AppGuard – Enforcing User Requirements on Android Apps

Backes, Michael; Gerling, Sebastian; Hammer, Christian; Maffei, Matteo; Styp-Rekowsky, Philipp von

doi:10.1007/978-3-642-36742-7_39

Cited by 106 publications

(73 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…CopperDroid [39] is another dynamic testing tool which observes interactions between Android components and the Linux system to reconstruct high-level behavior and uses some special stimulation techniques to exercise the app to find malicious activities. Several other systems, including AppFence [24], Aurasium [46], AppGuard [8] and BetterPermission [10] try to mitigate the privacy leak problem by dynamically monitoring the tested apps.…”

Section: Related Workmentioning

confidence: 99%

IccTA: Detecting Inter-Component Privacy Leaks in Android Apps

Bartel

Bissyandé³

et al. 2015

2015 IEEE/ACM 37th IEEE International Conference on Software Engineering

393

360

View full text Add to dashboard Cite

Abstract-Shake Them All is a popular "Wallpaper" application exceeding millions of downloads on Google Play. At installation, this application is given permission to (1) access the Internet (for updating wallpapers) and (2) use the device microphone (to change background following noise changes). With these permissions, the application could silently record user conversations and upload them remotely. To give more confidence about how Shake Them All actually processes what it records, it is necessary to build a precise analysis tool that tracks the flow of any sensitive data from its source point to any sink, especially if those are in different components.Since Android applications may leak private data carelessly or maliciously, we propose IccTA, a static taint analyzer to detect privacy leaks among components in Android applications. IccTA goes beyond state-of-the-art approaches by supporting intercomponent detection. By propagating context information among components, IccTA improves the precision of the analysis. IccTA outperforms existing tools on two benchmarks for ICC-leak detectors: DroidBench and ICC-Bench. Moreover, our approach detects 534 ICC leaks in 108 apps from MalGenome and 2,395 ICC leaks in 337 apps in a set of 15,000 Google Play apps.

show abstract

Section: Related Workmentioning

confidence: 99%

IccTA: Detecting Inter-Component Privacy Leaks in Android Apps

Bartel

Bissyandé³

et al. 2015

2015 IEEE/ACM 37th IEEE International Conference on Software Engineering

393

360

View full text Add to dashboard Cite

show abstract

“…This work mainly concerns the analysis of permis-sions without proposing a direct link between declared permissions and apps security, as with MAETROID. A system to implement security policies on Android devices is presented in [29]. This system is based on the introduction of a monitor of security critical functionalities, which matches the performed actions with security policies defined by the mobile device user.…”

Section: Related Workmentioning

confidence: 99%

Risk analysis of Android applications: A user-centric solution

Dini

Martinelli

Matteucci

et al. 2018

Future Generation Computer Systems

View full text Add to dashboard Cite

Android applications (apps) pose many risks to their users, e.g., by including code that may threaten user privacy or system integrity. Most of the current security countermeasures for detecting dangerous apps show some weaknesses, mainly related to users' understanding and acceptance. Hence, users would benefit from an effective but simple technique that indicates whether an app is safe or risky to be installed. In this paper, we present MAETROID (Multi-criteria App Evaluator of TRust for AndrOID), a framework to evaluate the trustworthiness of Android apps, i.e., the amount of risk they pose to users, e.g., in terms of confidentiality and integrity. MAETROID performs a multi-criteria analysis of an app at deploy-time and returns a single easyto-understand evaluation of the app's risk level (i.e., Trusted, Medium Risk, and High Risk), aimed at driving the user decision on whether or not installing a new app. The criteria include the set of requested permissions and a set of metadata retrieved from the marketplace, denoting the app quality and popularity. We have tested MAETROID on a set of 11,000 apps both coming from Google Play and from a database of known malicious apps. The results show a good accuracy in both identifying the malicious apps and in terms of false positive rate.

show abstract

“…More generic policy enforcement approaches such as AppGuard [16] also require comprehensive lists of sensitive information sources. AppGuard, for instance, provides the user with the ability to revoke permissions after app-installation time.…”

Section: Related Workmentioning

confidence: 99%

A Machine-learning Approach for Classifying and Categorizing Android Sources and Sinks

Rasthofer¹,

Arzt²,

Bodden³

2014

Proceedings 2014 Network and Distributed System Security Symposium

259

154

View full text Add to dashboard Cite

Abstract-Today's smartphone users face a security dilemma: many apps they install operate on privacy-sensitive data, although they might originate from developers whose trustworthiness is hard to judge. Researchers have addressed the problem with more and more sophisticated static and dynamic analysis tools as an aid to assess how apps use private user data. Those tools, however, rely on the manual configuration of lists of sources of sensitive data as well as sinks which might leak data to untrusted observers. Such lists are hard to come by.We thus propose SUSI, a novel machine-learning guided approach for identifying sources and sinks directly from the code of any Android API. Given a training set of hand-annotated sources and sinks, SUSI identifies other sources and sinks in the entire API. To provide more fine-grained information, SUSI further categorizes the sources (e.g., unique identifier, location information, etc.) and sinks (e.g., network, file, etc.).For Android 4.2, SUSI identifies hundreds of sources and sinks with over 92% accuracy, many of which are missed by current information-flow tracking tools. An evaluation of about 11,000 malware samples confirms that many of these sources and sinks are indeed used. We furthermore show that SUSI can reliably classify sources and sinks even in new, previously unseen Android versions and components like Google Glass or the Chromecast API.

show abstract

AppGuard – Enforcing User Requirements on Android Apps

Cited by 106 publications

References 1 publication

IccTA: Detecting Inter-Component Privacy Leaks in Android Apps

IccTA: Detecting Inter-Component Privacy Leaks in Android Apps

Risk analysis of Android applications: A user-centric solution

A Machine-learning Approach for Classifying and Categorizing Android Sources and Sinks

Contact Info

Product

Resources

About