research-article

These aren't the droids you're looking for: retrofitting android to protect data from imperious applications

Authors:

Peter Hornyack,

Stuart Schechter,

David WetherallAuthors Info & Claims

CCS '11: Proceedings of the 18th ACM conference on Computer and communications security

Pages 639 - 652

https://doi.org/10.1145/2046707.2046780

Published: 17 October 2011 Publication History

Abstract

We examine two privacy controls for Android smartphones that empower users to run permission-hungry applications while protecting private data from being exfiltrated: (1) covertly substituting shadow data in place of data that the user wants to keep private, and (2) blocking network transmissions that contain data the user made available to the application for on-device use only. We retrofit the Android operating system to implement these two controls for use with unmodified applications. A key challenge of imposing shadowing and exfiltration blocking on existing applications is that these controls could cause side effects that interfere with user-desired functionality. To measure the impact of side effects, we develop an automated testing methodology that records screenshots of application executions both with and without privacy controls, then automatically highlights the visual differences between the different executions. We evaluate our privacy controls on 50 applications from the Android Market, selected from those that were both popular and permission-hungry. We find that our privacy controls can successfully reduce the effective permissions of the application without causing side effects for 66% of the tested applications. The remaining 34% of applications implemented user-desired functionality that required violating the privacy requirements our controls were designed to enforce; there was an unavoidable choice between privacy and user-desired functionality.

References

[1]

android-apktool: Tool for reengineering Android apk files. http://code.google.com/p/android-apktool/.

[2]

Privacy Blocker. http://privacytools.xeudoxus.com/.

[3]

S. T. Amir Efrati and D. Searcey. Mobile-app makers face U.S. privacy investigation. http://online.wsj.com/article/SB100014240527487038063045762429238047709%68.html, Apr. 5, 2011.

[4]

Apple Inc. iPhone and iPod touch: Understanding location services. http://support.apple.com/kb/HT1975, Oct. 22, 2010.

[5]

A. R. Beresford, A. Rice, N. Skehin, and R. Sohan. MockDroid: Trading privacy for application functionality on smartphones. In Proceedings of the 12th Workshop on Mobile Computing Systems and Applications (HotMobile), 2011.

Digital Library

[6]

J. Chow, B. Pfaff, T. Garfinkel, K. Christopher, and M. Rosenblum. Understanding data lifetime via whole system simulation. In USENIX Security Symposium, 2004.

Digital Library

[7]

M. Egele, C. Kruegel, E. Kirda, and G. Vigna. PiOS: Detecting privacy leaks in iOS applications. In NDSS, 2011.

[8]

W. Enck, P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In OSDI, 2010.

Digital Library

[9]

W. Enck, M. Ongtang, and P. McDaniel. On lightweight mobile phone application certification. In CCS, 2009.

Digital Library

[10]

A. Felt and D. Evans. Privacy protection for social networking APIs. In Proceedings of Web 2.0 Security And Privacy (W2SP), 2008.

[11]

Google Inc. Android developers: Content providers. http://developer.android.com/guide/topics/providers/content-providers.h%tml.

[12]

Google Inc. Android developers: Security and permissions. http://developer.android.com/guide/topics/security/security.html.

[13]

Google Inc. Android developers: Using aapt. http://developer.android.com/guide/developing/tools/aapt.html.

[14]

Google Inc. Android developers: Platform versions. http://developer.android.com/resources/dashboard/platform-versions.html%, Aug. 2011.

[15]

A. Jääskeläinen. Design, Implementation and Use of a Test Model Library for GUI Testing of Smartphone Applications. Doctoral dissertation, Tampere University of Technology, Tampere, Finland, Jan. 2011.

[16]

J. Newsome, S. McCamant, and D. Song. Measuring channel capacity to distinguish undue influence. In Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security, June 15, 2009.

Digital Library

[17]

N. Provos. A virtual honeypot framework. In USENIX Security Symposium, 2004.

Digital Library

[18]

E. Smith. iPhone applications & privacy issues: An analysis of application transmission of iPhone unique device identifiers (UDIDs). In Technical Report, 2010.

[19]

L. Spitzner. Honeypots: Tracking Hackers. Addison-Wesley, Boston, MA, Sept. 10, 2002.

Digital Library

[20]

Tampere University of Technology. Introduction: Model-based testing and glossary. http://tema.cs.tut.fi/intro.html.

[21]

The Honeynet Project. Know Your Enemy: Revealing the Security Tools, Tactics, and Motives of the Blackhat Community. Addison-Wesley, 2001.

[22]

S. Thurm and Y. I. Kane. The Journal's cellphone testing methodology. The Wall Street Journal. Dec. 18, 2010. http://online.wsj.com/article/SB1000142405274870403480457%6025951767626460.html.

[23]

S. Thurm and Y. I. Kane. Your apps are watching you. The Wall Street Journal. Dec. 18, 2010. online.wsj.com/article/SB10001424052748704694004576020083%703574602.html.

[24]

N. Vachharajani, M. J. Bridges, J. Chang, R. Rangan, G. Ottoni, J. A. Blome, G. A. Reis, M. Vachharajani, and D. I. August. RIFLE: An architectural framework for user-centric information-flow security. In MICRO, 2004.

Digital Library

[25]

X. Wang, Z. Li, N. Li, and J. Y. Choi. PRECIP: Practical and retrofittable confidential information protection. In NDSS, Feb. 2008.

[26]

H. Yin, D. Song, M. Egele, C. Kruegel, and E. Kirda. Panorama: capturing system-wide information flow for malware detection and analysis. In CCS, 2007.

Digital Library

[27]

Y. Zhou, X. Zhang, X. Jiang, and V. Freeh. Taming information-stealing smartphone applications (on Android). In International Conference on Trust and Trustworthy Computing (TRUST), 2011.

Digital Library

Cited By

Hu YKuang WZhe JLi WLi KZhang JHu Q(2024)SIAT: A systematic inter-component communication real-time analysis technique for detecting data leak threats on AndroidJournal of Computer Security10.3233/JCS-22004432:3(291-317)Online publication date: 17-Jun-2024
https://doi.org/10.3233/JCS-220044
Wang BHe JDu YTang MXu X(2024)A Privacy Leak Detection Mechanism based on Service Binding2024 10th International Symposium on System Security, Safety, and Reliability (ISSSR)10.1109/ISSSR61934.2024.00018(92-103)Online publication date: 16-Mar-2024
https://doi.org/10.1109/ISSSR61934.2024.00018
Tu TZhang HGong BDu DWen Q(2024)Intelligent analysis of android application privacy policy and permission consistencyArtificial Intelligence Review10.1007/s10462-024-10798-z57:7Online publication date: 13-Jun-2024
https://doi.org/10.1007/s10462-024-10798-z
Show More Cited By

Index Terms

These aren't the droids you're looking for: retrofitting android to protect data from imperious applications
1. Security and privacy
  1. Human and societal aspects of security and privacy
  2. Systems security
    1. Operating systems security
2. Social and professional topics
  1. Computing / technology policy
    1. Privacy policies

Recommendations

Dazed Droids: A Longitudinal Study of Android Inter-App Vulnerabilities
ASIACCS '18: Proceedings of the 2018 on Asia Conference on Computer and Communications Security

Android devices are an integral part of modern life from phone to media boxes to smart home appliances and cameras. With 38.9% of market share, Android is now the most used operating system not just in terms of mobile devices but considering all OSes. ...
SemaDroid: A Privacy-Aware Sensor Management Framework for Smartphones
CODASPY '15: Proceedings of the 5th ACM Conference on Data and Application Security and Privacy

While mobile sensing applications are booming, the sensor management mechanisms in current smartphone operating systems are left behind -- they are incomprehensive and coarse-grained, exposing a huge attack surface for malicious or aggressive third ...
Developing mobile apps using cross-platform frameworks: a case study
HCI'13: Proceedings of the 15th international conference on Human-Computer Interaction: human-centred design approaches, methods, tools, and environments - Volume Part I

In last few years, a huge variety of frameworks for the mobile cross-platform development have been released to deliver quick and overall better solutions. Most of them are based on different approaches and technologies; therefore, relying on only one ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '11: Proceedings of the 18th ACM conference on Computer and communications security

October 2011

742 pages

ISBN:9781450309486

DOI:10.1145/2046707

General Chair:
Yan Chen
Northwestern University, USA
,
Program Chairs:
George Danezis
Microsoft Research Cambridge, UK
,
Vitaly Shmatikov
University of Texas at Austin, USA

Copyright © 2011 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 October 2011

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS'11

Sponsor:

SIGSAC

CCS'11: the ACM Conference on Computer and Communications Security

October 17 - 21, 2011

Illinois, Chicago, USA

Acceptance Rates

CCS '11 Paper Acceptance Rate 60 of 429 submissions, 14%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

372
Total Citations
View Citations
1,962
Total Downloads

Downloads (Last 12 months)56
Downloads (Last 6 weeks)2

Reflects downloads up to

Other Metrics

View Author Metrics

Citations

Cited By

Hu YKuang WZhe JLi WLi KZhang JHu Q(2024)SIAT: A systematic inter-component communication real-time analysis technique for detecting data leak threats on AndroidJournal of Computer Security10.3233/JCS-22004432:3(291-317)Online publication date: 17-Jun-2024
https://doi.org/10.3233/JCS-220044
Wang BHe JDu YTang MXu X(2024)A Privacy Leak Detection Mechanism based on Service Binding2024 10th International Symposium on System Security, Safety, and Reliability (ISSSR)10.1109/ISSSR61934.2024.00018(92-103)Online publication date: 16-Mar-2024
https://doi.org/10.1109/ISSSR61934.2024.00018
Tu TZhang HGong BDu DWen Q(2024)Intelligent analysis of android application privacy policy and permission consistencyArtificial Intelligence Review10.1007/s10462-024-10798-z57:7Online publication date: 13-Jun-2024
https://doi.org/10.1007/s10462-024-10798-z
Graux PLalande JViet Triem Tong VWilke P(2023)OATs’inside: Retrieving Object Behaviors From Native-based Obfuscated Android ApplicationsDigital Threats: Research and Practice10.1145/35849754:2(1-27)Online publication date: 10-Aug-2023
https://dl.acm.org/doi/10.1145/3584975
Lu HZhao QChen YLiao XLin Z(2023)Detecting and Measuring Aggressive Location Harvesting in Mobile Apps via Data-flow Path EmbeddingProceedings of the ACM on Measurement and Analysis of Computing Systems10.1145/35794477:1(1-27)Online publication date: 2-Mar-2023
https://dl.acm.org/doi/10.1145/3579447
Kalantari SPhilippaerts PDimova YHughes DJoosen WDe Decker B(2023)A User-Centric Approach to API DelegationsComputer Security – ESORICS 202310.1007/978-3-031-51476-0_16(318-337)Online publication date: 25-Sep-2023
https://dl.acm.org/doi/10.1007/978-3-031-51476-0_16
Inshi SElarbi MChowdhury ROuld-Slimane HTalhi C(2022)CAPEF: Context-Aware Policy Enforcement Framework for Android ApplicationsJournal of Engineering Research and Sciences10.55708/js02010022:1(13-23)Online publication date: Jan-2022
https://doi.org/10.55708/js0201002
Liu FWu FSun RFan WLiu YLu HLiu F(2022)A Privacy Protection Approach Based on Android Application's Runtime Behavior Monitor and ControlInternational Journal of Digital Crime and Forensics10.4018/IJDCF.201807010810:3(1-19)Online publication date: 8-Jul-2022
https://dl.acm.org/doi/10.4018/IJDCF.2018070108
Salles-Loustau GSadhu VGarcia LJoshi KPompili DZonouz S(2022)Don't Just BYOD, Bring-Your-Own-App Too! Protection via Virtual Micro Security PerimetersIEEE Transactions on Mobile Computing10.1109/TMC.2020.300085221:1(76-92)Online publication date: 1-Jan-2022
https://doi.org/10.1109/TMC.2020.3000852
Filipczuk DBaarslag TGerding Eschraefel m(2022)Automated privacy negotiations with preference uncertaintyAutonomous Agents and Multi-Agent Systems10.1007/s10458-022-09579-136:2Online publication date: 1-Oct-2022
https://dl.acm.org/doi/10.1007/s10458-022-09579-1
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents