An Automated Approach for Privacy Leakage Identification in IoT Apps

This thesis presents an automated static analysis approach and a tool, Taint-Things, that identifies tainted flows, which are parts in the code that potentially leak sensitive data, in SmartThings IoT apps. Taint-Things accurately identifies all flows reported by the state-of-the-art tool with at least 4 times improved speed. Our approach analyzes the source code directly and reports the relevant parts containing the lines that affect sensitive information in the app. We present and test ways to improve precision by adding flow, path and context sensitive analyses as modules. We tested our tool by running it on a SmartThings app dataset as well as testing for precision and recall on a mutation framework dataset to see how much coverage is achieved without adding false positives. We show improvement in in terms of speed and the ability to provide a higher level of flow and path sensitive analysis.