ScanDal is a static analyzer for detecting privacy leaks in Android applications.



This video shows ScanDal detecting privacy leaks from Google Wallpapers application. The result shows that the application sends out the device ID via internet.


dex size is the size of the dex file (KB). time is the CPU time spent (sec). mem is the peak memory consumption (MB). Flurry, Adsense and Admob servers are identified. Unidentified servers are the content servers of the applications.


ScanDal: Static Analyzer for Detecting Privacy Leaks in Android Applications, Mobile Security Technologies
Jinyung Kim, Yongho Yoon, Kwangkeun Yi (Seoul National University), Junbum Shin (Samsung Electronics)
MoST 2012: Mobile Security Technologies, May 2012



For general questions regarding ScanDal, please send email to scandal _at_

Group Photo
This work was supported by Samsung Electronics DMC R&D Center, the Engineering Research Center of Excellence Program of Korea Ministry of Education, Science and Technology (MEST) / National Research Foundation of Korea (NRF), and the Brain Korea 21 Project, School of Electrical Engineering and Computer Science, Seoul National University.