TY - GEN
T1 - A proposal for the privacy leakage verification tool for android application developers
AU - Matsumoto, Shinichi
AU - Sakurai, Kouichi
PY - 2013/4/10
Y1 - 2013/4/10
N2 - Nowadays, smartphone market has been growing rapidly, and smartphone has become essential as a business tool. One of the crucial advantages of a smartphone is an installable third-party application. Number of these has continued to grow explosively. However, vulnerabilities in smartphone applications are seemed as serious problem. This is not only for the smartphone users, also for smartphone application developers and/or vendors. Until now, most vulnerability tests on smartphone applications are targeted that has been packaged as a commercial product and distributed in application marketplaces. These tests are performed on dynamically on application binaries. In this paper, we aim to develop the static vulnerability verification tool that can be utilized for smartphone application developers and/or vendors in the implementation and/or test phase of development process. This tool intakes source codes and determine where to read the privacy information in the source codes, and determine where to write/send the information in there. Then analyze the privacy information transfer and/or transform flow and report the possibilities of privacy information leakage to application developers.
AB - Nowadays, smartphone market has been growing rapidly, and smartphone has become essential as a business tool. One of the crucial advantages of a smartphone is an installable third-party application. Number of these has continued to grow explosively. However, vulnerabilities in smartphone applications are seemed as serious problem. This is not only for the smartphone users, also for smartphone application developers and/or vendors. Until now, most vulnerability tests on smartphone applications are targeted that has been packaged as a commercial product and distributed in application marketplaces. These tests are performed on dynamically on application binaries. In this paper, we aim to develop the static vulnerability verification tool that can be utilized for smartphone application developers and/or vendors in the implementation and/or test phase of development process. This tool intakes source codes and determine where to read the privacy information in the source codes, and determine where to write/send the information in there. Then analyze the privacy information transfer and/or transform flow and report the possibilities of privacy information leakage to application developers.
UR - http://www.scopus.com/inward/record.url?scp=84875840141&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84875840141&partnerID=8YFLogxK
U2 - 10.1145/2448556.2448610
DO - 10.1145/2448556.2448610
M3 - Conference contribution
AN - SCOPUS:84875840141
SN - 9781450319584
T3 - Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2013
BT - Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2013
T2 - 7th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2013
Y2 - 16 January 2013 through 18 January 2013
ER -