Dangerous Permissions in Android: Open Issues and Pitfalls



Goals

The increasing diffusion of mobile devices has promoted the development of numerous applications in which developers find new ways to exploit the possibilities offered by access to resources such as the camera. As a result, we are increasingly used to seeing applications that make extensive use of sensitive-related resources, potentially dangerous for our privacy. To address this problem, the latest approach to support user awareness in terms of privacy is represented by the Privacy Indicators(PI), a solution implemented by Android to provide a visual led to inform users whenever the app exploits a dangerous resource. For these reasons, our goal was to investigate the effectiveness of PI in helping users identify the use of a resource. We also wanted to investigate the behavior of applications in terms of permissions used and possible malicious behavior at runtime. As a final goal, we proposed a software solution that protects users from misused permissions.

Methodologies

We conducted a controlled experiment with 90 participants to explore the effectiveness of PI in latent and explicit contexts. We used eight interactive prototype apps and implemented two versions of each prototype, with and without PI. Due to the results obtained, we developed a dynamic analysis tool that, when installed as an Xposed module on the Android emulator, allows obtaining information in identifying the contexts in which permissions have been used through an injection mechanism based on hooks and callbacks. We define the usage context as a combination of the dangerous resource the app is executing and the user action on the UI. In addition, we have built a system that contextualizes permission access requests with the same mechanism, showing the explicit consent popup to the user

Results and Impact

As a result, we noticed that the contribution of PI to the identification of resource use is not statistically significant. As a matter of fact, despite an increment in the total number of correctly identified cases, PI do not adequately enhance the users' awareness of when and where an application accesses a specific sensitive resource. To assess the effectiveness of the developed tool to automatically discriminate between different kinds of accesses to the same resource, we studied 10 popular apps. The results confirm that, in many cases, when the app accesses a sensitive resource, this is done in more than one context, and we can give the user a chance to choose their preferences in each of these identified contexts.

Description

  • Michele Guerra

  • Fausto Fasano

  • Simone Scalabrino

  • Rocco Oliveto

  • Download abstract

  • December, 2022 - Ph.D. Expo UNIMOL

"Dangerous Permissions in Android: Open Issues and Pitfalls"