Practical Always-on Taint Tracking on Mobile Devices

Taint tracking is a crucial yet expensive security primitive. In the context of mobile devices, given the volume of sensitive data being generated and manipulated, taint tracking is an important aspect of defense in depth, yet is not widely adopted due to performance and energy constraints. Existing work has proposed several forms of optimization for desktop based systems – software only mechanisms, static analysis, hybrid analysis, and hardware-assisted techniques. This paper makes the case for an always-on taint tracking system for mobile devices that embraces the unique properties of mobile operating systems – interpreted runtimes, well-defined APIs, and an overlooked ARM processor feature. Our proposed system combines precise static analysis on Java code and real-time instruction trace support widely available on ARM processors to enable efficient taint tracking.