1 / 22

Enhancing Users’ Comprehension of Android Permissions

Enhancing Users’ Comprehension of Android Permissions. Liu Yang , Nader Boushehrinejad , Pallab Roy, Vinod Ganapathy, Liviu Iftode Department of Computer Science Rutgers University. Android Apps. Social networking. Online shopping. Gaming. Communication. Entertainment. Transportation.

uta
Download Presentation

Enhancing Users’ Comprehension of Android Permissions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Enhancing Users’ Comprehension of Android Permissions Liu Yang, Nader Boushehrinejad, Pallab Roy, Vinod Ganapathy, Liviu Iftode Department of Computer Science Rutgers University

  2. Android Apps Social networking Online shopping Gaming Communication Entertainment Transportation Sports …

  3. Resources on Android

  4. App-based Permission Model: An Example This app requests the following resources: Your accounts, your locations, your messages, network communication, your personal information, phone calls, system tools, … (39 permission in total) App installed if user approves the request No install if user rejects the request

  5. Users Puzzled by Permissions • 3% of users correctly answer three permission questions [Felt. et al. SOUPS’12, Kelly et al., USEC’12] • A lot of permissions defined (134, Android 2.2) • Not always self-explanatory, e.g., SUBSCRIBED_FEEDS_READ, WRITE_SYN_SETTINGS, … • Confusion exists for developers [Felt et al. CCS’11]

  6. Permission Misuse com.antivirus com.kayak.android com.taskos com.kakao.talk com.facebook com.myyearbook.m Contacts Contacts IMEI IMEI Locations Phone number Locations: 45/110 apps IMEI: 31/110 apps Contacts: 7/110 apps Phone#: 5/110 apps [Hornyack et al., AppFence, CCS’11] [Lin et al., Ubicom’12]

  7. Our Contribution • Enhancing users’ comprehension of permissions using crowdsourcing • Permission usage commented by app users • Permission comments shared among users • Designing Droidganger which provides clues of permission usage • Record/replay + permission suppression • Feasibility study

  8. Architecture Overview Permission comments Droidganger Permission comments aggregation and presentation Permission comments Internet Droidganger Comments Processing Server (CPS) Permission comments Droidganger

  9. Crowdsourcing • Users of same apps form user communities • Users use Droidganger to help permission understanding • Each user reviews one permission (small task) • More users • more permissions covered • more execution paths covered • more apps covered

  10. Intuition of Droidganger Permission changes Capability changes App behavior changes Q: Behavior changes visible or understandable? Q: How to capture changes? A: Record/replay + permission suppression

  11. Overview of Droidganger Execution trace Record (all permissions granted) Replay (a permission suppressed) Deviation Detection User inputs permission comments To Comment Processing Server

  12. Record and Replay • Record app execution • non-deterministic inputs and events, e.g., keystrokes, touches/drags, etc. (saved as a trace) • outputs, e.g., screenshots, etc. • Replay a trace • each time a different permission suppressed • snapshots taken for comparison

  13. Deviation Detection Snapshots Snapshots Snapshots Snapshots Snapshots Snapshots Record phase Replay phase Difference detector User comments on detected difference

  14. Comment Processing Server Comments grouped by apps and permissions Comments aggregation Comments presented for pubic access

  15. Feasibility Study • Implementation of Droidganger • Android 4.0 + Emulator • Record: Intercepting KeyEvents and MotionEvents • Compiling events to Python scripts • Replaying scripts with Monkeyrunner • Data Sets • AngryBirds Rio (6 permissions) • Antivirus (39 permissions)

  16. Observations (a) Record stage (all requested permissions granted) (b) Replay stage (INTERNET permission suppressed) Pairs of screenshots of AngryBirds

  17. Observations (cont.) Record Replay WRITE_SYNC_SETTINGS permission suppressed (all requested permissions granted)

  18. Observations (cont.) Summary of observed effects with replay + permission suppression Meaningful: permission suppression provides helpful clues of purposes of permissions Crashed: app crashed due to permission suppression Syslog only: execution deviation was only captured by syslog None: no difference was observed with permission suppression

  19. Challenges • Network proxy: recording network traffic • Randomness, e.g., card games, etc. • Non-repeatable execution, e.g., online payments, etc. • Application failure when permission suppressed • User incentives

  20. Comparison to Privacy as Expectations (PAE) [Lin et al., Ubicomp’12] PAE Our work Goals: capturing users’ expectations on privacy improving users’ comprehension of permissions Objects: Access to privacy related resources Permissions requested by apps Techs: Crowdsourcing TaintDroid New interfaces Crowdsourcing Record/replay + Permission suppression

  21. Related Work • Information flow and permission misuse • AppFence [Hornyack et al., CCS’11] • TaintDroid [Enck et al., OSDI’10] • Permission demystified [Felt et al., CCS’11] • Privacy-preserving • Apex [Nauman et al., AsiaCCS’10] • MockDroid [Beresford et al., Hotmobile’11] • Permission comprehension and attention • [Felt et al., SOUPS’12], [Kelley et al., USEC’12] • [Lin et al., Ubicom’12]

  22. Conclusion • Crowdsourcing • Collections of users help each other on permission understanding • Record/replay + permission suppression: • Changes of app behavior provide clues of permission usage • Feasibility study • Droidganger providing helpful clues on permission usage

More Related