Uncovering user-triggered privacy leaks in mobile applications and their utility in privacy protection
Mobile applications are increasingly popular, and help mobile users in many aspects of their lifestyle. Applications have access to a wealth of information about the user through powerful developer APIs. It is known that most applications, even popular and highly regarded ones, utilize and leak priv...
Saved in:
Main Author: | |
---|---|
Format: | text |
Language: | English |
Published: |
Institutional Knowledge at Singapore Management University
2017
|
Subjects: | |
Online Access: | https://ink.library.smu.edu.sg/etd_coll_all/39 https://ink.library.smu.edu.sg/cgi/viewcontent.cgi?article=1041&context=etd_coll_all |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Singapore Management University |
Language: | English |
Summary: | Mobile applications are increasingly popular, and help mobile users in many aspects of their lifestyle. Applications have access to a wealth of information about the user through powerful developer APIs. It is known that most applications, even popular and highly regarded ones, utilize and leak privacy data to the network. It is also common for applications to over-access privacy data that does not fit the functionality profile of the application. Although there are available privacy detection tools, they might not provide sufficient context to help users better understand the privacy behaviours of their applications. In this dissertation, I present the design, implementation and evaluation of an Automated Privacy Testing System called MAMBA for uncovering the causes of user-triggered leaks in Android applications (’leak causes’) as well as their paths taken to reach the leaks. Privacy ’leak-causes’ refer to privacy usage and leak characteristics of applications as well as user-actions and activities with privacy implications. Paths refers to page transition paths as well as the sequence of user actions required to cause these transitions. This solution is based on hybrid application of dynamic/static analysis of Android applications, and it involves improving automated testing of applications for run-time verification of the ’leak causes’. The automated testing is based on directed testing, and automatically traverses applications from initial to resulting activities with potential leak behaviours, based on paths obtained from static analysis of the Android callback control flows. I demonstrate the advantages of my automated testing system through standalone evaluations as well as comparisons with another automated testing system - Automated Model Checker (AMC) [39]. The results show that MAMBA has large improvements in terms of less testing time required, with only a small reduction in coverage. MAMBA also has good privacy data access accuracy (Precision=79.84%, Recall=68.90%), and moderate privacy data leak accuracy (Precision=35.66% , Recall=56.10%) - (Recall values were measured relative to AMC). Privacy detectors of ProtectMyPrivacy (PMP) and TaintDroid were utilized for runtime measurements. I also show how the resulting outputs of privacy ’leak causes’ can be utilized together with a privacy message overlay mechanism for warning users of privacy triggers interactively during application uses. I have conducted field and lab user studies to show that the privacy messages can aid users to utilize applications in a way that uses less of their privacy data, if they do not agree with the privacy usages. I also found that there are other factors which influence message effectiveness. |
---|