In recent years, sensitive data leaks of Android system attracted significant attention. The traditional facilities proposed for detecting these leaks, i.e. taint analysis, mostly focus on the precision and recall of the result with few of them addressing the importance of the cost and efficiency. As a matter of fact, the high costs of these tools often make them fail in analyzing large-scale apps and thus block them from wide usage in practice. In this paper, we propose FastDroid, an efficient and precise approach for taint analysis in Android apps with flow and context-sensitivity. First, upon groups of taint rules, a preliminary flow-insensitive taint analysis is conducted to construct the taint value graph which is an abstraction defined to describe the process of taint propagation in an app. Then, potential taint flows are extracted from the taint value graphs and further checked on the control flow graph to acquire the real taint flows. FastDroid is evaluated on the benchmark DroidBench, 1517 apps from Google Play store and 1022 apps from AndroZoo. The results show that the F-measure scores of FastDroid on DroidBench 2.0 and 3.0 are 0.89 and 0.75 respectively, the performance is better than the state-of-the-art tool FlowDroid. Further, a comparison on runtime with FlowDroid shows that FastDroid improves the efficiency significantly.

近年来，Android系统的敏感数据泄漏备受关注。提议的用于检测这些泄漏的传统设施（即污点分析）主要集中在结果的准确性和召回率上，很少涉及成本和效率的重要性。实际上，这些工具的高昂成本常常使它们无法分析大型应用程序，从而使它们在实践中无法广泛使用。在本文中，我们提出了FastDroid，这是一种具有流和上下文敏感性的Android应用程序中的污点分析的高效且精确的方法。首先，在多组污染规则上，进行了对流量不敏感的初步污染分析，以构造污染值图，该值是定义用来描述应用程序中污染传播过程的抽象。然后，从污染值图中提取潜在的污染流，并在控制流图上进一步检查以获取实际的污染流。FastDroid在基准DroidBench，Google Play商店的1517个应用程序和AndroZoo的1022个应用程序上进行了评估。结果表明，在DroidBench 2.0和3.0上FastDroid的F-measure分数分别为0.89和0.75，其性能优于最新的工具FlowDroid。此外，在运行时与FlowDroid的比较表明，FastDroid大大提高了效率。75的性能优于最先进的工具FlowDroid。此外，在运行时与FlowDroid的比较表明，FastDroid大大提高了效率。75的性能优于最先进的工具FlowDroid。此外，在运行时与FlowDroid的比较表明，FastDroid大大提高了效率。