TY - GEN
T1 - Identity, location, disease and more
T2 - 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS 2013
AU - Zhou, Xiaoyong
AU - Demetriou, Soteris
AU - He, Dongjing
AU - Naveed, Muhammad
AU - Pan, Xiaorui
AU - Wang, Xiao Feng
AU - Gunter, Carl A.
AU - Nahrstedt, Klara
PY - 2013
Y1 - 2013
N2 - The design of Android is based on a set of unprotected shared resources, including those inherited from Linux (e.g., Linux public directories). However, the dramatic development in Android applications (app for short) makes available a large amount of public background information (e.g., social networks, public online services), which can potentially turn such originally harmless resource sharing into serious privacy breaches. In this paper, we report our work on this important yet understudied problem. We discovered three unexpected channels of information leaks on Android: per-app data-usage statistics, ARP information, and speaker status (on or off). By monitoring these channels, an app without any permission may acquire sensitive information such as smartphone user's identity, the disease condition she is interested in, her geo-locations and her driving route, from top-of-the-line Android apps. Furthermore, we show that using existing and new techniques, this zero-permission app can both determine when its target (a particular application) is running and send out collected data stealthily to a remote adversary. These findings call into question the soundness of the design assumptions on shared resources, and demand effective solutions. To this end, we present a mitigation mechanism for achieving a delicate balance between utility and privacy of such resources.
AB - The design of Android is based on a set of unprotected shared resources, including those inherited from Linux (e.g., Linux public directories). However, the dramatic development in Android applications (app for short) makes available a large amount of public background information (e.g., social networks, public online services), which can potentially turn such originally harmless resource sharing into serious privacy breaches. In this paper, we report our work on this important yet understudied problem. We discovered three unexpected channels of information leaks on Android: per-app data-usage statistics, ARP information, and speaker status (on or off). By monitoring these channels, an app without any permission may acquire sensitive information such as smartphone user's identity, the disease condition she is interested in, her geo-locations and her driving route, from top-of-the-line Android apps. Furthermore, we show that using existing and new techniques, this zero-permission app can both determine when its target (a particular application) is running and send out collected data stealthily to a remote adversary. These findings call into question the soundness of the design assumptions on shared resources, and demand effective solutions. To this end, we present a mitigation mechanism for achieving a delicate balance between utility and privacy of such resources.
KW - information leaks
KW - mobile security
KW - privacy
UR - http://www.scopus.com/inward/record.url?scp=84889000328&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84889000328&partnerID=8YFLogxK
U2 - 10.1145/2508859.2516661
DO - 10.1145/2508859.2516661
M3 - Conference contribution
AN - SCOPUS:84889000328
SN - 9781450324779
T3 - Proceedings of the ACM Conference on Computer and Communications Security
SP - 1017
EP - 1028
BT - CCS 2013 - Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security
Y2 - 4 November 2013 through 8 November 2013
ER -