I've ported the latest version of TaintDroid to CyanogenMod 10, currently Android 4.1.2, and built two ROM, one for emulator & one for Galaxy S II (i9100). I've tested the ROM with the emulator and my phone (I have only one Android phone, i.e., i9100). So far, everything works well.
TaintDroid Introduction (copied from the authors' OSDI paper):
Todays smartphone operating systems frequently fail to provide users with adequate control over and visibility into how third-party applications use their private data. We address these shortcomings with TaintDroid, an efficient, system-wide dynamic taint tracking and analysis system capable of simultaneously tracking multiple sources of sensitive data. TaintDroid provides realtime analysis by leveraging Androids virtualized execution environment. TaintDroid incurs only 14% performance overhead on a CPU-bound micro-benchmark and imposes negligible overhead on interactive third-party applications. Using TaintDroid to monitor the behavior of 30 popular third-party Android applications, we found 68 instances of potential misuse of users private information across 20 applications. Monitoring sensitive data with TaintDroid provides informed use of third-party applications for phone users and valuable input for smartphone security service firms seeking to identify misbehaving applications.
Please refer to appanalysis.org for more details.
Download Link (I cannot directly post URL because I'm a new user at XDA):
1. ROM for emulator. (please append "wc00su5ni9zhx8cacrpo" to "box.com/s/" to download)
2. ROM for i9100. (please append "jb205rmc70uk0cwdy09r" to "box.com/s/" to download)
TODO:
1. Solve the false-positive and false negative results
2. Build a more powerful taint management application
3. Provide faked information
3. more ...
TaintDroid Introduction (copied from the authors' OSDI paper):
Todays smartphone operating systems frequently fail to provide users with adequate control over and visibility into how third-party applications use their private data. We address these shortcomings with TaintDroid, an efficient, system-wide dynamic taint tracking and analysis system capable of simultaneously tracking multiple sources of sensitive data. TaintDroid provides realtime analysis by leveraging Androids virtualized execution environment. TaintDroid incurs only 14% performance overhead on a CPU-bound micro-benchmark and imposes negligible overhead on interactive third-party applications. Using TaintDroid to monitor the behavior of 30 popular third-party Android applications, we found 68 instances of potential misuse of users private information across 20 applications. Monitoring sensitive data with TaintDroid provides informed use of third-party applications for phone users and valuable input for smartphone security service firms seeking to identify misbehaving applications.
Please refer to appanalysis.org for more details.
Download Link (I cannot directly post URL because I'm a new user at XDA):
1. ROM for emulator. (please append "wc00su5ni9zhx8cacrpo" to "box.com/s/" to download)
2. ROM for i9100. (please append "jb205rmc70uk0cwdy09r" to "box.com/s/" to download)
TODO:
1. Solve the false-positive and false negative results
2. Build a more powerful taint management application
3. Provide faked information
3. more ...