An Algorithm And Implementation To Detect Covert Channels And Data Leakage In Mobile Applications

Abstract

As the popularity of the Android Operating System and mobile devices con- tinue to rise, there is a critical need to ensure the sensitive information con- tained on these devices remains private. Covert channels pose a threat to the Android Operating system by communicating stealthily over channels not intended as a source of communication. The surreptitious channels make it difficult for Android's current security mechanisms to detect the presence of covert communication. Covert channels pose a significant risk to user's privacy because sensitive information requiring explicit permission can end up in applications without the consent of the user. In this thesis, we present an algorithm general enough to detect covert communication in mobile de- vices as well as desktop and laptop-based devices. We put our algorithm to the test by implementing and testing on real-world applications present in the google play store, malware samples, and samples taken from geographical regions known to produce spyware. We successfully detected covert commu- nication on a suite of Android applications built to communicate covertly and found applications passing sensitive information through Android's in- terprocess communication mechanisms.