My name is Daniel Baeumges and I did a Master's Thesis on "Intrusion Detection of Android Applications by Using Taint Analysis in an Emulated Environment" at the Ruhr-Universität Bochum. With this site I try to share prototypes I developed as part of this thesis.
Please notice that the TaintDroid Runner project presented here is independent of the original TaintDroid project provided on appanalysis.org! TaintDroid Runner "just" uses TaintDroid as a basis.
Anyway, before doing anything with TaintDroid 2.3 please study appanalysis.org. It is also highly recommended to read the initial publications of William Enck, Peter Gilbert, Byung-gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth on TaintDroid (http://appanalysis.org/pubs.html).
Questions and feedback regarding the TaintDroid Runner project can be sent to me directly (<first-initial><lastname> -at- gmail.com"), or to the TaintDroid users Google Groups, which I try to monitor regular.
Disclaimer: Use the TaintDroid Runner research prototypes at your own risk!
I uploaded additional information to the TaintDroid Runner page. The UML diagrams as well as a description of the TaintLog entities are available.
Today I updated the Python source files and licensed them under Apache License, Version 2.0
In additional I added some further information on how TaintDroid Runner works.
For doing the final experiments for my master thesis I added a new JSON mode which allows better analysis of the files. In addition, a new taint source media is introduced as well as a new (log) sink GSM call.
Furthermore, the TaintDroid kernel includes some fixes, especially for the content provider handling.
After some multi-threaded tests I faced some deadlock issue. So I had to change the thread behavior. In addition I added a new report mode which generates a basic report showing the results of one analysis run.
In addition I modified the TaintDroid 2.3 kernel in order to enable (runtime) configurations for taint logging.
For testing the TaintDroid Runner and/or the TaintDroid Build I created a simple App utilizing some of the modified APIs. The tester app can be found in section TaintDroid Tester.
In addition I added information on how to build TaintDroid on Ubuntu 11.10.
A new version of the TaintDroid Runner is available. Mainly I added new features in the TaintDroid Build: SMS activities and crypto usage are logged, too. In addition all actions are also logged for untainted information.
After analyzing the first apps with TaintDroid Runner 0.1 I did some improvements which makes it more easy to analyze Android apps. With the new version it is no longer required to specify the app's packge. All information are extracted out of the APK archive. It is also possible to analyze apps without a default activity.
Today I uploaded a prototype called TaintDroid Runner which automatically runs and analyzes Android applications on a modified TaintDroid 2.3 system.
Welcome to my page on TaintDroid 2.3. With this site I would like to share some findings on the usage of TaintDroid 2.3 in an emulated environment to detect sensitive data leakage.
At the beginning you will find information on how to build TaintDroid 2.3 for the emulator and how to hide the emulator in order to have a more realistic IMSI, IMEI, SIM, and AndroidId.
1-9 of 9