Detecting Data Leakage from Databases on Android Apps with Concept Drift

May 30, 2018 · Declared Dead · 🏛 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)

"No code URL or promise found in abstract"

Evidence collected by the PWNC Scanner

Authors Gokhan Kul, Shambhu Upadhyaya, Varun Chandola arXiv ID 1805.11780 Category cs.CR: Cryptography & Security Cross-listed cs.DB Citations 10 Venue 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE) Last Checked 4 months ago

Abstract

Mobile databases are the statutory backbones of many applications on smartphones, and they store a lot of sensitive information. However, vulnerabilities in the operating system or the app logic can lead to sensitive data leakage by giving the adversaries unauthorized access to the app's database. In this paper, we study such vulnerabilities to define a threat model, and we propose an OS-version independent protection mechanism that app developers can utilize to detect such attacks. To do so, we model the user behavior with the database query workload created by the original apps. Here, we model the drift in behavior by comparing probability distributions of the query workload features over time. We then use this model to determine if the app behavior drift is anomalous. We evaluate our framework on real-world workloads of three different popular Android apps, and we show that our system was able to detect more than 90% of such attacks.