My name is Daniel Baeumges and I did a Master's Thesis on "Intrusion Detection of Android Applications by Using Taint Analysis in an Emulated Environment" at the Ruhr-Universität Bochum. With this site I try to share prototypes I developed as part of this thesis. 

Please notice that the TaintDroid Runner project presented here is independent of the original TaintDroid project provided on appanalysis.org! TaintDroid Runner "just" uses TaintDroid as a basis.

Anyway, before doing anything with TaintDroid 2.3 please study appanalysis.org. It is also highly recommended to read the initial publications of William Enck, Peter Gilbert, Byung-gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth on TaintDroid (http://appanalysis.org/pubs.html).

Questions and feedback regarding the TaintDroid Runner project can be sent to me directly (<first-initial><lastname> -at- gmail.com"), or to the TaintDroid users Google Groups, which I try to monitor regular.

Disclaimer: Use the TaintDroid Runner research prototypes at your own risk!

Additional Descriptions Available

posted Apr 12, 2012, 11:27 AM by Daniel Baeumges

I uploaded additional information to the TaintDroid Runner page. The UML diagrams as well as a description of the TaintLog entities are available.

TaintDroid Runner under Apache License, Version 2.0

posted Mar 28, 2012, 11:33 AM by Daniel Baeumges

Today I updated the Python source files and licensed them under Apache License, Version 2.0
In additional I added some further information on how TaintDroid Runner works.

TaintDroid Runner version 0.5

posted Jan 15, 2012, 7:08 AM by Daniel Baeumges   [ updated Feb 21, 2012, 12:26 PM ]

For doing the final experiments for my master thesis I added a new JSON mode which allows better analysis of the files. In addition, a new taint source media is introduced as well as a new (log) sink GSM call. 
Furthermore, the TaintDroid kernel includes some fixes, especially for the content provider handling.

TaintDroid Runner version 0.4

posted Nov 27, 2011, 3:42 AM by Daniel Baeumges

After some multi-threaded tests I faced some deadlock issue. So I had to change the thread behavior. In addition I added a new report mode which generates a basic report showing the results of one analysis run.
In addition I modified the TaintDroid 2.3 kernel in order to enable (runtime) configurations for taint logging.

TaintDroid Tester and Build on Ubuntu 11.10

posted Nov 7, 2011, 10:13 PM by Daniel Baeumges

For testing the TaintDroid Runner and/or the TaintDroid Build I created a simple App utilizing some of the modified APIs. The tester app can be found in section TaintDroid Tester.

In addition I added information on how to build TaintDroid on Ubuntu 11.10.

TaintDroid Runner version 0.3

posted Nov 6, 2011, 2:43 AM by Daniel Baeumges

A new version of the TaintDroid Runner is available. Mainly I added new features in the TaintDroid Build: SMS activities and crypto usage are logged, too. In addition all actions are also logged for untainted information.

TaintDroid Runner version 0.2

posted Oct 16, 2011, 3:25 AM by Daniel Baeumges   [ updated Oct 16, 2011, 5:11 AM ]

After analyzing the first apps with TaintDroid Runner 0.1 I did some improvements which makes it more easy to analyze Android apps. With the new version it is no longer required to specify the app's packge. All information are extracted out of the APK archive. It is also possible to analyze apps without a default activity.

TaintDroid Runner version 0.1

posted Sep 15, 2011, 9:32 PM by Daniel Baeumges

Today I uploaded a prototype called TaintDroid Runner which automatically runs and analyzes Android applications on a modified TaintDroid 2.3 system.


posted Sep 7, 2011, 11:35 AM by Daniel Baeumges   [ updated Oct 2, 2011, 6:05 AM ]

Welcome to my page on TaintDroid 2.3. With this site I would like to share some findings on the usage of TaintDroid 2.3 in an emulated environment to detect sensitive data leakage.

At the beginning you will find information on how to build TaintDroid 2.3 for the emulator and how to hide the emulator in order to have a more realistic IMSI, IMEI, SIM, and AndroidId.

1-9 of 9