ProfileDroid: multi-layer profiling of android applications

The Android platform lacks tools for assessing and monitoring apps in a systematic way. This lack of tools is particularly problematic when combined with the open nature of Google Play, the main app distribution channel. As our key contribution, we design and implement ProfileDroid, a comprehensive, multi-layer system for monitoring and profiling apps. Our approach is arguably the first to profile apps at four layers: (a) static, or app specification, (b) user interaction, (c) operating system, and (d) network. We evaluate 27 free and paid Android apps and make several observations: (a) we identify discrepancies between the app specification and app execution, (b) free versions of apps could end up costing more than their paid counterparts, due to an order of magnitude increase in traffic, (c) most network traffic is not encrypted, (d) apps communicate with many more sources than users might expect---as many as 13, and (e) we find that 22 out of 27 apps communicate with Google during execution. ProfileDroid is the first step towards a systematic approach for (a) generating cost-effective but comprehensive app profiles, and (b) identifying inconsistencies and surprising behaviors.

[1]  Clayton Shepard,et al.  LiveLab: measuring wireless networks and smartphone users in the field , 2011, SIGMETRICS Perform. Evaluation Rev..

[2]  Farnam Jahanian,et al.  Internet inter-domain traffic , 2010, SIGCOMM '10.

[3]  Yajin Zhou,et al.  Dissecting Android Malware: Characterization and Evolution , 2012, 2012 IEEE Symposium on Security and Privacy.

[4]  Deborah Estrin,et al.  Diversity in smartphone usage , 2010, MobiSys '10.

[5]  Yajin Zhou,et al.  Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets , 2012, NDSS.

[6]  Jean-Pierre Seifert,et al.  pBMDS: a behavior-based malware detection system for cellphone devices , 2010, WiSec '10.

[7]  Anja Feldmann,et al.  A First Look at Mobile Hand-Held Device Traffic , 2010, PAM.

[8]  Seungyeop Han,et al.  These aren't the droids you're looking for: retrofitting android to protect data from imperious applications , 2011, CCS '11.

[9]  Lei Yang,et al.  Accurate online power estimation and automatic battery behavior based power model generation for smartphones , 2010, 2010 IEEE/ACM/IFIP International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS).

[10]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[11]  Patrick D. McDaniel,et al.  On lightweight mobile phone application certification , 2009, CCS.

[12]  Paramvir Bahl,et al.  Anatomizing application performance differences on smartphones , 2010, MobiSys '10.

[13]  Patrick D. McDaniel,et al.  Semantically rich application-centric security in Android , 2012 .

[14]  Frederick Mosteller,et al.  Understanding robust and exploratory data analysis , 1983 .

[15]  F. Mosteller,et al.  Understanding robust and exploratory data analysis , 1985 .

[16]  Michael Stuart,et al.  Understanding Robust and Exploratory Data Analysis , 1984 .

[17]  Simin Nadjm-Tehrani,et al.  Crowdroid: behavior-based malware detection system for Android , 2011, SPSM '11.

[18]  Feng Qian,et al.  Profiling resource usage for mobile applications: a cross-layer approach , 2011, MobiSys '11.

[19]  Swarat Chaudhuri,et al.  A Study of Android Application Security , 2011, USENIX Security Symposium.

[20]  Qiang Xu,et al.  Identifying diverse usage behaviors of smartphone apps , 2011, IMC '11.

[21]  Balachander Krishnamurthy,et al.  WWW 2009 MADRID! Track: Security and Privacy / Session: Web Privacy Privacy Diffusion on the Web: A Longitudinal Perspective , 2022 .

[22]  Deborah Estrin,et al.  SystemSens: a tool for monitoring usage in smartphone research deployments , 2011, MobiArch '11.

[23]  David A. Wagner,et al.  Analyzing inter-application communication in Android , 2011, MobiSys '11.

[24]  Apu Kapadia,et al.  Soundcomber: A Stealthy and Context-Aware Sound Trojan for Smartphones , 2011, NDSS.

[25]  Ahmad-Reza Sadeghi,et al.  Towards Taming Privilege-Escalation Attacks on Android , 2012, NDSS.

[26]  Steve Hanna,et al.  Android permissions demystified , 2011, CCS '11.

[27]  David A. Wagner,et al.  Android permissions: user attention, comprehension, and behavior , 2012, SOUPS.

[28]  Yajin Zhou,et al.  Systematic Detection of Capability Leaks in Stock Android Smartphones , 2012, NDSS.

[29]  Deborah Estrin,et al.  A first look at traffic on smartphones , 2010, IMC '10.

[30]  Srdjan Capkun,et al.  Application Collusion Attack on the Permission-Based Security Model and its Implications for Modern Smartphone Systems , 2010 .

[31]  Helen J. Wang,et al.  Permission Re-Delegation: Attacks and Defenses , 2011, USENIX Security Symposium.