DTL 2017


DTL 2017 Program

DTL 2017 Program

Transparency via Automated Dynamic Analysis at Scale



Speaker: Serge Egelman (UC Berkeley)

Primal Wijesekera (UC Berkeley)

We propose a new transparency tool—in the form of a website and API—that allows end-users, regulators, and developers to examine the privacy behaviors of mobile applications. This tool will display the results of our automated application analysis, providing transparency into data-sharing behaviors. Our ultimate goal is to create an end-to-end testbed that allows us to offer analytics-as-a-service at scale: we take a mobile application binary (i.e., Android APK) as input, automatically execute it in a virtualized environment that is monitored by our instrumentation, perform a broad exploration of code branches via a combination of simulated user input and crowdsourced real user input, and then generate reports of relevant application security and privacy behaviors as output.

Our tools will allow us to detect how applications access and share sensitive data, thereby providing transparency into location tracking, device and user fingerprinting, PII leakage, and even various anti-competitive business practices (e.g., privacy policy and legal violations). The results of this automated and reproducible analysis will be structured in a database and made available to the research community, to detect emergent security threats; to relevant regulatory and enforcement authorities, who can enforce violations of regulations and/or privacy policies; and to the general public, who can find more information about the applications they or their family members might use. Through the automatic generation and dissemination of this data using our tools, we will provide transparency into mobile application behaviors.


You can now check the videos of the sessions of DTL Conference 2017 that took place from 11-12th December in Barcelona.

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Cookie Policy.

OK More information