MockDroid: trading privacy for application functionality on smartphones

Authors:
Alastair R. Beresford;Andrew Rice;Nicholas Skehin;Ripduman Sohan
Affiliations:
University of Cambridge, Cambridge, United Kingdom;University of Cambridge, Cambridge, United Kingdom;University of Cambridge, Cambridge, United Kingdom;University of Cambridge, Cambridge, United Kingdom
Venue:
Proceedings of the 12th Workshop on Mobile Computing Systems and Applications
Year:
2011

Citing 2
Cited 27

Security-by-contract on the .NET platform

Information Security Tech. Report
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones

OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation

Privacy revelations for web and mobile apps

HotOS'13 Proceedings of the 13th USENIX conference on Hot topics in operating systems
Taming information-stealing smartphone applications (on Android)

TRUST'11 Proceedings of the 4th international conference on Trust and trustworthy computing
L4Android: a generic operating system framework for secure smartphones

Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
These aren't the droids you're looking for: retrofitting android to protect data from imperious applications

Proceedings of the 18th ACM conference on Computer and communications security
Detecting repackaged smartphone applications in third-party android marketplaces

Proceedings of the second ACM conference on Data and Application Security and Privacy
Don't kill my ads!: balancing privacy in an ad-supported mobile application market

Proceedings of the Twelfth Workshop on Mobile Computing Systems & Applications
Defending users against smartphone apps: techniques and future directions

ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Collaborative privacy management for third-party applications in online social networks

Proceedings of the 1st Workshop on Privacy and Security in Online Social Media
Unsafe exposure analysis of mobile in-app advertisements

Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks
MOSES: supporting operation modes on smartphones

Proceedings of the 17th ACM symposium on Access Control Models and Technologies
RiskRanker: scalable and accurate zero-day android malware detection

Proceedings of the 10th international conference on Mobile systems, applications, and services
Expectation and purpose: understanding users' mental models of mobile app privacy through crowdsourcing

Proceedings of the 2012 ACM Conference on Ubiquitous Computing
Dr. Android and Mr. Hide: fine-grained permissions in android applications

Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices
Short paper: enhancing users' comprehension of android permissions

Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices
OVERRIDE: a mobile privacy framework for context-driven perturbation and synthesis of sensor data streams

Proceedings of the Third International Workshop on Sensing Applications on Mobile Phones
Practicality of accelerometer side channels on smartphones

Proceedings of the 28th Annual Computer Security Applications Conference
ProtectMyPrivacy: detecting and mitigating privacy leaks on iOS devices using crowdsourcing

Proceeding of the 11th annual international conference on Mobile systems, applications, and services
RetroSkeleton: retrofitting android apps

Proceeding of the 11th annual international conference on Mobile systems, applications, and services
Bind your phone number with caution: automated user profiling through address book matching on smartphone

Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Identity, location, disease and more: inferring your secrets from android public resources

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
The impact of vendor customizations on android security

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
FireDroid: hardening security in almost-stock Android

Proceedings of the 29th Annual Computer Security Applications Conference
Enabling fine-grained permissions for augmented reality applications with recognizers

SEC'13 Proceedings of the 22nd USENIX conference on Security
DIVILAR: diversifying intermediate language for anti-repackaging on android platform

Proceedings of the 4th ACM conference on Data and application security and privacy
Information leakage through mobile analytics services

Proceedings of the 15th Workshop on Mobile Computing Systems and Applications
Reconciling mobile app privacy and usability on smartphones: could user privacy profiles help?

Proceedings of the 23rd international conference on World wide web
ipShield: a framework for enforcing context-aware privacy

NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation

Quantified Score

Hi-index	0.00

Visualization

Abstract

MockDroid is a modified version of the Android operating system which allows a user to 'mock' an application's access to a resource. This resource is subsequently reported as empty or unavailable whenever the application requests access. This approach allows users to revoke access to particular resources at run-time, encouraging users to consider the trade-off between functionality and the disclosure of personal information whilst they use an application. Existing applications continue to work on MockDroid, possibly with reduced functionality, since existing applications are already written to tolerate resource failure, such as network unavailability or lack of a GPS signal. We demonstrate the practicality of our approach by successfully running a random sample of twenty-three popular applications from the Android Market.