Enhancing user privacy on android mobile devices via permissions removal

Proceedings of the Annual Hawaii International Conference on System Sciences

Volumn , Issue , 2014, Pages 5070-5079

  Do, Quang ^a   Martini, Ben ^a   Choo, Kim Kwang Raymond ^a  

^a UNIVERSITY OF SOUTH AUSTRALIA   (Australia)

Author keywords

[No Author keywords available]

Indexed keywords

MOBILE DEVICES; REVERSE ENGINEERING; SYSTEMS SCIENCE;

POTENTIAL VECTORS; REVERSE ENGINEERING PROCESS; SENSITIVE INFORMATIONS; SYSTEM MODIFICATIONS; USER PRIVACY;

ANDROID (OPERATING SYSTEM);

EID: 84902243653     PISSN: 15301605     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/HICSS.2014.623     Document Type: Conference Paper

References (32)

1. M. Oleaga, 2013, "OS vs. Android Market Share 2013: Google Mobile Platform Dominating Apple Worldwide in March Figures", http://www. latinospost.com/articles/15039/20130322/ios-vs-android-market-share-2013-google- mobile-platform-dominating.htm, accessed 25 March 2013.
2. O. Hou, 2012, "A Look at Google Bouncer", http://blog. trendmicro.com/trendlabs-security-intelligence/a-look-at-google-bouncer/, accessed 14 April 2013
3. FY. Rashid, 2012, "Researchers upload dangerous app to Google Play store", http://www.scmagazine.com.au/News/310192,blackhat-researchers- upload-dangerous-app-to-google-play-store.aspx, accessed 14 April 2013
4. Y. Zhou, X. Zhang, X. Jiang & V. Freeh, "Taming information-stealing smartphone applications (on Android)", TRUST 2011, pp. 93-107.
5. A. Shabtai, Y. Fledel, U. Kanonov, Y. Elovici, S. Dolev & C. Glezer, "Google Android: A Comprehensive Security Assessment", IEEE Security & Privacy Magazine, Vol. 8, no. 2, 2012, pp. 35-44.
6. T. Book, A. Pridgen & D.S. Wallach, "Longitudinal Analysis of Android Ad Library Permissions", arXiv preprint arXiv:1303.0857, 2013.
7. S. Shekhar, M. Dietz & D.S. Wallach, "Adsplit: Separating smartphone advertising from application", CoRR, abs/1202.4030, 2013.
8. A.P. Felt, E. Ha, S. Egelman, A. Haney, E. Chin & D. Wagner, "Android permissions: User attention, comprehension, and behavior", SOUPS 2012, p. 3.
9. P.G. Kelley, S. Consolvo, L.F. Cranor, J. Jung, N. Sadeh & D. Wetherall, "A Conundrum of Permissions: Installing Applications on an Android Smartphone", Financial Cryptography and Data Security 2012, pp. 68-79.
10. M. Kern, & J. Sametinger, "Permission Tracking in Android", UBICOMM 2012, pp. 148-155.
11. S. Bugiel, S. Heuser & A.R. Sadeghi, "myTunes: Semantically Linked and User-Centric Fine-Grained Privacy Control on Android", Technical Report TUD-CS-2012-0226, Center for Advanced Security Research Darmstadt (CASED), 2012.
12. AR. Beresford, A. Rice, N. Skehin & R. Sohan, "MockDroid: trading privacy for application functionality on smartphones", HotMobile 2011, pp. 49-54.
13. P. Hornyack, S. Han, J. Jung, S. Schechter & D. Wetherall, "These aren't the droids you're looking for: retrofitting android to protect data from imperious applications", ACM CCS 2011, pp. 639-652.
14. W. Enck, P. Gilbert, B.G. Chun, L.P. Cox, J. Jung, P. McDaniel & A.N. Sheth, "TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones", 9th USENIX conference on Operating systems design and implementation, 2012, pp. 1-6.
15. J. Helfer & T. Lin, 2012, "Giving the User Control over Android Permissions", http://css.csail.mit.edu/6.858/2012/projects/helfer-ty12.pdf, accessed 25 March 2013.
16. P. Berthome, T. Fecherolle, N. Guilloteau & J.F. Lalande, "Repackaging Android Applications for Auditing Access to Private Data", ARES 2012, pp. 388-396.
17. L. Juanru, G. Dawu & L. Yuhao, "Android Malware Forensics: Reconstruction of Malicious Events", ICDCSW 2012, pp. 552-558.
18. R. Xu, H. Saïdi & R. Anderso, 'Aurasium: Practical policy enforcement for android applications', 21st USENIX conference on Security symposium, 2012, pp. 27-27.
19. http://apkmultitool.com/, accessed 11 April 2013
20. http://code.google.com/p/smali/, accessed 11 April 2013
21. http://java.decompiler.free.fr/?q=jdgui, accessed 11 April 2013
22. C. Mann & A Starostin, "A framework for static detection of privacy leaks in android applications", ACM SAC 2012, pp. 1457-1462.
23. http://www.virtuous-ten-studio.com/, accessed 4 May 2013
24. http://source.android.com/, accessed 13 June 2013
25. S. Bugiel, S. Heuser & A.R. Sadeghi, myTunes: Semantically Linked and User-Centric Fine-Grained Privacy Control on Android, Technical Report TUD-CS-2012-0226, Center for Advanced Security Research Darmstadt, 2012.
26. http://developer.android.com/reference/android/Manifest.permission.html, accessed 14 June 2013
27. http://developer.android.com/guide/topics/manifest/permission-element. html, accessed 13 June 2013
28. http://developer.android.com/reference/android/provider/Settings.Secure. html#ANDROID-ID, accessed 13 June 2013
29. E. Erturk, 'A case study in open source software security and privacy: Android adware', WorldCIS 2012, pp. 189-191.
30. R. Unuchek, 2013, "The most sophisticated Android Trojan", http://www.securelist.com/en/blog/8106/ThemostsophisticatedAndroidTrojan, accessed 13 June 2013
31. http://code.google.com/p/dex2jar/, accessed 13 June 2013
32. http://developer.android.com/reference/android/telephony/ TelephonyManager.html#getDeviceId(), accessed 14 June 2013