Android's Sensitive Data Leakage Detection Based on API Monitoring

Due to the openness of Android, more and more malware has exploded, and constitutes a huge security threat to Android-based smartphones. This paper proposes a mechanism to study sensitive data leakage by analyzing sensitive APIs, decompiles Android APK to get smali files, and defines a sensitive API library related to user privacy. Then, analyzes the potential threats by detecting the sensitive API in the source code, and determines whether there is a sensitive data leakage. We analyzed 20 applications with the help of the mechanism, and in the paper we present one detailed analysis process.