ABSTRACT
Mobile applications frequently access sensitive personal information to meet user or business requirements. Because such information is sensitive in general, regulators increasingly require mobile-app developers to publish privacy policies that describe what information is collected. Furthermore, regulators have fined companies when these policies are inconsistent with the actual data practices of mobile apps. To help mobile-app developers check their privacy policies against their apps' code for consistency, we propose a semi-automated framework that consists of a policy terminology-API method map that links policy phrases to API methods that produce sensitive information, and information flow analysis to detect misalignments. We present an implementation of our framework based on a privacy-policy-phrase ontology and a collection of mappings from API methods to policy phrases. Our empirical evaluation on 477 top Android apps discovered 341 potential privacy policy violations.
- FTC report on Credit Karma and Fandango. https://www.ftc.gov/news-events/press-releases/2014/03/fandango-credit-karma-settle-ftc-charges-they-deceived-consumers, 2014.Google Scholar
- FTC report on Snapchat. https://www.ftc.gov/news-events/press-releases/2014/06/ftc-testifies-geolocation-privacy, 2014.Google Scholar
- Developer economics q1 2015: State of the developer nation. https://www.developereconomics.com/reports/developer-economics-q1-2015/, 2015.Google Scholar
- Permissions. https://developer.android.com/preview/features/runtime-permissions.html, 2015.Google Scholar
- Smartphone os market share, q1 2015. http://www.idc.com/prodserv/smartphone-os-market-share.jsp, 2015.Google Scholar
- S. Arzt, S. Rasthofer, C. Fritz, E. Bodden, A. Bartel, J. Klein, Y. Le Traon, D. Octeau, and P. McDaniel. Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. In Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, pages 259--269, 2014. Google ScholarDigital Library
- K. W. Y. Au, Y. F. Zhou, Z. Huang, and D. Lie. Pscout: analyzing the android permission specification. In Proceedings of the 2012 ACM conference on Computer and communications security, pages 217--228. ACM, 2012. Google ScholarDigital Library
- E. Bello-Ogunu and M. Shehab. Permitme: integrating android permissioning support in the ide. In Proceedings of the 2014 Workshop on Eclipse Technology eXchange, pages 15--20. ACM, 2014. Google ScholarDigital Library
- J. Bhatia and T. Breaux. Towards an information type lexicon for privacy policies. In 8th IEEE International Workshop on Requirements Engineering and Law (RELAW), pages 19--24, 2015.Google ScholarCross Ref
- J. Bradshaw, A. Uszok, R. Jeffers, N. Suri, P. Hayes, M. Burstein, A. Acquisti, B. Benyo, M. Breedy, M. Carvalho, et al. Representation and reasoning for daml-based policy and domain services in kaos and nomads. In Proceedings of the second international joint conference on Autonomous agents and multiagent systems, pages 835--842. ACM, 2003. Google ScholarDigital Library
- T. Breaux and F. Schaub. Scaling requirements extraction to the crowd: Experiments on privacy policies. In 22nd IEEE International Requirements Engineering Conference (RE'14), pages 163--172, 2014.Google ScholarCross Ref
- T. D. Breaux, H. Hibshi, and A. Rao. Eddy, a formal language for specifying and analyzing data flow specifications for conflicting privacy requirements. Requirements Engineering, 19(3):281--307, 2014. Google ScholarDigital Library
- H. Chen, F. Perich, T. Finin, and A. Joshi. Soupa: Standard ontology for ubiquitous and pervasive applications. In Mobile and Ubiquitous Systems: Networking and Services, 2004. MOBIQUITOUS 2004. The First Annual International Conference on, pages 258--267. IEEE, 2004.Google ScholarCross Ref
- J. Cohen. A coefficient of agreement for nominal scales. Educational and Psychological Measurement, 20:37--46, 1960.Google ScholarCross Ref
- W. Enck, P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, OSDI'10, pages 1--6, 2010. Google ScholarDigital Library
- A. P. Felt, E. Chin, S. Hanna, D. Song, and D. Wagner. Android permissions demystified. In Proceedings of the 18th ACM conference on Computer and communications security, pages 627--638. ACM, 2011. Google ScholarDigital Library
- A. P. Fuchs, A. Chaudhuri, and J. S. Foster. Scandroid: Automated security certification of android applications. Manuscript, Univ. of Maryland, http://www.cs.umd.edu/avik/projects/scandroidascaa, 2(3), 2009.Google Scholar
- F. L. Gandon and N. M. Sadeh. Semantic web technologies to reconcile privacy and context awareness. Web Semantics: Science, Services and Agents on the World Wide Web, 1(3):241--260, 2004.Google ScholarCross Ref
- J. Godfrey and C. Bernard. State of the app economy 2014. 2014.Google Scholar
- M. Grüninger and M. S. Fox. Methodology for the design and evaluation of ontologies. 1995.Google Scholar
- K. D. Harris. Privacy on the Go: Recommendations for the Mobile Ecosystem. 2013.Google Scholar
- L. Kagal, T. Finin, M. Paolucci, N. Srinivasan, K. Sycara, and G. Denker. Authorization and privacy for semantic web services. Intelligent Systems, IEEE, 19(4):50--56, 2004. Google ScholarDigital Library
- P. G. Kelley, L. F. Cranor, and N. Sadeh. Privacy as part of the app decision-making process. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pages 3393--3402. ACM, 2013. Google ScholarDigital Library
- L. Lu, Z. Li, Z. Wu, W. Lee, and G. Jiang. Chex: Statically vetting android apps for component hijacking vulnerabilities. In Proceedings of the 2012 ACM Conference on Computer and Communications Security, pages 229--240, 2012. Google ScholarDigital Library
- C. D. Manning, P. Raghavan, H. Schütze, et al. Introduction to information retrieval, volume 1. Cambridge university press Cambridge, 2008. Google ScholarCross Ref
- S. Matsumoto and K. Sakurai. A proposal for the privacy leakage verification tool for android application developers. In Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication, page 54. ACM, 2013. Google ScholarDigital Library
- S. Papadopoulos and A. Popescu. Privacy awareness and user empowerment in online social networking settings. http://www.computer.org/web/computingnow/archive/january2015, 2015.Google Scholar
- G. Petronella. Analyzing Privacy of Android Apps. PhD thesis, Politecnico di Milano, 2014.Google Scholar
- S. Rasthofer, S. Arzt, and E. Bodden. A machine-learning approach for classifying and categorizing android sources and sinks. In 2014 Network and Distributed System Security Symposium (NDSS), 2014.Google ScholarCross Ref
- J. R. Reidenberg, J. Bhatia, T. D. Breaux, and T. B. Norton. Automated comparisons of ambiguity in privacy policies and the impact of regulation. Journal of Legal Studies, 2016.Google ScholarCross Ref
- J. R. Reidenberg, T. Breaux, L. F. Cranor, B. French, A. Grannis, J. T. Graves, F. Liu, A. M. McDonald, T. B. Norton, R. Ramanath, et al. Disagreeable privacy policies: Mismatches between meaning and usersŠ understanding. 2014.Google Scholar
- M. Rowan and J. Dehlinger. Encouraging privacy by design concepts with privacy policy auto-generation in eclipse (page). In Proceedings of the 2014 Workshop on Eclipse Technology eXchange, pages 9--14. ACM, 2014. Google ScholarDigital Library
- J. Saldana. The Coding Manual for Qualitative Researchers. SAGE Publications, 2012.Google Scholar
- K. Tam, S. J. Khan, A. Fattori, and L. Cavallaro. Copperdroid: Automatic reconstruction of android malware behaviors. In 22nd Annual Network and Distributed System Security Symposium, 2015.Google ScholarCross Ref
- A. Uszok, J. M. Bradshaw, J. Lott, M. Breedy, L. Bunch, P. Feltovich, M. Johnson, and H. Jung. New developments in ontology-based policy management: Increasing the practicality and comprehensiveness of kaos. In Policies for Distributed Systems and Networks, 2008. POLICY 2008. IEEE Workshop on, pages 145--152. IEEE, 2008. Google ScholarDigital Library
- T. Vidas, N. Christin, and L. Cranor. Curbing android permission creep. In Proceedings of the Web, volume 2, 2011.Google Scholar
- S. Wadkar and T. Breaux. Towards an information ontology for personal privacy. Technical report.Google Scholar
- T. Warren. Google touts 1 billion active android users per month. http://www.theverge.com/2014/6/25/5841924/google-android-users-1-billion-stats/, 2014.Google Scholar
- Z. Yang and M. Yang. Leakminer: Detect information leakage on android with static taint analysis. In Proceedings of the 2012 Third World Congress on Software Engineering, pages 101--104, 2012. Google ScholarDigital Library
- R. Yin. Case Study Research: Design and Methods. SAGE Publications, 2013.Google Scholar
- Y. Zhang, M. Yang, B. Xu, Z. Yang, G. Gu, P. Ning, X. S. Wang, and B. Zang. Vetting undesirable behaviors in android apps with permission use analysis. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pages 611--622. ACM, 2013. Google ScholarDigital Library
- L. X. Zhao. Privacy sensitive resource access monitoring for android systems. Master's thesis, Rochester Institute of Technology, 2014.Google Scholar
Index Terms
- Toward a framework for detecting privacy policy violations in android application code
Recommendations
PTPDroid: Detecting Violated User Privacy Disclosures to Third-Parties of Android Apps
ICSE '23: Proceedings of the 45th International Conference on Software EngineeringAndroid apps frequently access personal information to provide customized services. Since such information is sensitive in general, regulators require Android app vendors to publish privacy policies that describe what information is collected and why ...
Taming web views in the detection of Android privacy leaks
HotSoS '19: Proceedings of the 6th Annual Symposium on Hot Topics in the Science of SecurityBillions of smartphone users force both technical and non-technical facilities to publish their applications in market. One of the easiest ways to create an application for non-techies is by transferring their existing website using WebView. Current ...
Evaluating the Privacy Policy of Android Apps: A Privacy Policy Compliance Study for Popular Apps in China and Europe
Recently, with the increase in the market share of the Android system and the sharp increase in the number of Android mobile apps, many countries and regions have successively launched laws and regulations related to data security. The EU’s GDPR and China’...
Comments