| Title | PIITracker: Automatic Tracking of Personally Identifiable Information in Windows |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Arefi, Meisam Navaki, Alexander, Geoffrey, Crandall, Jedidiah R. |
| Conference Name | Proceedings of the 11th European Workshop on Systems Security |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-5652-7 |
| Keywords | composability, Dynamic Information Flow Tracking, Dynamical Systems, Metrics, privacy, pubcrawl, Resiliency, reverse engineering |
| Abstract | Personally Identifiable Information (PII) is information that can be used on its own or with other information to distinguish or trace an individual's identity. To investigate an application for PII tracking, a reverse engineer has to put considerable effort to reverse engineer an application and discover what an application does with PII. To automate this process and save reverse engineers substantial time and effort, we propose PIITracker which is a new and novel tool that can track PII automatically and capture if any processes are sending PII over the network. This is made possible by 1) whole-system dynamic information flow tracking 2) monitoring specific function and system calls. We analyzed 15 popular chat applications and browsers using PIITracker, and determined that 12 of these applications collect some form of PII. |
| URL | http://doi.acm.org/10.1145/3193111.3193114 |
| DOI | 10.1145/3193111.3193114 |
| Citation Key | arefi_piitracker:_2018 |
PIITracker: Automatic Tracking of Personally Identifiable Information in Windows