Introduction

ScanDal is a static analyzer for detecting privacy leaks in Android applications.


Features


Demo

This video shows ScanDal detecting privacy leaks from Google Wallpapers application. The result shows that the application sends out the device ID via internet.


Experiments

dex size is the size of the dex file (KB). time is the CPU time spent (sec). mem is the peak memory consumption (MB). Flurry, Adsense and Admob servers are identified. Unidentified servers are the content servers of the applications.


Paper

ScanDal: Static Analyzer for Detecting Privacy Leaks in Android Applications, Mobile Security Technologies
Jinyung Kim, Yongho Yoon, Kwangkeun Yi (Seoul National University), Junbum Shin (Samsung Electronics)
MoST 2012: Mobile Security Technologies, May 2012

Talks


Contacts

For general questions regarding ScanDal, please send email to scandal _at_ ropas.snu.ac.kr.

Group Photo
This work was supported by Samsung Electronics DMC R&D Center, the Engineering Research Center of Excellence Program of Korea Ministry of Education, Science and Technology (MEST) / National Research Foundation of Korea (NRF), and the Brain Korea 21 Project, School of Electrical Engineering and Computer Science, Seoul National University.