Presentation is loading. Please wait.

Presentation is loading. Please wait.

Android Permissions Remystified: A Field Study on Contextual Integrity Presenter: Hongyang Zhao Primal Wijesekera (UBC) Arjun Baokar (UC Berkeley) Ashkan.

Published byCharles Wilkins Modified over 8 years ago

Similar presentations

Presentation on theme: "Android Permissions Remystified: A Field Study on Contextual Integrity Presenter: Hongyang Zhao Primal Wijesekera (UBC) Arjun Baokar (UC Berkeley) Ashkan."— Presentation transcript:

1 Android Permissions Remystified: A Field Study on Contextual Integrity Presenter: Hongyang Zhao Primal Wijesekera (UBC) Arjun Baokar (UC Berkeley) Ashkan Hosseini (UC Berkeley) Serge Egelman (UC Berkeley) David Wagner (UC Berkeley) Konstantin Beznosov (UBC)

2 Android Permission 2  Android permission  Regulate how applications access protected resources  Prompt user during installation  Users’ Options  Accept permissions requested  Discontinue installing

3 Problem Statement 3  When developers use permissions  Not fully knowledgeable  Given too much freedom to post to Google Play Store  Not follow the principle of lease privilege  When users meet permissions  No comprehension  No contextual cues  User habituation Lots of unnecessary application permissions are approved Application can get access to protected resources unexpected

4 Previous solutions & Limitation 4  Prompt permission request at run-time  Action is not reversible  Data is sensitive  Incurs additional cost Too many prompts

5 Solution 5  When to actually prompt?  not reversible/sensitive/Incurs additional cost  Unexpected (“Privacy violations occur when sensitive information is used in ways defying users’ expectations”)  Goal  Confront users with necessary permission requests, not the expected, reversible, or unconcerning ones. A. P. Felt, S. Egelman, M. FiniUer, D. Akhawe, and D. Wagner. How to Ask for Permission. Proceedings of the USENIX Workshop On Hot Topics In Computer Security (HotSec), 2012.

6 Two steps 6  Instrument Android to collect data  How often and under what circumstances smartphone apps are accessing protected resources regulated by permissions?  Survey users when they exit the experiment  If given the opportunity, whether users would like to deny applications access to protected resources?

7 Outline 7  Problem statement  Data collection  Application behavior  User expectation & reactions  Model users’ decision  Conclusion  Quiz

8 Data collection Procedure 8  Tracking access to sensitive data  Modify Android to log whenever an app accessed a protected resource  Recruitment  36/48 qualified participants from Craigslist  Exit survey  Whether resource access instances are expected  Whether users would like to deny access

9 Data collection Architecture 9  Producers: hook Android API call  Log protected API methods that are called  Log access to protected ContentProviders class  Log access to protected Intents  Consumer: embedded in Android service  Write data to a log file  Upload to server

10 Data collection 10  The experiment  36 Android smartphone users  1week of real-world use  27 million permission requests (107142 requests/day/user)  12 permissions  Felt et al. recommend to be granted via runtime dialogs  Randomly take screenshots when permissions are checked

11 Data collection 11  Screenshot (cards)  Log entry (music app)

12 Exit Survey 12

13 Exit Survey 13

14 Outline 14  Problem statement  Data collection  Application behaviors  Invisible permission requests  High frequency requests  Feasibility of runtime requests  User expectation & reactions  Model users’ decision  Conclusion  Quiz

15 Invisible Permission Requests 15  Invisible permission requests  The requests that users don’t know they occur  Five application states with regard to visibility to users:  Visible foreground application (12.04%)  Invisible background application (0.70%)  Visible background service (12.86%)  Invisible background service (14.40%)  Screen off (60.00%)

16 Invisible Permission Requests 16  Five application states with regard to visibility to users:  Visible foreground application (12.04%)  Invisible background application (0.70%)  Visible background service (12.86%)  Invisible background service (14.40%)  Screen off (60.00%)  Invisible permission: 75.1%

17 Invisible Permission Requests 17  Most frequently requested permissions with zero visiblity to users (per user/day)  Network: every 3 seconds  The apps making the most permission requests while invisible to users (per user/day)

18 Invisible Permission Requests 18  Low visibility of location tracking  GPS location provider (0.04%)  Cellular tower (66.1%)  Wifi (33.3%)  Network provider (0.08%)  Cashed location (0.48%)  GPS notification icon appear 0.04% of access of location

19 High Frequency Requests 19  Exception of Google’s apps, all the other apps make excessive requests for phone’s connectivity state  Adverse effect on performance and battery life

20 Feasibility of Runtime Requests 20  Observations:  8 requests per minute/user  4 exposes per minute/user (15 seconds)  Every other permission request exposes data  Frequency is too high to prompt users in runtime Sensitive permission requests (per user/day) when apps visible/invisible to users

21 Outline 21  Problem statement  Data collection  Application behavior  User expectation & reactions  Model users’ decision  Conclusion  Quiz

22 User expectation & reactions 22  Screenshots + permission requested: users want to block 35% of 432 permission request  53% of denied permissions are perceived as functionally irrelevant  “It wasn’t doing anything that needed my current location”  32% of denied permissions are privacy sensitive  “SMS messages are quite personal”

23 User expectation & reactions 23  What factors influence users’ desires to block requests?  Identifying permissions  Visibility  Privacy preferences  Expectation  Users are more likely to block invisible, unexpected requests.

24 Outline 24  Problem statement  Data collection  Application behavior  User expectation & reactions  Model users’ decision  Conclusion  Quiz

25 Model users’ decision 25  Use contextual data to examine users’ desire to block certain permission requests  Permission types  Visibility of application  Application name  User ID  A classifier to determine when to prompt users

26 Model Selection 26  Binary logistic regression model  Permission types  Visibility of application  Application name  User ID  Two separate models based on the screen state result in better fit than a single model with screen state as a fixed effect

27 Predicting User Reactions 27  Regression Model  Screen on: visibility, application, user (AUC=0.7)  Screen off: permission, application, user (AUC=0.8)  Different users have different preferences  One size-fit-all policy will not be effective

28 Conclusion 28  A first field study to quantify the permission usage by third party applications under realistic circumstances.  Show that participants want to block access to protected resources a third of time.  Model users’ decisions and show how a runtime classifier may be able to determine when to confront users with permission decisions.

29 My opinion 29  Data collection procedure is very good. (Screenshot)  Find some interesting results  Small dataset (1 week)  Validity of dataset?  Classification is very week.  Take more factors into consideration  Time, location, personalization…  Only analyze the user’s attitude towards permission requests from apps. Don’t know why app request permission to protected resources.

30 Quiz 30  What’s the functionality of Android Permission?  What are invisible permission request?  Is it feasible to prompt users whenever sensitive data are accessed at runtime?

31 Thank you!

Download ppt "Android Permissions Remystified: A Field Study on Contextual Integrity Presenter: Hongyang Zhao Primal Wijesekera (UBC) Arjun Baokar (UC Berkeley) Ashkan."

Similar presentations

Recruitment Booster.

Recruitment Booster.
Chrome Extentions Vulnerabilities. Introduction Google Chrome Browser Chrome OS Platform Chrome Web Store Applications Open Source Platform.

Chrome Extentions Vulnerabilities. Introduction Google Chrome Browser Chrome OS Platform Chrome Web Store Applications Open Source Platform.
Silicon Valley Apps for Kids Meetup Laura D. Berger October 22, 2012 The views expressed herein are those of the speaker, and do not represent the views.

Silicon Valley Apps for Kids Meetup Laura D. Berger October 22, 2012 The views expressed herein are those of the speaker, and do not represent the views.
Policy Weaving for Mobile Devices Drew Davidson. Smartphone security is critical – 1200 to 1400 US Army troops to be equipped with Android smartphones.

Policy Weaving for Mobile Devices Drew Davidson. Smartphone security is critical – 1200 to 1400 US Army troops to be equipped with Android smartphones.
Welcome to Florida International University Online J.O.B.S. Link Applicant Tutorial.

Welcome to Florida International University Online J.O.B.S. Link Applicant Tutorial.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
March 13, 2004Securing Privacy Conference1 SENSOR NETWORKS & PRIVACY Pamela Samuelson, UC Berkeley, Securing Privacy Conference, March 13, 2004.

March 13, 2004Securing Privacy Conference1 SENSOR NETWORKS & PRIVACY Pamela Samuelson, UC Berkeley, Securing Privacy Conference, March 13, 2004.
App Inventor Barb Ericson Georgia Tech

App Inventor Barb Ericson Georgia Tech
School location collector

School location collector
Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.

Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.
A Survey of Mobile Phone Sensing Michael Ruffing CS 495.

A Survey of Mobile Phone Sensing Michael Ruffing CS 495.
CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.

CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.
You can customize your privacy settings. The privacy page gives you control over who can view your content. At most only your friends, their friends and.

You can customize your privacy settings. The privacy page gives you control over who can view your content. At most only your friends, their friends and.
Unsafe Exposure Analysis of Mobile In-App Advertisements Offense: Rachel Stonehirsch.

Unsafe Exposure Analysis of Mobile In-App Advertisements Offense: Rachel Stonehirsch.
Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.

Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.
Medical Application Giant Squid Michal Cohen Robet Esho Chris Hogan Kate Kuleva Nisha Makwana Alex Rodrigues Rafal Urbanczyk.

Medical Application Giant Squid Michal Cohen Robet Esho Chris Hogan Kate Kuleva Nisha Makwana Alex Rodrigues Rafal Urbanczyk.
Live Support A “receptionist” on your website (typing) Can answer questions Transfer calls to different departments Take messages Automatically “push”

Live Support A “receptionist” on your website (typing) Can answer questions Transfer calls to different departments Take messages Automatically “push”
A METHODOLOGY FOR EMPIRICAL ANALYSIS OF PERMISSION-BASED SECURITY MODELS AND ITS APPLICATION TO ANDROID.

A METHODOLOGY FOR EMPIRICAL ANALYSIS OF PERMISSION-BASED SECURITY MODELS AND ITS APPLICATION TO ANDROID.
Enhancing User Privacy on Android Devices Bachelor of Computer Science (Honours) Name: Quang Do Supervisor: Raymond Choo Associate Supervisor: Ben Martini.

Enhancing User Privacy on Android Devices Bachelor of Computer Science (Honours) Name: Quang Do Supervisor: Raymond Choo Associate Supervisor: Ben Martini.

Similar presentations

Ads by Google