A comprehensive investigation of user privacy leakage to android applications

Yuming Ge, Bo Deng, Yi Sun, Libo Tang, Dajiang Sheng, Yantao Zhao, Gaogang Xie, Kave Salamatian

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contribution

3 Citations (Scopus)

Abstract

Smartphones have become an important component of everyday's life. They store a large amount of users' private and sensitive information like contacts, GPS location, messages and interests. Privacy issues are a growing concern for the phone users. However, despite an existing rich literature in privacy leakage on mobile network measurement, our empirical knowledge of users' private leakage is relatively limited. In this work, we present a large scale and comprehensive investigation spanning over 9 months of users' private information leakage that consisted of monitoring 180K popular apps coming from 50+ Chinese AppStores. In order to do this, we used a customized platform that can monitor the execution of applications running over Android system to observe in vivo privacy leakage of applications. Our key findings are that: (1) Accessing users' private information is very common among mobile apps, i.e. over 90% of apps accesses some kind of user private information, and to our surprise, almost 95% apps claimed access to private information without concretely accessing them (2) We analyzed different category of Apps and observed slight differences in the pattern of access to private information among different categories (3) Downloading apps from big Appstores does not necessarily mean safer and more private apps. We observe that local Chinese shop and Google Play generate similar observations.

Original languageEnglish
Title of host publicationICCCN 2016
Subtitle of host publication2016 25th International Conference on Computer Communications and Networks
Place of PublicationPiscataway, NJ
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Number of pages6
ISBN (Electronic)9781509022793
DOIs
Publication statusPublished - 2016
Externally publishedYes
Event25th International Conference on Computer Communications and Networks, ICCCN 2016 - Waikoloa, United States
Duration: 1 Aug 20164 Aug 2016

Other

Other25th International Conference on Computer Communications and Networks, ICCCN 2016
CountryUnited States
CityWaikoloa
Period1/08/164/08/16

Fingerprint Dive into the research topics of 'A comprehensive investigation of user privacy leakage to android applications'. Together they form a unique fingerprint.

  • Cite this

    Ge, Y., Deng, B., Sun, Y., Tang, L., Sheng, D., Zhao, Y., ... Salamatian, K. (2016). A comprehensive investigation of user privacy leakage to android applications. In ICCCN 2016: 2016 25th International Conference on Computer Communications and Networks Piscataway, NJ: Institute of Electrical and Electronics Engineers (IEEE). https://doi.org/10.1109/ICCCN.2016.7568475