AppProfiler: A Flexible Method of Exposing Privacy-Related Behavior - - PowerPoint PPT Presentation

appprofiler a flexible method of exposing privacy related
SMART_READER_LITE
LIVE PREVIEW

AppProfiler: A Flexible Method of Exposing Privacy-Related Behavior - - PowerPoint PPT Presentation

Dec 08, 2022 14 likes •385 views

AppProfiler: A Flexible Method of Exposing Privacy-Related Behavior in Android Applications to End Users Sanae Rosen 1 Zhiyun Qian 2 Z. Morley Mao 1 1 University of Michigan Ann Arbor, MI 2 NEC Labs coe-cse-vert Motivation Implementation

slide-1
SLIDE 1

coe-cse-vert

AppProfiler: A Flexible Method of Exposing Privacy-Related Behavior in Android Applications to End Users

Sanae Rosen1 Zhiyun Qian2

  • Z. Morley Mao1

1University of Michigan

Ann Arbor, MI

2NEC Labs

slide-2
SLIDE 2

coe-cse-vert Motivation Implementation Details Analysis Summary

The Problem

Smartphones have lots of personal data, lots of apps: privacy concerns. Hard to make informed decisions about what applications to install.

Filtering malware not enough. Privacy-intrusive applications may be acceptable for some but not others.

Goal: Let users know what their apps do, in terms of privacy-sensitive behavior.

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 2 / 16

slide-3
SLIDE 3

coe-cse-vert Motivation Implementation Details Analysis Summary

What about existing approaches?

Permissions are supposed to tell users how their applications behave

May be vague or even incorrect Many so prevalent that users are likely to ignore them Inflexible to modification

Many proposals to improve the permission system

We focus on immediate solutions

Many proposals protect against smartphone-specific attacks or malware

We focus on legitimate apps

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 3 / 16

slide-4
SLIDE 4

coe-cse-vert Motivation Implementation Details Analysis Summary

What about existing approaches?

Permissions are supposed to tell users how their applications behave

May be vague or even incorrect Many so prevalent that users are likely to ignore them Inflexible to modification

Many proposals to improve the permission system

We focus on immediate solutions

Many proposals protect against smartphone-specific attacks or malware

We focus on legitimate apps

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 3 / 16

slide-5
SLIDE 5

coe-cse-vert Motivation Implementation Details Analysis Summary

What about existing approaches?

Permissions are supposed to tell users how their applications behave

May be vague or even incorrect Many so prevalent that users are likely to ignore them Inflexible to modification

Many proposals to improve the permission system

We focus on immediate solutions

Many proposals protect against smartphone-specific attacks or malware

We focus on legitimate apps

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 3 / 16

slide-6
SLIDE 6

coe-cse-vert Motivation Implementation Details Analysis Summary

Our Solution

Large-Scale Analysis Android Application Static Analysis to Identify Behaviors

  • f Interest

Download From Market and Decompile Detailed Profiles User-Friendly Profiles Create Knowledge Base

Automatically create profiles

  • f application behavior
  • ffline.

Knowledge base mapping API calls to behaviors of interest Use static analysis to find these behaviors

Provide profiles to end users Also useful for more broadly understanding app behavior Flexible: Rules/profiles can easily be adapted

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 4 / 16

slide-7
SLIDE 7

coe-cse-vert Motivation Implementation Details Analysis Summary

Our Solution

Large-Scale Analysis Android Application Static Analysis to Identify Behaviors

  • f Interest

Download From Market and Decompile Detailed Profiles User-Friendly Profiles Create Knowledge Base

Automatically create profiles

  • f application behavior
  • ffline.

Knowledge base mapping API calls to behaviors of interest Use static analysis to find these behaviors

Provide profiles to end users Also useful for more broadly understanding app behavior Flexible: Rules/profiles can easily be adapted

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 4 / 16

slide-8
SLIDE 8

coe-cse-vert Motivation Implementation Details Analysis Summary

Our Solution

Large-Scale Analysis Android Application Static Analysis to Identify Behaviors

  • f Interest

Download From Market and Decompile Detailed Profiles User-Friendly Profiles Create Knowledge Base

Automatically create profiles

  • f application behavior
  • ffline.

Knowledge base mapping API calls to behaviors of interest Use static analysis to find these behaviors

Provide profiles to end users Also useful for more broadly understanding app behavior Flexible: Rules/profiles can easily be adapted

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 4 / 16

slide-9
SLIDE 9

coe-cse-vert Motivation Implementation Details Analysis Summary

Our Solution

Large-Scale Analysis Android Application Static Analysis to Identify Behaviors

  • f Interest

Download From Market and Decompile Detailed Profiles User-Friendly Profiles Create Knowledge Base

Automatically create profiles

  • f application behavior
  • ffline.

Knowledge base mapping API calls to behaviors of interest Use static analysis to find these behaviors

Provide profiles to end users Also useful for more broadly understanding app behavior Flexible: Rules/profiles can easily be adapted

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 4 / 16

slide-10
SLIDE 10

coe-cse-vert Motivation Implementation Details Analysis Summary

Our Solution

Large-Scale Analysis Android Application Static Analysis to Identify Behaviors

  • f Interest

Download From Market and Decompile Detailed Profiles User-Friendly Profiles Create Knowledge Base

Automatically create profiles

  • f application behavior
  • ffline.

Knowledge base mapping API calls to behaviors of interest Use static analysis to find these behaviors

Provide profiles to end users Also useful for more broadly understanding app behavior Flexible: Rules/profiles can easily be adapted

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 4 / 16

slide-11
SLIDE 11

coe-cse-vert Motivation Implementation Details Analysis Summary

Our Solution

Large-Scale Analysis Android Application Static Analysis to Identify Behaviors

  • f Interest

Download From Market and Decompile Detailed Profiles User-Friendly Profiles Create Knowledge Base

Automatically create profiles

  • f application behavior
  • ffline.

Knowledge base mapping API calls to behaviors of interest Use static analysis to find these behaviors

Provide profiles to end users Also useful for more broadly understanding app behavior Flexible: Rules/profiles can easily be adapted

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 4 / 16

slide-12
SLIDE 12

coe-cse-vert Motivation Implementation Details Analysis Summary

Basic Assumptions and Limitations

We do not attempt to detect malware or applications that

  • therwise subvert the Android framework API

We do not currently address native code We supplement (instead of replacing) the permission system Our target audience is privacy-concerned users who are concerned about how apps behave

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 5 / 16

slide-13
SLIDE 13

coe-cse-vert Motivation Implementation Details Analysis Summary

Step 1: Build the Knowledge Base

Mapping of API call patterns to behavior labels Identify high-priority API calls Refine mappings with domain-specific knowledge Frequency analysis of classes and methods

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 6 / 16

slide-14
SLIDE 14

coe-cse-vert Motivation Implementation Details Analysis Summary

Step 1: Build the Knowledge Base

Mapping of API call patterns to behavior labels Identify high-priority API calls Refine mappings with domain-specific knowledge Frequency analysis of classes and methods

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 6 / 16

slide-15
SLIDE 15

coe-cse-vert Motivation Implementation Details Analysis Summary

Step 1: Build the Knowledge Base

Mapping of API call patterns to behavior labels Identify high-priority API calls Refine mappings with domain-specific knowledge Frequency analysis of classes and methods

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 6 / 16

slide-16
SLIDE 16

coe-cse-vert Motivation Implementation Details Analysis Summary

Step 1: Build the Knowledge Base

Mapping of API call patterns to behavior labels Identify high-priority API calls Refine mappings with domain-specific knowledge Frequency analysis of classes and methods

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 6 / 16

slide-17
SLIDE 17

coe-cse-vert Motivation Implementation Details Analysis Summary

Example Knowledge Base Entry

Category: Location - Type Subcategory: Regional data - State FunctionCall call: call.function.enclosingClass.name startsWith "android.location.Address" and call.function.name == "getAdminArea" FunctionCall call: call.function.enclosingClass.name startsWith "android.location.Address" and call.function.name == "getSubAdminArea"

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 7 / 16

slide-18
SLIDE 18

coe-cse-vert Motivation Implementation Details Analysis Summary

Step 2: Apply to applications

Find rule matches in decompiled app Identify which rules belong to ad libraries Identify behaviors from multiple rules (e.g. photo with no preview) Convert data into user-readable profiles User Profiles Simplify and focus

  • n key behaviors

Technical Profiles

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 8 / 16

slide-19
SLIDE 19

coe-cse-vert Motivation Implementation Details Analysis Summary

Step 2: Apply to applications

Find rule matches in decompiled app Identify which rules belong to ad libraries Identify behaviors from multiple rules (e.g. photo with no preview) Convert data into user-readable profiles User Profiles Simplify and focus

  • n key behaviors

Technical Profiles

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 8 / 16

slide-20
SLIDE 20

coe-cse-vert Motivation Implementation Details Analysis Summary

Step 2: Apply to applications

Find rule matches in decompiled app Identify which rules belong to ad libraries Identify behaviors from multiple rules (e.g. photo with no preview) Convert data into user-readable profiles User Profiles Simplify and focus

  • n key behaviors

Technical Profiles

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 8 / 16

slide-21
SLIDE 21

coe-cse-vert Motivation Implementation Details Analysis Summary

Step 2: Apply to applications

Find rule matches in decompiled app Identify which rules belong to ad libraries Identify behaviors from multiple rules (e.g. photo with no preview) Convert data into user-readable profiles User Profiles Simplify and focus

  • n key behaviors

Technical Profiles

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 8 / 16

slide-22
SLIDE 22

coe-cse-vert Motivation Implementation Details Analysis Summary

Step 2: Apply to applications

Find rule matches in decompiled app Identify which rules belong to ad libraries Identify behaviors from multiple rules (e.g. photo with no preview) Convert data into user-readable profiles User Profiles Simplify and focus

  • n key behaviors

Technical Profiles

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 8 / 16

slide-23
SLIDE 23

coe-cse-vert Motivation Implementation Details Analysis Summary

Example Profile Excerpt

Technical Profiles Use GPS or network latitude/longitude (broadcast receiver) Updates every 1s or less (activity) (jumptap library) Proximity to location (activity, on click) User-Friendly Profiles Gathers fairly precise location data (e.g. GPS) Uses more of your phone’s resources than recommended to gather location data Concerned with your proximity to a given location

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 9 / 16

slide-24
SLIDE 24

coe-cse-vert Motivation Implementation Details Analysis Summary

Step 3: Make available to users (+ request feedback)

We have about 50 000 profiles available!

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 10 / 16

slide-25
SLIDE 25

coe-cse-vert Motivation Implementation Details Analysis Summary

What benefit do they provide over permissions?

Based off the feedback submitted: Provide more specific information that is relevant to users. Examples:

Cookies flagged as objectionable 23% of the time vs 6% for Internet use in general

Behavior not covered by permissions can be objectionable

E.g. accelerometer (info about user movement patterns?)

Users care about non-malicious but privacy-intrusive behavior

Users not that concerned about SMS messages Users mostly concerned about behavior affecting privacy

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 11 / 16

slide-26
SLIDE 26

coe-cse-vert Motivation Implementation Details Analysis Summary

What benefit do they provide over permissions?

Based off the feedback submitted: Provide more specific information that is relevant to users. Examples:

Cookies flagged as objectionable 23% of the time vs 6% for Internet use in general

Behavior not covered by permissions can be objectionable

E.g. accelerometer (info about user movement patterns?)

Users care about non-malicious but privacy-intrusive behavior

Users not that concerned about SMS messages Users mostly concerned about behavior affecting privacy

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 11 / 16

slide-27
SLIDE 27

coe-cse-vert Motivation Implementation Details Analysis Summary

What benefit do they provide over permissions?

Based off the feedback submitted: Provide more specific information that is relevant to users. Examples:

Cookies flagged as objectionable 23% of the time vs 6% for Internet use in general

Behavior not covered by permissions can be objectionable

E.g. accelerometer (info about user movement patterns?)

Users care about non-malicious but privacy-intrusive behavior

Users not that concerned about SMS messages Users mostly concerned about behavior affecting privacy

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 11 / 16

slide-28
SLIDE 28

coe-cse-vert Motivation Implementation Details Analysis Summary

Case Study - Facebook

Findings (manually confirmed):

Intrusive and frequent location data, phone number, info about the carrier However, mostly occurs only in response to direct user input Did not detect SMS-related behavior, even though it asks for related permission

In short, permissions make it look worse than it really is! More detailed/more contextual information is important to really understand what is happening

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 12 / 16

slide-29
SLIDE 29

coe-cse-vert Motivation Implementation Details Analysis Summary

Case Study - Facebook

Findings (manually confirmed):

Intrusive and frequent location data, phone number, info about the carrier However, mostly occurs only in response to direct user input Did not detect SMS-related behavior, even though it asks for related permission

In short, permissions make it look worse than it really is! More detailed/more contextual information is important to really understand what is happening

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 12 / 16

slide-30
SLIDE 30

coe-cse-vert Motivation Implementation Details Analysis Summary

Accuracy

False negatives often occurred due to decompilation errors; better tools will have a big impact

15% in random applications 10% in popular applications

False positives occur primarily due to inactive third-party libraries

16% rate in random applications 23% in popular applications

Although we do not attempt to address malware, detected 59% of malicious behaviors

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 13 / 16

slide-31
SLIDE 31

coe-cse-vert Motivation Implementation Details Analysis Summary

Accuracy

False negatives often occurred due to decompilation errors; better tools will have a big impact

15% in random applications 10% in popular applications

False positives occur primarily due to inactive third-party libraries

16% rate in random applications 23% in popular applications

Although we do not attempt to address malware, detected 59% of malicious behaviors

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 13 / 16

slide-32
SLIDE 32

coe-cse-vert Motivation Implementation Details Analysis Summary

Accuracy

False negatives often occurred due to decompilation errors; better tools will have a big impact

15% in random applications 10% in popular applications

False positives occur primarily due to inactive third-party libraries

16% rate in random applications 23% in popular applications

Although we do not attempt to address malware, detected 59% of malicious behaviors

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 13 / 16

slide-33
SLIDE 33

coe-cse-vert Motivation Implementation Details Analysis Summary

Large-Scale Trends

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 14 / 16

slide-34
SLIDE 34

coe-cse-vert Motivation Implementation Details Analysis Summary

Large-Scale Trends

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 14 / 16

slide-35
SLIDE 35

coe-cse-vert Motivation Implementation Details Analysis Summary

Large-Scale Trends

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 14 / 16

slide-36
SLIDE 36

coe-cse-vert Motivation Implementation Details Analysis Summary

Summary

Behavior profiles of applications can be automatically created using a knowledge base of API calls. These profiles allow users (as well as researchers) to better understand application behavior. For more information: http://appprofiles.eecs.umich.edu To download the app: https://play.google.com/store/apps/details?id=com.appdescriber

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 15 / 16

slide-37
SLIDE 37

coe-cse-vert Motivation Implementation Details Analysis Summary

Questions?

Sanae Rosen, Zhiyun Qian, Z. Morley Mao CODASPY 2013 16 / 16