Discovering and understanding android sensor usage behaviors with data flow analysis

Today’s Android-powered smartphones have various embedded sensors that measure the acceleration, orientation, light and other environmental conditions. Many functions in the third-party applications (apps) need to use these sensors. However, embedded sensors may lead to security issues, as the third-party apps can read data from these sensors without claiming any permissions. It has been proven that embedded sensors can be exploited by well designed malicious apps, resulting in leaking users’ privacy. In this work, we are motivated to provide an overview of sensor usage patterns in current apps by investigating what, why and how embedded sensors are used in the apps collected from both a Chinese app. market called “AppChina” and the official market called “Google Play”. To fulfill this goal, We develop a tool called “SDFDroid” to identify the used sensors’ types and to generate the sensor data propagation graphs in each app. We then cluster the apps to find out their sensor usage patterns based on their sensor data propagation graphs. We apply our method on 22,010 apps collected from AppChina and 7,601 apps from Google Play. Extensive experiments are conducted and the experimental results show that most apps implement their sensor related functions by using the third-party libraries. We further study the sensor usage behaviors in the third-party libraries. Our results show that the accelerometer is the most frequently used sensor. Though many third-party libraries use no more than four types of sensors, there are still some third-party libraries registering all the types of sensors recklessly. These results call for more attentions on better regulating the sensor usage in Android apps.

[1]  Romit Roy Choudhury,et al.  Tapprints: your finger taps have fingerprints , 2012, MobiSys '12.

[2]  Jacques Klein,et al.  FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps , 2014, PLDI.

[3]  Xing Wang,et al.  Anomadroid: Profiling Android Applications' Behaviors for Identifying Unknown Malapps , 2016, 2016 IEEE Trustcom/BigDataSE/ISPA.

[4]  Hisashi Kashima,et al.  A Linear-Time Graph Kernel , 2009, 2009 Ninth IEEE International Conference on Data Mining.

[5]  Lujo Bauer,et al.  Android taint flow analysis for app sets , 2014, SOAP '14.

[6]  Deron Liang,et al.  A New Non-Intrusive Authentication Method Based on the Orientation Sensor for Smartphone Users , 2012, 2012 IEEE Sixth International Conference on Software Security and Reliability.

[7]  Hao Chen,et al.  TouchLogger: Inferring Keystrokes on Touch Screen from Smartphone Motion , 2011, HotSec.

[8]  Xiao Wang,et al.  SenSec: Mobile security through passive sensing , 2013, 2013 International Conference on Computing, Networking and Communications (ICNC).

[9]  Konrad Rieck,et al.  Structural detection of android malware using embedded call graphs , 2013, AISec.

[10]  Jacques Klein,et al.  Effective inter-component communication mapping in Android with Epicc: an essential step towards holistic security analysis , 2013 .

[11]  Sankardas Roy,et al.  Amandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps , 2014, CCS.

[12]  Peng Liu,et al.  Achieving accuracy and scalability simultaneously in detecting application clones on Android markets , 2014, ICSE.

[13]  Mu Zhang,et al.  Semantics-Aware Android Malware Classification Using Weighted Contextual API Dependency Graphs , 2014, CCS.

[14]  Jiqiang Liu,et al.  Exploring sensor usage behaviors of Android applications based on data flow analysis , 2015, 2015 IEEE 34th International Performance Computing and Communications Conference (IPCCC).

[15]  Zhi Xu,et al.  TapLogger: inferring user inputs on smartphone touchscreens using on-board motion sensors , 2012, WISEC '12.

[16]  Raphael Spreitzer,et al.  PIN Skimming: Exploiting the Ambient-Light Sensor in Mobile Devices , 2014, SPSM@CCS.

[17]  Thorsten Holz,et al.  Slicing droids: program slicing for smali code , 2013, SAC '13.

[18]  Anthony K. H. Tung,et al.  Comparing Stars: On Approximating Graph Edit Distance , 2009, Proc. VLDB Endow..

[19]  Ruby B. Lee,et al.  Multi-sensor authentication to improve smartphone security , 2015, 2015 International Conference on Information Systems Security and Privacy (ICISSP).

[20]  Xiangliang Zhang,et al.  Exploring Permission-Induced Risk in Android Applications for Malicious Application Detection , 2014, IEEE Transactions on Information Forensics and Security.

[21]  Adam J. Aviv,et al.  Practicality of accelerometer side channels on smartphones , 2012, ACSAC '12.

[22]  Xiaochun Liu Light sources tracking based on illumination singular transformation , 2015, 2015 IEEE International Conference on Computer and Communications (ICCC).

[23]  Ruby B. Lee,et al.  Implicit Authentication for Smartphone Security , 2015, ICISSP.

[24]  Xuxian Jiang,et al.  Profiling user-trigger dependence for Android malware detection , 2015, Comput. Secur..

[25]  Hans-Peter Kriegel,et al.  A Density-Based Algorithm for Discovering Clusters in Large Spatial Databases with Noise , 1996, KDD.

[26]  Jun Han,et al.  ACCessory: password inference using accelerometers on smartphones , 2012, HotMobile '12.

[27]  Jacques Klein,et al.  IccTA: Detecting Inter-Component Privacy Leaks in Android Apps , 2015, 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering.

[28]  Peng Wang,et al.  Finding Unknown Malice in 10 Seconds: Mass Vetting for New Threats at the Google-Play Scale , 2015, USENIX Security Symposium.

[29]  Sencun Zhu,et al.  Alde: Privacy Risk Analysis of Analytics Libraries in the Android Ecosystem , 2016, SecureComm.

[30]  Sencun Zhu,et al.  ViewDroid: towards obfuscation-resilient mobile application repackaging detection , 2014, WiSec '14.