research-article

ProfileDroid: multi-layer profiling of android applications

Authors:

Iulian Neamtiu,

Michalis FaloutsosAuthors Info & Claims

Mobicom '12: Proceedings of the 18th annual international conference on Mobile computing and networking

Pages 137 - 148

https://doi.org/10.1145/2348543.2348563

Published: 22 August 2012 Publication History

Abstract

The Android platform lacks tools for assessing and monitoring apps in a systematic way. This lack of tools is particularly problematic when combined with the open nature of Google Play, the main app distribution channel. As our key contribution, we design and implement ProfileDroid, a comprehensive, multi-layer system for monitoring and profiling apps. Our approach is arguably the first to profile apps at four layers: (a) static, or app specification, (b) user interaction, (c) operating system, and (d) network. We evaluate 27 free and paid Android apps and make several observations: (a) we identify discrepancies between the app specification and app execution, (b) free versions of apps could end up costing more than their paid counterparts, due to an order of magnitude increase in traffic, (c) most network traffic is not encrypted, (d) apps communicate with many more sources than users might expect---as many as 13, and (e) we find that 22 out of 27 apps communicate with Google during execution. ProfileDroid is the first step towards a systematic approach for (a) generating cost-effective but comprehensive app profiles, and (b) identifying inconsistencies and surprising behaviors.

References

[1]

Google Play. https://play.google.com/store, May 2012.

[2]

Androlib. Number of New Applications in Android Market by month, March 2012. http://www.androlib.com/appstats.aspx.

[3]

A.P. Felt, E. Ha, S. Egelman, A. Haney, E. Chin, and D. Wagner. Android Permissions: User Attention, Comprehension, and Behavior. In SOUPS, 2012.

Digital Library

[4]

A.P. Felt, H. Wang, A. Moshchuk, S. Hanna and E. Chin. Permission Re-Delegation: Attacks and Defenses. In USENIX Security Symposium, 2011.

Digital Library

[5]

A.P.Felt, E. Chin, S. Hanna, D. Song, and D. Wagner. Android Permissions Demystified. In ACM CCS, 2011.

Digital Library

[6]

B. Krishnamurthy and C. E. Willis. Privacy diffusion on the web: A longitudinal perspective. In WWW, 2009.

Digital Library

[7]

C. Labovitz, S. Iekel-Johnson, D. McPherson, J. Oberheide, and F. Jahanian. Internet inter-domain traffic. In ACM SIGCOMM, 2010.

Digital Library

[8]

C. Marforio, F. Aurelien, and S. Capkun. Application collusion attack on the permission-based security model and its implications for modern smartphone systems. In Technical Report 724, ETH Zurich, 2011.

[9]

C. Shepard, A. Rahmati, C. Tossell, L. Zhong, and P. Kortum. LiveLab: Measuring Wireless Networks and Smartphone Users in the Field. In HotMetrics, 2010.

Digital Library

[10]

D.C. Hoaglin, F. Mosteller and J. W. Tukey. Understanding robust and exploratory data analysis, 1983. Wiley.

[11]

E. Chin, A. P. Felt, K. Greenwood, and D. Wagner. Analyzing Inter-Application Communication in Android. In ACM MobiSys, 2011.

Digital Library

[12]

F. Qian, Z. Wang, A. Gerber, Z. Morley Mao, S. Sen, and O. Spatscheck. Profiling Resource Usage for Mobile apps: a Cross-layer Approach. In ACM MobiSys, 2011.

Digital Library

[13]

G. Maier, F. Schneider, and A. Feldmann. A First Look at Mobile Hand-held Device Traffic. In PAM, 2010.

Digital Library

[14]

H. Falaki, D. Lymberopoulos, R. Mahajan, S. Kandula, and D. Estrin. A First Look at Traffic on Smartphones. In ACM IMC, 2010.

Digital Library

[15]

H.Falaki, R.Mahajan, and D. Estrin. SystemSens: A Tool for Monitoring Usage in Smartphone Research Deployments. In ACM MobiArch, 2011.

Digital Library

[16]

H.Falaki, R.Mahajan, S. Kandula, D.Lymberopoulos, R.Govindan, and D.Estrin . Diversity in Smartphone Usage. In ACM MobiSys, 2010.

Digital Library

[17]

I. Burguera,U. Zurutuza, and S. Nadjm-Tehrani. Crowdroid: behavior-based malware detection system for Android. In SPSM, 2011.

Digital Library

[18]

IDC. Android- and iOS-Powered Smartphones Expand Their Share of the Market. http://www.idc.com/getdoc.jsp?containerId=prUS23503312, May 2012.

[19]

J. Huang, Q. Xu, B. Tiwana, Z. M. Mao, M. Zhang, and P. Bahl. Anatomizing app Performance Differences on Smartphones. In ACM MobiSys, 2010.

Digital Library

[20]

L. Xie, X. Zhang, J.-P. Seifert, and S. Zhu. pBMDS: A Behavior-based Malware Detection System for Cellphone Devices. In ACM WiSec, 2010.

Digital Library

[21]

L. Zhang, B. Tiwana, Z. Qian, Z. Wang, R. Dick, Z. M. Mao, and L. Yang. Accurate Online Power Estimation and Automatic Battery Behavior Based Power Model Generation for Smartphones. In CODES+ISSS, 2010.

Digital Library

[22]

M. Egele, C. Kruegel, E. Kirda, and G. Vigna. Detecting Privacy Leaks in iOS apps. In NDSS, 2011.

[23]

M. Grace, Y. Zhou, Z. Wang, and X. Jiang. Systematic Detection of Capability Leaks in Stock Android Smartphones . In NDSS, 2012.

[24]

M. Ongtang, S. McLaughlin, W. Enck and P. McDaniel. Semantically Rich Application-Centric Security in Android. In ACSAC, 2009.

Digital Library

[25]

P. Hornyack, S. Han, J. Jung, S. Schechter, and D. Wetherall. These aren't the Droids you're looking for: Retrofitting Android to protect data from imperious applications. In ACM CCS, 2011.

Digital Library

[26]

Q. Xu, J. Erman, A. Gerber, Z. Morley Mao, J. Pang, and S. Venkataraman. Identify Diverse Usage Behaviors of Smartphone Apps. In IMC, 2011.

Digital Library

[27]

R. Schlegel, K. Zhang, X. Zhou, M. Intwala, A. Kapadia, and X. Wang. Soundcomber: A Stealthy and Context-Aware Sound Trojan for Smartphones. In NDSS, 2011.

[28]

S. Bugiel, L. Davi, A. Dmitrienko, T. Fischer, A. Sadeghi, and B.Shastry. Towards Taming Privilege-Escalation Attacks on Android . In NDSS, 2012.

[29]

W. Enck, D. Octeau, P. McDaniel, and S. Chaudhuri. A Study of Android Application Security. In USENIX Security Symposium, 2011.

Digital Library

[30]

W. Enck, M. Ongtang and P. McDaniel. On Lightweight Mobile Phone Application Certification. In ACM CCS, 2009.

Digital Library

[31]

W. Enck, P. Gilbert, B. G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In OSDI, 2010.

Digital Library

[32]

Y. Zhou and X. Jiang. Dissecting Android Malware: Characterization and Evolution. In IEEE Sph&P, 2012.

Digital Library

[33]

Y. Zhou, Z. Wang, Wu Zhou and X. Jiang. Hey, You, Get off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets. In NDSS, 2012.

Cited By

Xu KCheng G(2024)F3l: an automated and secure function-level low-overhead labeled encrypted traffic dataset construction method for IM in AndroidCybersecurity10.1186/s42400-023-00185-67:1Online publication date: 1-Jan-2024
https://doi.org/10.1186/s42400-023-00185-6
Li BZhao QJiao SLiu XCosta XHassanieh HAsadi ACox LPerino DWidmer JGiustiniano D(2023)DroidPerf: Profiling Memory Objects on Android DevicesProceedings of the 29th Annual International Conference on Mobile Computing and Networking10.1145/3570361.3592503(1-15)Online publication date: 2-Oct-2023
https://dl.acm.org/doi/10.1145/3570361.3592503
Yang JZhang ZZhang HFan J(2022)Android malware detection method based on highly distinguishable static features and DenseNetPLOS ONE10.1371/journal.pone.027633217:11(e0276332)Online publication date: 23-Nov-2022
https://doi.org/10.1371/journal.pone.0276332
Show More Cited By

Index Terms

ProfileDroid: multi-layer profiling of android applications

Recommendations

Characterizing Smartphone Usage Patterns from Millions of Android Users
IMC '15: Proceedings of the 2015 Internet Measurement Conference

he prevalence of smart devices has promoted the popular- ity of mobile applications (a.k.a. apps) in recent years. A number of interesting and important questions remain unan- swered, such as why a user likes/dislikes an app, how an app becomes popular ...
Release practices for iOS and Android apps
WAMA 2019: Proceedings of the 3rd ACM SIGSOFT International Workshop on App Market Analytics

We conduct a preliminary study on the practices of releasing apps for the two major mobile platforms: iOS and Android. We select the most popular applications on the official stores, and we retrieve all the releases of such apps to understand how often ...
Finding resume and restart errors in Android applications
OOPSLA '16

Smartphone apps create and handle a large variety of ``instance'' data that has to persist across runs, such as the current navigation route, workout results, antivirus settings, or game state. Due to the nature of the smartphone platform, an app can ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

Mobicom '12: Proceedings of the 18th annual international conference on Mobile computing and networking

August 2012

484 pages

ISBN:9781450311595

DOI:10.1145/2348543

General Chairs:
Özgür B. Akan
Koç University, Turkey
,
Eylem Ekici
The Ohio State University, USA
,
Program Chairs:
Lili Qiu
University of Texas at Austin, USA
,
Alex C. Snoeren
University of California, San Diego, USA

Copyright © 2012 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 August 2012

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

Mobicom'12

Sponsor:

SIGMOBILE

Mobicom'12: The 18th Annual International Conference on Mobile Computing and Networking

August 22 - 26, 2012

Istanbul, Turkey

Acceptance Rates

Overall Acceptance Rate 440 of 2,972 submissions, 15%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

134
Total Citations
View Citations
2,205
Total Downloads

Downloads (Last 12 months)53
Downloads (Last 6 weeks)5

Reflects downloads up to 23 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Xu KCheng G(2024)F3l: an automated and secure function-level low-overhead labeled encrypted traffic dataset construction method for IM in AndroidCybersecurity10.1186/s42400-023-00185-67:1Online publication date: 1-Jan-2024
https://doi.org/10.1186/s42400-023-00185-6
Li BZhao QJiao SLiu XCosta XHassanieh HAsadi ACox LPerino DWidmer JGiustiniano D(2023)DroidPerf: Profiling Memory Objects on Android DevicesProceedings of the 29th Annual International Conference on Mobile Computing and Networking10.1145/3570361.3592503(1-15)Online publication date: 2-Oct-2023
https://dl.acm.org/doi/10.1145/3570361.3592503
Yang JZhang ZZhang HFan J(2022)Android malware detection method based on highly distinguishable static features and DenseNetPLOS ONE10.1371/journal.pone.027633217:11(e0276332)Online publication date: 23-Nov-2022
https://doi.org/10.1371/journal.pone.0276332
Xue LZhou HLuo XYu LWu DZhou YMa X(2022)PackerGrind: An Adaptive Unpacking System for Android AppsIEEE Transactions on Software Engineering10.1109/TSE.2020.299643348:2(551-570)Online publication date: 1-Feb-2022
https://doi.org/10.1109/TSE.2020.2996433
Chandok AVerma AGupta R(2022)Dro-Mal Detector: A Novel Method of Android Malware Detection2022 3rd International Conference for Emerging Technology (INCET)10.1109/INCET54531.2022.9824877(1-9)Online publication date: 27-May-2022
https://doi.org/10.1109/INCET54531.2022.9824877
Lei ZZhao WDing ZXia MQi Z(2022)AppSPIN: reconfiguration-based responsiveness testing and diagnosing for Android AppsAutomated Software Engineering10.1007/s10515-022-00347-929:2Online publication date: 1-Nov-2022
https://dl.acm.org/doi/10.1007/s10515-022-00347-9
Gazzola LGoldstein MMariani LMobilio MSegall ITundo AUssi L(2022) ExVivoMicroTest : ExVivo Testing of Microservices Journal of Software: Evolution and Process10.1002/smr.245235:4Online publication date: 12-Apr-2022
https://doi.org/10.1002/smr.2452
Papadogiannaki EIoannidis S(2021)A Survey on Encrypted Network Traffic Analysis Applications, Techniques, and CountermeasuresACM Computing Surveys10.1145/345790454:6(1-35)Online publication date: 13-Jul-2021
https://dl.acm.org/doi/10.1145/3457904
Cai HRyder B(2021)A Longitudinal Study of Application Structure and Behaviors in AndroidIEEE Transactions on Software Engineering10.1109/TSE.2020.297517647:12(2934-2955)Online publication date: 1-Dec-2021
https://doi.org/10.1109/TSE.2020.2975176
Shamsujjoha MGrundy JLi LKhalajzadeh HLu Q(2021)Checking App Behavior Against App Descriptions: What If There are No App Descriptions?2021 IEEE/ACM 29th International Conference on Program Comprehension (ICPC)10.1109/ICPC52881.2021.00050(422-432)Online publication date: May-2021
https://doi.org/10.1109/ICPC52881.2021.00050
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents