Mobile technologies are spreading at a very quick pace. Differently from desktop PCs, smartphones, tablets, and wearable devices manage a lot of sensitive information of the device’s owner. For this reason, they present a very appealing opportunity for attackers to write malicious apps that are able to steal such information. In this chapter, we analyze a huge set of Android malwares in order to discover which kind of data is exfiltrated from mobile devices and which are the mechanisms that malware writers leverage. For this analysis, three tools were employed that are considered the state of the art of the available technology: FlowDroid, Amandroid, and Epicc. Our results show that mobile malware usually exposes users to a massive data leakage.
Data leakage in mobile malware: The what, the why, and the how
Visaggio C. A.;Mercaldo F.
2017-01-01
Abstract
Mobile technologies are spreading at a very quick pace. Differently from desktop PCs, smartphones, tablets, and wearable devices manage a lot of sensitive information of the device’s owner. For this reason, they present a very appealing opportunity for attackers to write malicious apps that are able to steal such information. In this chapter, we analyze a huge set of Android malwares in order to discover which kind of data is exfiltrated from mobile devices and which are the mechanisms that malware writers leverage. For this analysis, three tools were employed that are considered the state of the art of the available technology: FlowDroid, Amandroid, and Epicc. Our results show that mobile malware usually exposes users to a massive data leakage.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.