Understanding the Purpose of Permission Use in Mobile Apps

Mobile apps frequently request access to sensitive data, such as location and contacts. Understanding the purpose of why sensitive data is accessed could help improve privacy as well as enable new kinds of access control. In this article, we propose a text mining based method to infer the purpose of sensitive data access by Android apps. The key idea we propose is to extract multiple features from app code and then use those features to train a machine learning classifier for purpose inference. We present the design, implementation, and evaluation of two complementary approaches to infer the purpose of permission use, first using purely static analysis, and then using primarily dynamic analysis. We also discuss the pros and cons of both approaches and the trade-offs involved.

[1]  Haoyu Wang,et al.  Using text mining to infer the purpose of permission use in mobile apps , 2015, UbiComp.

[2]  Xinwen Zhang,et al.  Apex: extending Android permission model and enforcement with user-defined runtime constraints , 2010, ASIACCS '10.

[3]  Yvonne Rogers,et al.  From spaces to places: emerging contexts in mobile privacy , 2009, UbiComp.

[4]  Hao Chen,et al.  I-ARM-Droid : A Rewriting Framework for In-App Reference Monitors for Android Applications , 2012 .

[5]  Norman M. Sadeh,et al.  Modeling Users' Mobile App Privacy Preferences: Restoring Usability in a Sea of Permission Settings , 2014, SOUPS.

[6]  Johannes Köstler,et al.  Kynoid: Real-time enforcement of fine-grained, user-defined, and data-centric security policies for Android , 2013, Inf. Secur. Tech. Rep..

[7]  Norman M. Sadeh,et al.  Expectation and purpose: understanding users' mental models of mobile app privacy through crowdsourcing , 2012, UbiComp.

[8]  Julian Dolby,et al.  Scalable and precise taint analysis for Android , 2015, ISSTA.

[9]  Tadayoshi Kohno,et al.  Securing Embedded User Interfaces: Android and Beyond , 2013, USENIX Security Symposium.

[10]  Haoyu Wang,et al.  LibRadar: Fast and Accurate Detection of Third-Party Libraries in Android Apps , 2016, 2016 IEEE/ACM 38th International Conference on Software Engineering Companion (ICSE-C).

[11]  Jeff H. Perkins,et al.  Information Flow Analysis of Android Applications in DroidSafe , 2015, NDSS.

[12]  Alastair R. Beresford,et al.  MockDroid: trading privacy for application functionality on smartphones , 2011, HotMobile '11.

[13]  Irina Shklovski,et al.  Leakiness and creepiness in app space: perceptions of privacy and mobile app use , 2014, CHI.

[14]  Ahmad-Reza Sadeghi,et al.  ASM: A Programmable Interface for Extending Android Security , 2014, USENIX Security Symposium.

[15]  Swarat Chaudhuri,et al.  A Study of Android Application Security , 2011, USENIX Security Symposium.

[16]  Matthew Smith,et al.  Using personal examples to improve risk communication for security & privacy decisions , 2014, CHI.

[17]  Lorrie Faith Cranor,et al.  Privacy as part of the app decision-making process , 2013, CHI.

[18]  Seungyeop Han,et al.  These aren't the droids you're looking for: retrofitting android to protect data from imperious applications , 2011, CCS '11.

[19]  David A. Wagner,et al.  Android permissions: user attention, comprehension, and behavior , 2012, SOUPS.

[20]  Seungyeop Han,et al.  Short paper: enhancing mobile application permissions with runtime feedback and constraints , 2012, SPSM '12.

[21]  Mitsuaki Akiyama,et al.  Understanding the Inconsistencies between Text Descriptions and the Use of Privacy-sensitive Resources of Mobile Apps , 2015, SOUPS.

[22]  Jason I. Hong,et al.  Mobile Application Evaluation Using Automation and Crowdsourcing , 2013 .

[23]  Gaël Varoquaux,et al.  Scikit-learn: Machine Learning in Python , 2011, J. Mach. Learn. Res..

[24]  Mario Linares Vásquez,et al.  Revisiting Android reuse studies in the context of code obfuscation and library usages , 2014, MSR 2014.

[25]  Tao Xie,et al.  WHYPER: Towards Automating Risk Assessment of Mobile Applications , 2013, USENIX Security Symposium.

[26]  Patrick D. McDaniel,et al.  On lightweight mobile phone application certification , 2009, CCS.

[27]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[28]  Ziming Zhao,et al.  RiskMon: continuous and automated risk assessment of mobile applications , 2014, CODASPY '14.

[29]  Tao Xie,et al.  AppContext: Differentiating Malicious and Benign Mobile App Behaviors Using Context , 2015, 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering.

[30]  Haoyu Wang,et al.  An Explorative Study of the Mobile App Ecosystem from App Developers' Perspective , 2017, WWW.

[31]  Michael Backes,et al.  AppGuard - Enforcing User Requirements on Android Apps , 2013, TACAS.

[32]  Hao Chen,et al.  Investigating User Privacy in Android Ad Libraries , 2012 .

[33]  Yajin Zhou,et al.  Taming Information-Stealing Smartphone Applications (on Android) , 2011, TRUST.

[34]  Jiayu Wang,et al.  ASPG: Generating Android Semantic Permissions , 2014, 2014 IEEE 17th International Conference on Computational Science and Engineering.

[35]  Lorrie Faith Cranor,et al.  Empirical models of privacy in location sharing , 2010, UbiComp.

[36]  Yuan Zhang,et al.  AppIntent: analyzing sensitive data transmission in android for privacy leakage detection , 2013, CCS.

[37]  Jacques Klein,et al.  FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps , 2014, PLDI.

[38]  Ahmad-Reza Sadeghi,et al.  Flexible and Fine-grained Mandatory Access Control on Android for Diverse Security and Privacy Policies , 2013, USENIX Security Symposium.

[39]  Mukul R. Prasad,et al.  Automated testing with targeted event sequence generation , 2013, ISSTA.

[40]  Byung-Gon Chun,et al.  Vision: automated security validation of mobile apps at app markets , 2011, MCS '11.

[41]  Lorrie Faith Cranor,et al.  "Little brothers watching you": raising awareness of data leaks on smartphones , 2013, SOUPS.

[42]  David A. Wagner,et al.  Choice Architecture and Smartphone Privacy: There's a Price for That , 2012, WEIS.

[43]  Chih-Jen Lin,et al.  LIBSVM: A library for support vector machines , 2011, TIST.

[44]  Zhong Chen,et al.  AutoCog: Measuring the Description-to-permission Fidelity in Android Applications , 2014, CCS.

[45]  Malcolm Hall,et al.  ProtectMyPrivacy: detecting and mitigating privacy leaks on iOS devices using crowdsourcing , 2013, MobiSys '13.

[46]  Vyas Sekar,et al.  Measuring user confidence in smartphone security and privacy , 2012, SOUPS.

[47]  Iulian Neamtiu,et al.  Automating GUI testing for Android applications , 2011, AST '11.

[48]  Hao Chen,et al.  RetroSkeleton: retrofitting android apps , 2013, MobiSys '13.

[49]  Ilaria Liccardi,et al.  Privacy Tipping Points in Smartphones Privacy Preferences , 2015, CHI.

[50]  Roksana Boreli,et al.  On the effectiveness of dynamic taint analysis for protecting against private information leaks on Android-based devices , 2013, 2013 International Conference on Security and Cryptography (SECRYPT).

[51]  Julia Rubin,et al.  A Bayesian Approach to Privacy Enforcement in Smartphones , 2014, USENIX Security Symposium.

[52]  Michael K. Reiter,et al.  Crowdsourced Exploration of Security Configurations , 2015, CHI.

[53]  Michael Backes,et al.  Android security framework: extensible multi-layered access control on Android , 2014, ACSAC '14.

[54]  Lorrie Faith Cranor,et al.  Your Location has been Shared 5,398 Times!: A Field Study on Mobile App Privacy Nudging , 2015, CHI.

[55]  Patrick D. McDaniel,et al.  Semantically Rich Application-Centric Security in Android , 2009, 2009 Annual Computer Security Applications Conference.

[56]  Zhen Huang,et al.  PScout: analyzing the Android permission specification , 2012, CCS.

[57]  Pedro F. Miret,et al.  Wikipedia , 2008, Monatsschrift für Deutsches Recht.

[58]  Haoyu Wang,et al.  WuKong: a scalable and accurate two-phase approach to Android app clone detection , 2015, ISSTA.

[59]  Ross J. Anderson,et al.  Aurasium: Practical Policy Enforcement for Android Applications , 2012, USENIX Security Symposium.

[60]  Petar Tsankov,et al.  Statistical Deobfuscation of Android Applications , 2016, CCS.

[61]  Yang Tang,et al.  CleanOS: Limiting Mobile Data Exposure with Idle Eviction , 2012, OSDI.

[62]  Haoyu Wang,et al.  Reevaluating Android Permission Gaps with Static and Dynamic Analysis , 2014, 2015 IEEE Global Communications Conference (GLOBECOM).

[63]  Alessandra Gorla,et al.  Checking app behavior against app descriptions , 2014, ICSE.

[64]  David A. Wagner,et al.  AdDroid: privilege separation for applications and advertisers in Android , 2012, ASIACCS '12.

[65]  Shashi Shekhar,et al.  AdSplit: Separating Smartphone Advertising from Applications , 2012, USENIX Security Symposium.

[66]  Hongxia Jin,et al.  Efficient Privilege De-Escalation for Ad Libraries in Mobile Apps , 2015, MobiSys.