Privacy Detective: Sniffing Out Your Data Leaks for Android

Privacy Detective is a dynamic privacy analysis tool for Android that uses Frida to detect data leaks and privacy violations

The tool monitors data flows across three main layers:

• Data collection from Android runtime and native libraries
• Data processing including TLS decryption and nested encryption analysis
• Data analysis with regex-based scanning for sensitive information

Key capabilities include:

• TCP/TLS traffic interception and decryption
• Detection of nested encryption within TLS
• H2 header decompression
• Thread ID-based connection tracking
• Scanning for sensitive data patterns (IDs, GPS, URLs, etc.)

Main privacy recommendations:

• Use runtime permissions and limit unnecessary access
• Implement parameterized queries instead of direct SQL commands
• Avoid direct execution of circle commands
• Keep Android system updated for latest security features
• Disable unused permissions and tracking features

GDPR compliance focus:

• Detect TLS versions below 1.2
• Monitor double encryption of personal data
• Report non-compliant data transmissions
• Maximum fines are €20M or 4% of global revenue

Tool deployment features:

• One-click installation scripts
• Automatic dependency resolution
• Customizable scanning rules
• Output in formatted analysis files

The research revealed many apps still collect excessive personal data despite privacy policies:

• Device IDs
• Location data
• User tracking information
• Behavioral data