本研究針對目前智慧型手機市占率最高的 Android 平台，發展應用程式分析工具。目前 Android 平台有提供權限控管機制，讓要進行特定操作的應用程式，在安裝時必須要得到使用者進行這些操作的許可 (Permission)。然而，Android 的許可模型雖然可讓使用者決定應用程式是否可存取通訊錄、簡訊等資料，或是讓使用者決定是否可以使用網路等功能，卻無法讓使用者知道應用程式將敏感資料透過網路或其他方式傳送到使用者不信賴的地點。
目前許多研究者提出使用動態或靜態分析的方法，去識別應用程式對於敏感資料的使用。然而，目前的研究並沒有呈現資料的去向，因此使用者雖然知道資料會被傳送到網路，但卻不知道會取得資料的單位是否是信賴的單位。
因此，本研究動態分析技術提出了基於動態分析技術的 Android 應用程式分析平台─PathDrawoid，該平台透過資料流分析，去得知敏感資料的去向，並且結合網路黑名單等資訊，讓應用程式的分析人員能夠評估該應用程式的風險，此外PathDrawoid能針對App進行腳本錄製，針對檢測App進行自動化測試。
本研究主要發展PathDrawoid 的工具與概念，運用動態分析的方式找出手機應用程式之資料流向，並以視覺化介面呈現其風險程度，以便 Android 智慧型手機應用程式的分析人員，能夠更方便的掌握到應用程式的風險，而能採取相對應的措施去因應這些風險。

As more and more sensors has been embedded into smartphones, smartphones can obtain more and more context information of users to provide tailored services. However, personal privacy may be invaded if the data are collected by malicious parties. This thesis focuses on the privacy issues of Android applications. In this case, Android systems have permission mechanism to request applications to obtain user consents to access critical resources. However, traditional Android permission mechanism can only reflect whether sensitive data are collected, the mechanism cannot tell users how sensitive data are used.
In light of this, this thesis proposes a privacy risk analysis platform, called PathDrawoid. PathDrawoid allows people, such as application security analysts and users, to establish an Android application inspection project. Therefore, the people can execute the application in a TaintDroid based emulator to collect application behavioral information. In addition, PathDrawoid utilizes the collected information to identify sensitive data leakage of the application and calculates privacy risks of the inspected application based on types of data leaked and targets that data are leaked to. Consequently, people can know privacy risk of an inspected application based on paths of data leakage and associated privacy risks visualized with graphical interface. While traditional researches usually do not focus on providing a data centric user friendly interface for application analysis, this thesis contributes to protect users from using applications with high privacy risks.

[1] Alhamed, M., K. Amiri, M. Omari and L. Wei. Comparing privacy control methods for smartphone platforms. Engineering of Mobile-Enabled Systems (MOBS), 2013 1st International Workshop on the the Engineering of Mobile-Enabled Systems (MOBS), Page(s): 36 – 41, 2013.
[2] Arzt, S., S. Rasthofer, C. Fritz, E. Bodden, A. Bartel, J. Klein, Y. L. Traon, D. Octeau and P. McDaniel. "FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps." SIGPLAN Not. 49(6): 259-269, 2014.
[3] Barrera D, Kayacik HG, van Oorschot PC and Somayaji A. A methodology for empirical analysis of permission-based security models and its application to android. Proceedings of the 17th ACM conference on Computer and communications security. Chicago, Illinois, USA, ACM: 73-84, 2010.
[4] Eder, T., M. Rodler, D. Vymazal and M. Zeilinger. ANANAS - A Framework for Analyzing Android Applications. Proceedings of the 2013 International Conference on Availability, Reliability and Security, IEEE Computer Society: 711-719, 2013.
[5] Elenkov, N. Android Security Internals: An In-Depth Guide to Android's Security Architecture, William Pollock, 2014.
[6] Enck, W., P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel and A. N. Sheth. TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. Proceedings of the 9th USENIX conference on Operating systems design and implementation. Vancouver, BC, Canada, USENIX Association: 1-6, 2010.
[7] Enck, W., P. Gilbert, S. Han, V. Tendulkar, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel and A. N. Sheth. "TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones." ACM Trans. Comput. Syst. 32(2): 1-29, 2014.
[8] Felt, A. P., E. Chin, S. Hanna, D. Song and D. Wagner. Android permissions demystified. Proceedings of the 18th ACM conference on Computer and communications security. Chicago, Illinois, USA, ACM: 627-638, 2011.
[9] Felt, A. P., K. Greenwood and D. Wagner. The effectiveness of application permissions. Proceedings of the 2nd USENIX conference on Web application development. Portland, OR, USENIX Association: 7-7, 2011.
[10] Felt, A. P., E. Ha, S. Egelman, A. Haney, E. Chin and D. Wagner. Android permissions: user attention, comprehension, and behavior. Proceedings of the Eighth Symposium on Usable Privacy and Security. Washington, D.C., ACM: 1-14, 2012.
[11] Gates, C. S., J. Chen, N. Li and R. W. Proctor. "Effective Risk Communication for Android Apps." IEEE Trans. Dependable Secur. Comput. 11(3): 252-265, 2014.
[12] Google. "Manifest.permission."from http://developer.android.com/reference/android/Manifest.permission.html, 2015.
[13] Harbach, M., M. Hettig, S. Weber and M. Smith. Using personal examples to improve risk communication for security & privacy decisions. Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. Toronto, Ontario, Canada, ACM: 2647-2656, 2014.
[14] Lantz, P., A. Desnos and K. Yang. " DroidBox: Android application sandbox." from https://code.google.com/p/droidbox/, 2011.
[15] Lortz, S., H. Mantel, A. Starostin, T. Bähr, D. Schneider and A. Weber. Cassandra: Towards a Certifying App Store for Android. Proceedings of the 4th ACM Workshop on Security and Privacy in Smartphones & Mobile Devices. Scottsdale, Arizona, USA, ACM: 93-104, 2014.
[16] Petsas, T., G. Voyatzis, E. Athanasopoulos, M. Polychronakis and S. Ioannidis. Rage against the virtual machine: hindering dynamic analysis of Android malware. Proceedings of the Seventh European Workshop on System Security. Amsterdam, The Netherlands, ACM: 1-6, 2014.
[17] Rastogi, V., Y. Chen and W. Enck. AppsPlayground: automatic security analysis of smartphone applications. Proceedings of the third ACM conference on Data and application security and privacy. San Antonio, Texas, USA, ACM: 209-220, 2013.
[18] Shen, F., N. Vishnubhotla, C. Todarka, M. Arora, B. Dhandapani, E. J. Lehner, S. Y. Ko and L. Ziarek. Information flows as a permission mechanism. Proceedings of the 29th ACM/IEEE international conference on Automated software engineering. Vasteras, Sweden, ACM: 515-526, 2014.
[19] Vidas, T., J. Tan, J. Nahata, C. L. Tan, N. Christin and P. Tague. A5: Automated Analysis of Adversarial Android Applications. Proceedings of the 4th ACM Workshop on Security and Privacy in Smartphones & Mobile Devices. Scottsdale, Arizona, USA, ACM: 39-50, 2014.
[20] Wang, Y., S. Hariharan, C. Zhao, J. Liu and W. Du. Compac: enforce component-level access control in android. Proceedings of the 4th ACM conference on Data and application security and privacy. San Antonio, Texas, USA, ACM: 25-36, 2014.
[21] Yan, L. K. and H. Yin. DroidScope: seamlessly reconstructing the OS and Dalvik semantic views for dynamic Android malware analysis. Proceedings of the 21st USENIX conference on Security symposium. Bellevue, WA, USENIX Association: 29-29, 2012.
[22] Zhang, Y., M. Yang, B. Xu, Z. Yang, G. Gu, P. Ning, X. S. Wang and B. Zang. Vetting undesirable behaviors in android apps with permission use analysis. Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. Berlin, Germany, ACM: 611-622, 2013.
[23] Chiang, A. "行動惡意程式App數量，正式突破 200萬！." from http://www.trendmicro.tw/tw/about-us/newsroom/releases/articles/20140414090243.html, 2014.
[24] Linli. "IDC：2014 年 Android 出貨量突破 10 億台、iPhone 占全球營收三成." from http://technews.tw/2014/12/02/worldwide-smartphone-growth-forecast-to-slow-from-a-boil-to-a-simmer-as-prices-drop-and-markets-mature-according-to-idc/, 2014.
[25] 戴廷芳. "Gartner：平板出貨量2015年將超越PC達3.2億臺." from http://www.ithome.com.tw/article/89846, 2014.