Privacy diffusion on the web: a longitudinal perspective
Proceedings of the 18th international conference on World wide web
On lightweight mobile phone application certification
Proceedings of the 16th ACM conference on Computer and communications security
Semantically Rich Application-Centric Security in Android
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
pBMDS: a behavior-based malware detection system for cellphone devices
Proceedings of the third ACM conference on Wireless network security
Anatomizing application performance differences on smartphones
Proceedings of the 8th international conference on Mobile systems, applications, and services
Proceedings of the 8th international conference on Mobile systems, applications, and services
Proceedings of the ACM SIGCOMM 2010 conference
CODES/ISSS '10 Proceedings of the eighth IEEE/ACM/IFIP international conference on Hardware/software codesign and system synthesis
A first look at traffic on smartphones
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
A first look at mobile hand-held device traffic
PAM'10 Proceedings of the 11th international conference on Passive and active measurement
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
LiveLab: measuring wireless networks and smartphone users in the field
ACM SIGMETRICS Performance Evaluation Review
SystemSens: a tool for monitoring usage in smartphone research deployments
MobiArch '11 Proceedings of the sixth international workshop on MobiArch
Analyzing inter-application communication in Android
MobiSys '11 Proceedings of the 9th international conference on Mobile systems, applications, and services
Profiling resource usage for mobile applications: a cross-layer approach
MobiSys '11 Proceedings of the 9th international conference on Mobile systems, applications, and services
A study of android application security
SEC'11 Proceedings of the 20th USENIX conference on Security
Permission re-delegation: attacks and defenses
SEC'11 Proceedings of the 20th USENIX conference on Security
Crowdroid: behavior-based malware detection system for Android
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Android permissions demystified
Proceedings of the 18th ACM conference on Computer and communications security
Proceedings of the 18th ACM conference on Computer and communications security
Identifying diverse usage behaviors of smartphone apps
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
Dissecting Android Malware: Characterization and Evolution
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
Android permissions: user attention, comprehension, and behavior
Proceedings of the Eighth Symposium on Usable Privacy and Security
Understanding mobile app usage patterns using in-app advertisements
PAM'13 Proceedings of the 14th international conference on Passive and Active Measurement
RERAN: timing- and touch-sensitive record and replay for Android
Proceedings of the 2013 International Conference on Software Engineering
Rise of the planet of the apps: a systematic study of the mobile app ecosystem
Proceedings of the 2013 conference on Internet measurement conference
RILAnalyzer: a comprehensive 3G monitor on your phone
Proceedings of the 2013 conference on Internet measurement conference
Targeted and depth-first exploration for systematic testing of android apps
Proceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages & applications
Vetting undesirable behaviors in android apps with permission use analysis
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
E3: energy-efficient engine for frame rate adaptation on smartphones
Proceedings of the 11th ACM Conference on Embedded Networked Sensor Systems
Static Reference Analysis for GUI Objects in Android Software
Proceedings of Annual IEEE/ACM International Symposium on Code Generation and Optimization
Hi-index | 0.00 |
The Android platform lacks tools for assessing and monitoring apps in a systematic way. This lack of tools is particularly problematic when combined with the open nature of Google Play, the main app distribution channel. As our key contribution, we design and implement ProfileDroid, a comprehensive, multi-layer system for monitoring and profiling apps. Our approach is arguably the first to profile apps at four layers: (a) static, or app specification, (b) user interaction, (c) operating system, and (d) network. We evaluate 27 free and paid Android apps and make several observations: (a) we identify discrepancies between the app specification and app execution, (b) free versions of apps could end up costing more than their paid counterparts, due to an order of magnitude increase in traffic, (c) most network traffic is not encrypted, (d) apps communicate with many more sources than users might expect---as many as 13, and (e) we find that 22 out of 27 apps communicate with Google during execution. ProfileDroid is the first step towards a systematic approach for (a) generating cost-effective but comprehensive app profiles, and (b) identifying inconsistencies and surprising behaviors.