Home - mingyuan-xia/AppAudit GitHub Wiki

We design AppAudit, a program analysis framework that checks if an Android application leaks sensitive personal data. AppAudit is designed with minimalism, using least possible memory and least amount of time. Current prototype could vet a real app with 256MB memory in 5 seconds on average. AppAudit can be used for three use cases:

• mobile app developers could use AppAudit to check if their apps include any data-leaking libraries or modules
• the app market could use AppAudit to vet newly uploaded apps and remove data-leaking ones
• mobile users could use AppAudit to avoid installing data-leaking apps

This wiki includes the supplementary materials associated with our paper. One is the malware analysis reports we collected and the other is a detailed analysis of the BeanBot malware family. We make these public in hope that these would be useful to anyone working on similar directions. AppAudit will appear at IEEE Symposium on Security and Privacy (S&P) 2015.