Mingshen Sun, Tao Wei, and John C.S. Lui
The 23rd ACM Conference on Computer and Communications Security, CCS '16.

taintart-1.svg
Dalvik and ART.
taintart-2.svg
Overview of TaintART.

Availability:

Abstract. Mobile operating systems like Android failed to provide sufficient protection on personal data, and privacy leakage becomes a major concern. To understand the security risks and privacy leakage, analysts have to carry out data-flow analysis. In 2014, Android upgraded with a fundamentally new design known as Android RunTime (ART) environment in Android 5.0. ART adopts ahead-of-time compilation strategy and replaces previous virtual-machine-based Dalvik. Unfortunately, many data-flow analysis systems like TaintDroid were designed for the legacy Dalvik environment. This makes data-flow analysis of new apps and malware infeasible. We design a multi-level information-flow tracking system for the new Android system called TaintART. TaintART employs a multi-level taint analysis technique to minimize the taint tag storage. Therefore, taint tags can be stored in processor registers to provide efficient taint propagation operations. We also customize the ART compiler to maximize performance gains of the ahead-of-time compilation optimizations. Based on the general design of TaintART, we also implement a multi-level privacy enforcement to prevent sensitive data leakage. We demonstrate that TaintART only incurs less than 15% overheads on a CPU-bound microbenchmark and negligible overhead on built-in or third-party applications. Compared to legacy Dalvik environment in Android 4.4, TaintART achieves about 99.7% faster performance for Java runtime benchmark.

BibTeX Record:

@inproceedings{sun2016taintart,
  author = {Sun, Mingshen and Wei, Tao and Lui, John C.S.},
  title = {TaintART: A Practical Multi-level Information-Flow Tracking System for Android RunTime},
  booktitle = {Proceedings of the 23rd ACM Conference on Computer and Communications Security},
  series = {CCS'16},
  year = {2016},
}