Discipline: Computer Sciences and Information Management
Subcategory: Computer Science & Information Systems
Lance A. Allison - Winston-Salem State University, NC
As mobile devices become increasingly powerful, so does the software they run. In recent years Android’s Google Play Store and Apple’s App Store have both surpassed 2 million downloadable applications. With so many applications available, it is no wonder that these stores can only perform a brief vetting process, using primarily a static analysis of code. This limited vetting process can lead to malicious applications that may be abusing their privileges or collecting personal information without the user’s knowledge. To counter these attacks Apple and Android both implement similar permission systems to limit an application’s access to files or personal data unless given consent by the user. Although, these are often overlooked by the average user and approved once and forgotten. Thus, the goal of this research is to create applications that can be installed on both mobile platforms that monitor applications in real time to detect over-privileged and over-active applications. This will give users the ability to see what applications are actively doing and can confirm their actions comply with their wishes. With the initial focus on the Android platform specifically, this research outlines methods used to record and access system logs, events, notifications and other information in real-time, along with steps to analyze and review this information for mobile devices on the go. A key method used and tested in this research is by calling and analyzing Android’s DumpSys service. DumpSys is essentially an image of all system information on a current device, including a wide range of information such as; CPU usage, memory allocation, system broadcasts, current permissions, and many other statistics. After recording a system dump this monitoring application will analyze and detect over-privileged applications This is done by comparing active system broadcasts and logs to the permissions that have been approved. Another method being tested which may be included in the final application involves a process of pulling individual logs for each application and then sharing these logs with the monitoring application. After the Android monitoring application is finished, there will be tests performed to analyze the power usage of said application running such a system, and to define an overall impact on battery performance. Future work will include an Apple iOS application that will perform the same actions of actively monitoring and analyzing application privileges, although this will require different methods.
References: F. Adrienne, Porter, C. Erika, H. Steve, S. Dawn, and W. David. Android permissions demystified. In Proceedings of ACM Conference on Computer and Communications Security (CCS), 2011.
Slavin, R., Wan, X., Hosseini, M., & Heste, J. (2016, May 14). Toward a framework for detecting privacy policy violations in android application code. ACM 38th IEEE International Conference on Software Engineering, 25-26. Retrieved from 2016 IEEE.
Funder Acknowledgement(s): This study was supported by NSF grant #1332531 that was awarded to Dr. Fuad.
Faculty Advisor: M. Muztaba Fuad, fuadmo@wssu.edu
Role: All of the research, with discussion meetings with my mentor, Dr. M Fuad.