Hongliang Liang,Dongyang Wu,Yan Song,Daijie Zhang,Lingqing Xia

DOI: https://doi.org/10.1109/iiki.2015.34

2015-01-01

Abstract:With more and more Android apps appearing, personalization functions have been the focus of the apps' competition. However, the current implementations of personalization mainly rely on gathering and analyzing users' sensitive information, which may not only break the good ecological environment but also threaten users' privacy security. To address the issue, this paper proposes an architecture, called PAPDroid, which can support applications' personalization functions in Android according to users' personae and uses the concept of profile to prevent sensitive information from being stolen. Furthermore, we provide a privacy protection service for legacy apps which can enforce different protection policies according to the risk level of apps. All of these cooperate to provide personalization awareness privacy protection in Android. Experiments show that our system is feasible and effective.

Yajin Zhou,Xinwen Zhang,Xuxian Jiang,Vincent W. Freeh

DOI: https://doi.org/10.1007/978-3-642-21599-5_7

2011-01-01

Abstract:Smartphones have been becoming ubiquitous and mobile users are increasingly relying on them to store and handle personal information. However, recent studies also reveal the disturbing fact that users' personal information is put at risk by (rogue) smartphone applications. Existing solutions exhibit limitations in their capabilities in taming these privacy-violating smartphone applications. In this paper, we argue for the need of a new privacy mode in smartphones. The privacy mode can empower users to flexibly control in a fine-grained manner what kinds of personal information will be accessible to an application. Also, the granted access can be dynamically adjusted at runtime in a fine-grained manner to better suit a user's needs in various scenarios (e.g., in a different time or location). We have developed a system called TISSA that implements such a privacy mode on Android. The evaluation with more than a dozen of information-leaking Android applications demonstrates its effectiveness and practicality. Furthermore, our evaluation shows that TISSA introduces negligible performance overhead.

Yajin Zhou,Kapil Singh,Xuxian Jiang

DOI: https://doi.org/10.1109/noms.2016.7502850

2016-01-01

Abstract:Mobile apps continue to consume increasing amounts of sensitive data, such as banking credentials and classified documents. At the same time, the number of smartphone thefts is increasing at a rapid speed. As a result, there is an imperative need to protect sensitive data on lost or stolen mobile devices. In this work, we develop a practical solution to protect sensitive data on mobile devices. Our solution enables adaptive protection by pro-actively stepping up or stepping down data security based on perceived contextual risk of the device. We realize our solution for the Android platform in the form of a system called AppShell. AppShell does not require root privilege, nor need any modification to the underlying framework, and hence is a ready-to-deploy solution. It supports both in-memory and on-disk data protection by transparently encrypting the data, and discarding the encryption key, when required, for enhanced protection. We implement a working prototype of AppShell and evaluate it against several popular Android apps. Our results show that AppShell can successfully protect sensitive data in the lost devices with a reasonable performance overhead.

Yajin Zhou,Kapil Singh,Xuxian Jiang

DOI: https://doi.org/10.1007/978-3-319-08593-7_4

2014-01-01

Abstract:Modern smartphone apps tend to contain and use vast amounts of data that can be broadly classified as structured and unstructured. Structured data, such as an user's geolocation, has predefined semantics that can be retrieved by well-defined platform APIs. Unstructured data, on the other hand, relies on the context of the apps to reflect its meaning and value, and is typically provided by the user directly into an app's interface. Recent research has shown that third-party apps are leaking highly-sensitive unstructured data, including user's banking credentials. Unfortunately, none of the current solutions focus on the protection of unstructured data. In this paper, we propose an owner-centric solution to protect unstructured data on smartphones. Our approach allows the data owners to specify security policies when providing their untrusted data to third-party apps. It tracks the flow of information to enforce the owner's policies at strategic exit points. Based on this approach, we design and implement a system, called <Literal>DataChest</Literal>. We develop several mechanisms to reduce user burden and keep interruption to the minimum, while at the same time preventing the malicious apps from tricking the user. We evaluate our system against a set of real-world malicious apps and a series of synthetic attacks to show that it can successfully prevent the leakage of unstructured data while incurring reasonable performance overhead.

Yajin Zhou,Kunal Patel,Lei Wu,Zhi Wang,Xuxian Jiang

DOI: https://doi.org/10.1145/2714576.2714598

2015-01-01

Abstract:ABSTRACTUsers of Android phones increasingly entrust personal information to third-party apps. However, recent studies reveal that many apps, even benign ones, could leak sensitive information without user awareness or consent. Previous solutions either require to modify the Android framework thus significantly impairing their practical deployment, or could be easily defeated by malicious apps using a native library. In this paper, we propose AppCage, a system that thoroughly confines the run-time behavior of third-party Android apps without requiring framework modifications or root privilege. AppCage leverages two complimentary user-level sandboxes to interpose and regulate an app's access to sensitive APIs. Specifically, dex sandbox hooks into the app's Dalvik virtual machine instance and redirects each sensitive framework API to a proxy which strictly enforces the user-defined policies, and native sandbox leverages software fault isolation to prevent the app's native libraries from directly accessing the protected APIs or subverting the dex sandbox. We have implemented a prototype of AppCage. Our evaluation shows that AppCage can successfully detect and block attempts to leak private information by third-party apps, and the performance overhead caused by AppCage is negligible for apps without native libraries and minor for apps with them.

Zeqing Guo,Weili Han,Liangxing Liu,Wenyuan Xu,Ruiqi Bu,Minyue Ni

DOI: https://doi.org/10.1145/2752952.2752974

2015-01-01

Abstract:More and more powerful personal smart devices take users, especially the elder, into a disaster of policy administration where users are forced to set personal management policies in these devices. Considering a real case of this issue in the Android security, it is hard for users, even some programmers, to generally identify malicious permission requests when they install a third-party application. Motivated by the popularity of mutual assistance among friends (including family members) in the real world, we propose a novel framework for policy administration, referring to Socialized Policy Administration (SPA for short), to help users manage the policies in widely deployed personal devices. SPA leverages a basic idea that a user may invite his or her friends to help set the applications. Especially, when the size of invited friends increases, the setting result can be more resilient to a few malicious or unprofessional friends. We define the security properties of SPA, and propose an enforcement framework where users' friends can help users set applications without the leakage of friends' preferences with the supports of a privacy preserving mechanism. In our prototype, we only leverage partially homomorphic encryption cryptosystems to implement our framework, because the fully homomorphic encryption is not acceptable to be deployed in a practical service at the moment. Based on our prototype and performance evaluation, SPA is promising to support major types of policies in current popular applications with acceptable performance.

Kao Zhao,Deqing Zou,Hai Jin,Zhangbiaoge Tian,Weizhong Qiang,Weiqi Dai

DOI: https://doi.org/10.1109/mobserv.2015.33

2015-01-01

Abstract:Today's smartphones are equipped with various embedded motion sensors, such as accelerometer, gyroscope, and orientation sensors. Perceptual applications perceive the environment of mobile users via sensors. However, malicious applications may use these sensors to steal user's privacy, and attackers can use sensors as side channel data to infer user's inputs. Existing solutions suffer from limited sensors and overhead problems. In this paper we present Perceptual Assistant (PA), a practical privacy protection system for all the sensors and untrusted perceptual applications. PA allows users to customize the sensor policy of third-party applications, and prevent malicious application from accessing sensors at runtime. We evaluate PA with several typical perceptual applications that perform diverse tasks. PA system shows both practical and lightweight: it can protect user's privacy efficiently while maintaining reasonable overhead.

Yuhao Luo,Dawu Gu,Juanru Li

DOI: https://doi.org/10.1109/icist.2013.6747691

2013-01-01

Abstract:Although Android has introduced many security mechanisms, users often expose privacy information to attacker due to the system's defensive privacy protecting policy. The problem is that for most inexperienced users, no mandatory protection is provided. To address this issue, we propose a data-centric privacy enhancement design to actively restrict privacy violation on Android. The main idea is to first build trusted database by introducing secure enhanced kernel and data-at-rest encryption. Then, the system enforces an isolation of applications with privacy data access privilege mode. The design focuses on data protection and keeps persistent mandatory access control model from kernel to application layer, and could resist most common privacy leakage attacks. Compared with other heavyweight isolation scheme, the overhead is also controlled into an acceptable range due to our lightweight design principle.

Hongliang Liang,Dongyang Wu,Jiuyun Xu,Hengtai Ma

DOI: https://doi.org/10.1109/cscloud.2015.21

2015-01-01

Abstract:Nowadays, the ubiquity of smart phones make them carry large amounts of personal sensitive information, but at the same time, there are also many Apps in Android APP market that target to collect users' sensitive data. So it becomes quite important to prevent users from the threat of privacy leakage. In this paper, we analyze the Android's privacy protection mechanism, and describe various threats to users' different types of privacy data. After that, we enumerate two ways that can leak sensitive information, and discuss the current solutions and techniques from aspects of privacy protection enhancement and privacy leakage detection. We also make a fine-grained classification for these two aspects, and study the difference between solutions in each category. Finally, we summarize the deficiency of existing research of Android privacy protection and propose the future research direction.

Tianyuan Liu,Guoyun Li,Yaozhi Zhang,Yuqing Sun

DOI: https://doi.org/10.1109/ithings-greencom-cpscom-smartdata.2016.108

2016-01-01

Abstract:Mobile intelligent devices are widely used in our daily lives. User private information can be easily accessed by mobile apps, which are facing fierce threats. Although Android offers a native permission mechanism and there are many security assistants or research works focus on improving privacy protection, there is still a gap on the context aware and personalized authorization for user requirements. We design and implement a novel authorization mechanism on Android which takes into account both user preference and context. This video describes a fictitious romantic story to show the inspiration behind our design. The story shows the threats we are facing in the mobile scenarios and the gap between existing solutions and user privacy demands. A brief introduction of our model is also given in the video, including the outline of our design and a short clip which shows the evaluation of our prototype implementation on real device.

Ke-zhen HUANG,Yu-xiang LI,Bo-gang LIN

DOI: https://doi.org/10.3969/j.issn.1671-1122.2014.09.012

2014-01-01

Abstract:With the rapid development of mobile Internet, the mobile payment and the mobile office will be integrated into people's lives. The protection of commercial secrets, personal privacy and other sensitive information becomes critical. However, a variety of information leakage, malicious tampering, system sabotage and other malicious behavior often occur. To compensate for the lack of Android system privacy protection, this paper designs a cell phone privacy data security solution based on an Android security policy, and implements privacy protection system of local and remote data protection. The system can effectively protect the user privacy data security and provide a secure mobile environment.

Fan Wu,He Li,Wenhao Fan,Bihua Tang,Yuanan Liu

DOI: https://doi.org/10.1587/transfun.2019EAP1128

2020-01-01

IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences

Abstract:Android occupies a very large market share in the field of mobile devices, and quantities of applications are created everyday allowing users to easily use them. However, privacy leaks on Android terminals may result in serious losses to businesses and individuals. Current permission model cannot effectively prevent privacy data leakage. In this paper, we find a way to protect privacy data on Android terminals from the perspective of privacy information propagation by porting the concept of contextual integrity to the realm of privacy protection. We propose a computational model of contextual integrity suiting for Android platform and design a privacy protection system based on the model. The system consists of an online phase and offline phase; the main function of online phase is to computing the value of distribution norm and making privacy decisions, while the main function of offline phase is to create a classification model that can calculate the value of the appropriateness norm. Based on the 6 million permission requests records along with 2.3 million runtime contextual records collected by dynamic analysis, we build the system and verify its feasibility. Experiment shows that the accuracy of offline classifier reaches up to 0.94. The experiment of the overall system feasibility illustrates that 70% location data requests, 84% phone data requests and 46% storage requests etc., violate the contextual integrity.

Weizhe Zhang,Hui He,Qizhen Zhang,Tai-hoon Kim

DOI: https://doi.org/10.1155/2014/282417

IF: 1.938

2014-01-01

International Journal of Distributed Sensor Networks

Abstract:With the popularity of Android platform based mobile phones, privacy protection of Android platform becomes a focus area. Now protection for Android based smart phone has many shortages, and also most phone protection systems are based on C/S model. In this paper, we propose a browser-free multilevel smart phone privacy protection system, which is based on the Android sensor platform. In this system, protection is ensured by means of SMS, which turns out to be easy, quick, and convenient. Users can send SMS to phones remotely as operating instructions; then the sensors on remote phones execute the instructions and return useful information. Second, the sensors based on the daemon process mechanism are used to prevent the sensors from being maliciously closed and uninstalled. Third, our system adopts SIM detecting mechanism to judge whether the SIM card is removed or changed. If exception is detected, the phone will be locked automatically by its inside sensors. The three points ensure full protection of phone privacy. Test results show that our system has good robustness and low resource consumption.

Imdad Ullah,Roksana Boreli,Salil S. Kanhere,Sanjay Chawla,Tariq Ahamed Ahanger,Usman Tariq

DOI: https://doi.org/10.1109/access.2020.3014424

IF: 3.9

2020-01-01

IEEE Access

Abstract:The Analytics companies enable successful targeted advertising via user profiles, derived from the mobile apps installed by specific users, and hence have become an integral part of the mobile advertising industry. This threatens the users' privacy, when profiling is based on apps representing sensitive information, e.g., gambling problems indicated by a game app. In this work, we propose an app-based profile obfuscation mechanism, ProfileGuard, with the objective of eliminating the dominance of private interest categories (i.e. the prevailing private interest categories present in a user profile). We demonstrate, based on wide-range experimental evaluation of Android apps in a nine month test campaign, that the proposed obfuscation mechanism based on similarity with user's existing apps (ensuring that selected obfuscating apps belong to non-private categories) can achieve a good trade-off between efforts required by the obfuscating system and the resulting privacy protection. We also show how the bespoke (customised to profile obfuscation) and bespoke++ (resource-aware) strategies can deliver significant improvements in the level of obfuscation and (particularly bespoke++) in the use of mobile resources, making the latter a good candidate strategy in resource-constrained scenarios e.g., for fixed data use mobile plans. We also implement a POC ProfileGuard app to demonstrate the feasibility of an automated obfuscation mechanism. Furthermore, we provide insights to Google AdMob profiling rules, such as showing how individual apps map to user's interests within their profile in a deterministic way and that AdMob requires a certain level of activity to build a stable user profile.

tao guo,puhan zhang,hongliang liang,shuai shao

DOI: https://doi.org/10.2991/3ca-13.2013.42

2013-01-01

Abstract:The popularity of Android makes it the prime target of the latest surge in mobile malware. Protecting privacy and integrity of information is helpful for Android users. Currently, malicious software often achieve the purpose of privacy theft and malicious chargeback by sending short messages, making phone calls or connecting Internet surreptitiously. We develop a novel solution that supports multiple security policies to provide much of the integrity and privacy that users desire. We present and implement a security framework for Android which consists of both mandatory access control in the kernel layer and role-based access control in the framework layer. It allows users to define their own security policy and provides fine-grained access control to (untrusted) applications. We implemented a prototype system MPdroid for Android 4.0 platform. Experiments show that we can apply this solution to really help users control applications, block malicious software without significant performance overhead.

Fan Wu,Ran Sun,Wenhao Fan,Yuan'An Liu,Feng Liu,Hui Lu

DOI: https://doi.org/10.4018/ijdcf.2018070108

2018-01-01

International Journal of Digital Crime and Forensics

Abstract:This article proposes a system that focuses on Android application runtime behavior forensics. Using Linux processes, a dynamic injection and a Java function hook technology, the system is able to manipulate the runtime behavior of applications without modifying the Android framework and the application's source code. Based on this method, a privacy data protection policy that reflects users' intentions is proposed by extracting and recording the privacy data usage in applications. Moreover, an optimized random forest algorithm is proposed to reduce the policy training time. The result shows that the system realizes the functions of application runtime behavior monitor and control. An experiment on 134 widely used applications shows that the basic privacy policy could satisfy the majority of users' privacy intentions.

Sujit Biswas,Kashif Sharif,Fan Li,Yang Liu

DOI: https://doi.org/10.1007/978-3-319-60033-8_39

2017-01-01

Abstract:Mobile applications & smart devices have drastically changed our routine tasks, and have become an integral part of modern society. Along with the numerous benefits we get, major challenges like privacy and safety have become complicated than before. The permission based system for mobile applications is designed to empower the user to decide which resources and information they want the application to access. Most of these permissions are granted during installation of application, but our study shows that the users make weak decisions in protecting their information. Majority of the users, even with technical backgrounds, blindly grant all permissions requested by the application even if they are not necessary for the application to run. In order to give more control to the user, and to enable them to make informed decisions regarding permission, we have proposed a Privacy Permission Policy Framework in this paper. This framework enables the user to have greater control over the permission granting while installing the mobile applications. The implementation and testing of the framework also enabled us to run forensic analysis and understand the scope of permissions requested, based on which this framework can advise the user to select minimum required permissions for the application to work. This makes the users’ privacy more secure, and grants full control over the process.

Wang Peng,Yang Tan,Fu Xiangling,Jin Yuehui

2012-01-01

Abstract:After studying on Android permissions mechanism and analyzing the existing problems, this paper designs and implements a privacy protection module to control applications access to users' private information. By providing fake data, privacy protection module makes the untrusted application get the wrong private information sothat protect the security of privacy information.

Guoyun Li,Yaozhi Zhang,Xianqi Yu,Yuqing Sun

DOI: https://doi.org/10.1109/UIC-ATC-ScalCom-CBDCom-IoP.2015.83

2015-01-01

Abstract:Summary form only given. Intelligent mobile devices are more and more popular in recent years. There are millions of mobile applications, which provide variant functionalities. They bring great convinces to people's lives. However, these applications often request different access requests, which relate with many user privacy information such as identity, contact list or location etc. Some of them are actually not necessary for applications. Although there exist some security applications for privacy protection, in many cases, users do not know how to make privacy setting or even have no knowledge about their privacy leakage. This fact brings user privacy facing serious threat. To solve this problem, we propose a mobile privacy protection framework achieve a fine-grained and context aware permission control. We propose several recommendation algorithms to recommend an appropriate privacy setting when a user requests help. To help a user understand how his/her privacy status, we design and implement a privacy management plug in for Android platform.

Qian Luo,Yinbo Yu,Jiajia Liu,Abderrahim Benslimane

DOI: https://doi.org/10.1109/JIOT.2021.3109785

IF: 10.6

2022-01-01

IEEE Internet of Things Journal

Abstract:While providing significant convenience for people, mobile applications (Apps) bring serious privacy leakage and invasion threats over certain platforms (e.g., Android) due to privacy violations. To protect users from these threats, a lot of works related to privacy violation detection have been proposed. However, few of them particularly check the violations, including lacking privacy policy, collecting privacy before statement, lacking account cancelation service, and stubborn permission request. Toward this end, we design an automatic detection tool named PVDetector to detect these violations in Android Apps. We extract and construct relevant threat forms by statically and dynamically analyzing Apps' behaviors, and then fine tune these forms through threat-form-matching methods on problematic Apps. Finally, a comprehensive experiment is conducted to detect privacy violations on different Android application markets by PVDetector. Specifically, we detect 16 162 Android Apps (involving people's various aspects of life) collected from six popular official application markets and three special categories. The experiment results indicate that the situation that Apps contain privacy violations is greatly serious in these markets and categories. We also randomly check the experiment results of 385 Apps. The check results illustrate that the detection accuracy of PVDetector can reach 93%.