and/or vendors. Until now, most vulnerability tests on smartphone applications are targeted that has been packaged as a commercial product and distributed in application marketplaces. These tests are performed on dynamically on application binaries. In this paper, we aim to develop the static vulnerability verification tool that can be utilized for smartphone application developers and/or vendors in the implementation and/or test phase of development process. This tool intakes source codes and determine where to read the privacy information in the source codes, and determine where to write/send the information in there. Then analyze the privacy information transfer and/or transform flow and report the possibilities of privacy information leakage to application developers.
UR - http://www.scopus.com/inward/record.url?scp=84875840141&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84875840141&partnerID=8YFLogxK
U2 - 10.1145/2448556.2448610
DO - 10.1145/2448556.2448610
M3 - Conference contribution
AN - SCOPUS:84875840141
SN - 9781450319584
T3 - Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2013
BT - Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2013
ER -