Researcher: Jason Hong
Cross Cutting Thrusts: Usable Privacy and Security
Gort is a tool for analyzing the privacy and security behaviors of smartphone apps. Gort works by applying a series of heuristics to smartphone apps, looking for odd behaviors that might indicate problems. Examples include an app that only calls one phone number, or an app that doesn't use SSL when passwords are sent out. Gort then lets an analyst visualize where an app fails these heuristics, and see other info such as what servers it is connecting to and what data is being sent. This approach lets an analyst make judgment calls as to acceptable or unacceptable behaviors.
Outcomes: Tool that can be run locally to analyze Android smartphone apps.