Next Article in Journal
A Novel Approach for Group Decision-Making from Intuitionistic Fuzzy Preference Relations and Intuitionistic Multiplicative Preference Relations
Previous Article in Journal
On the Users’ Acceptance of IoT Systems: A Theoretical Approach
Article Menu

Export Article

Open AccessArticle
Information 2018, 9(3), 54; https://doi.org/10.3390/info9030054

Unix Domain Sockets Applied in Android Malware Should Not Be Ignored

School of Automation, Northwestern Polytechnical University, Xi’an 710072, China
*
Author to whom correspondence should be addressed.
Received: 8 February 2018 / Revised: 1 March 2018 / Accepted: 2 March 2018 / Published: 4 March 2018
Full-Text   |   PDF [5065 KB, uploaded 6 March 2018]   |  

Abstract

Increasingly, malicious Android apps use various methods to steal private user data without their knowledge. Detecting the leakage of private data is the focus of mobile information security. An initial investigation found that none of the existing security analysis systems can track the flow of information through Unix domain sockets to detect the leakage of private data through such sockets, which can result in zero-day exploits in the information security field. In this paper, we conduct the first systematic study on Unix domain sockets as applied in Android apps. Then, we identify scenarios in which such apps can leak private data through Unix domain sockets, which the existing dynamic taint analysis systems do not catch. Based on these insights, we propose and implement JDroid, a taint analysis system that can track information flows through Unix domain sockets effectively to detect such privacy leaks. View Full-Text
Keywords: Android; information flows; Unix domain sockets; private data; malware Android; information flows; Unix domain sockets; private data; malware
Figures

Figure 1

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited (CC BY 4.0).
SciFeed

Share & Cite This Article

MDPI and ACS Style

Jiang, X.; Mu, D.; Zhang, H. Unix Domain Sockets Applied in Android Malware Should Not Be Ignored. Information 2018, 9, 54.

Show more citation formats Show less citations formats

Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Related Articles

Article Metrics

Article Access Statistics

1

Comments

[Return to top]
Information EISSN 2078-2489 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top