REU 2016-Android Security Group 1

Most of the millions of Android users worldwide use third-party applications from the official Android market (Google Play store) and unregulated alternative markets to get more functionality from their devices. Many of these applications transmit sensitive data stored on the device, either maliciously or accidentally, to outside networks. In this project, we will study the ways that Android applications transmit data to outside servers and develop a user-friendly application to inform and protect the user from these security risks. We will use tools such as TaintDroid, AppIntent, and Securacy to develop an application that reveals what types of data are being transmitted from apps, the location to which the data is being transmitted, whether the data is being transmitted through a secure channel (such as HTTPS) and whether the user is aware that the information is being transmitted. The application will generate a report that allows the user to block the application that leaks sensitive information. In doing so, we will examine the importance, relevance, and prevalence of these Android data security issues.