Abstract

This work is dealing with privilege escalation attacks on Android based smartphones. From the conceptual side we revisit information graph based approaches that aim to identify critical shared resources between simultaneously running applications (Apps). The proposed QuantDroid architecture is implemented and flexible enough to handle different known overt channel resources by causing only a moderate performance penalty at runtime. Compared to recently proposed solutions like TaintDroid or XManDroid, our approach QuantDroid models the information flow graph precisely and quantitatively.