X-Prcaf : Xposed Based Protecting Cache File from Leaks in Android Social Applications

2016 Third International Conference on Trustworthy Systems and their Applications (TSA) Pub Date : 2016-09-01 DOI:10.1109/TSA.2016.13

Qi Tang, Wen Zhang, Xiaoyong Li, Bin Wang

{"title":"X-Prcaf : Xposed Based Protecting Cache File from Leaks in Android Social Applications","authors":"Qi Tang, Wen Zhang, Xiaoyong Li, Bin Wang","doi":"10.1109/TSA.2016.13","DOIUrl":null,"url":null,"abstract":"With the high frequent use of social applications on Android platform, the cache file privacy disclosure issues have become increasingly serious. To our best knowledge, there is no effective privacy protection solution for social applications cache files. In this paper, we analyze the present situation of social applications cache file leaks on Android platform, and provide a privacy disclosure assessment criterion based on file storage directories and security state machines. And a cache file privacy protection framework, X-Prcaf (Xposed-based-Protecting-Cache-File), is proposed, which can make social applications avoid privacy data leaks in running process. This framework mainly uses taint tracking technology, operating system hook technology, and cryptographic technology. It aims to protect the entire life cycle of the social applications cache files, by strategy pre-generation, real-time monitoring and security reinforcement. Experiments demonstrate that X-Prcaf has a good effect on the cache file leaks of social software.","PeriodicalId":114541,"journal":{"name":"2016 Third International Conference on Trustworthy Systems and their Applications (TSA)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 Third International Conference on Trustworthy Systems and their Applications (TSA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/TSA.2016.13","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

Abstract

With the high frequent use of social applications on Android platform, the cache file privacy disclosure issues have become increasingly serious. To our best knowledge, there is no effective privacy protection solution for social applications cache files. In this paper, we analyze the present situation of social applications cache file leaks on Android platform, and provide a privacy disclosure assessment criterion based on file storage directories and security state machines. And a cache file privacy protection framework, X-Prcaf (Xposed-based-Protecting-Cache-File), is proposed, which can make social applications avoid privacy data leaks in running process. This framework mainly uses taint tracking technology, operating system hook technology, and cryptographic technology. It aims to protect the entire life cycle of the social applications cache files, by strategy pre-generation, real-time monitoring and security reinforcement. Experiments demonstrate that X-Prcaf has a good effect on the cache file leaks of social software.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

X-Prcaf:基于暴露保护缓存文件从泄漏在Android社交应用程序

随着社交应用在Android平台上的频繁使用，缓存文件隐私泄露问题日益严重。据我们所知，目前还没有针对社交应用缓存文件的有效隐私保护解决方案。本文分析了Android平台上社交应用缓存文件泄露的现状，提出了基于文件存储目录和安全状态机的隐私泄露评估标准。提出了一种缓存文件隐私保护框架X-Prcaf (exposed -based- protection - cache - file)，可以使社交应用在运行过程中避免隐私数据泄露。该框架主要使用了污点跟踪技术、操作系统钩子技术和加密技术。通过策略预生成、实时监控和安全加固，保护社交应用缓存文件的整个生命周期。实验表明，X-Prcaf对社交软件的缓存文件泄露具有良好的效果。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2016 Third International Conference on Trustworthy Systems and their Applications (TSA)

自引率

0.00%

发文量