DROIT plus : Taint Tracking for Storage Access on Android

Abstract

The leakage of sensitive data has been a major concern in Android ecosystem. Analysts therefore propose dynamical taint tracking to effectively track the data flow of accessed data. However, the off-the-shelf taint tracking systems lack byte-granularity support for storage tracking. In this paper, we propose DROIT+ which uses the fine-grained storage tracking technique to track data flow among Android storages. DROIT+ is able to reveal the composition of data flows. Storage tracking on Android is difficult since data flows of apps may span heterogeneous media including memory, SD cards, NAND Flash, and network adapters. To capture a whole picture of data flows in storage, we formally define data flow and propose our method from both logical and physical perspectives. The method has also been implemented as an extension to the proposed tracking system, DROIT. Two case studies and two benchmark tools are used for the evaluation in terms of storage tracking ability, network tracking ability, and efficiency, respectively. The result shows that DROIT+ provides a better coverage using byte-granularity taint tracking.