Resolving the Predicament of Android Custom Permissions (original) (raw)

Mules and Permission Laundering in Android: Dissecting Custom Permissions in the Wild

IEEE Transactions on Dependable and Secure Computing

Android implements a permission system to regulate apps' access to system resources and sensitive user data. One salient feature of this system is its extensibility: apps can define their own custom permissions to expose features and data to other apps. However, little is known about how widespread the usage of custom permissions is, and what is the impact that these permissions can have on users' privacy and security. In this paper, we empirically study the usage of custom permissions at large scale, using a dataset of 2.2M pre-installed and app-store-downloaded apps. We find the usage of custom permissions to be widespread, and seemingly growing over time. Despite this prevalence, we find that custom permissions are virtually invisible to end users, and their purpose mostly undocumented. This lack of transparency can lead to serious security and privacy problems: we show that custom permissions can facilitate access to permission-protected system resources to apps that lack those permissions without user awareness. To detect this practice, we design and implement two static analysis tools, and highlight multiple concerning cases spotted in the wild. We conclude this study with a discussion of potential solutions to mitigate the privacy and security risks of custom permissions.

PScout: Analyzing the Android Permission Specification

Modern smartphone operating systems (OSs) have been developed with a greater emphasis on security and protecting privacy. One of the mechanisms these systems use to protect users is a permission system, which requires developers to declare what sensitive resources their applications will use, has users agree with this request when they install the application and constrains the application to the requested resources during runtime. As these permission systems become more common, questions have risen about their design and implementation. In this paper, we perform an analysis of the permission system of the Android smartphone OS in an attempt to begin answering some of these questions. Because the documentation of Android's permission system is incomplete and because we wanted to be able to analyze several versions of Android, we developed PScout, a tool that extracts the permission specification from the Android OS source code using static analysis. PScout overcomes several challenges, such as scalability due to Android's 3.4 million line code base, accounting for permission enforcement across processes due to Android's use of IPC, and abstracting Android's diverse permission checking mechanisms into a single primitive for analysis.

Modeling and enhancing Android’s permission system

2012

Several works have recently shown that Android's security architecture cannot prevent many undesired behaviors that compromise the integrity of applications and the privacy of their data. This paper makes two main contributions to the body of research on Android security: first, it develops a formal framework for analyzing Android-style security mechanisms; and, second, it describes the design and implementation of Sorbet, an enforcement system that enables developers to use permissions to specify secrecy and integrity policies.

An Overview of Security Challenges of Android Apps Permissions

2014

In the last five years there has been observed a drastic shift from PC, laptops to smart phones for accessing internet services. The increased dependence on mobile apps brings into light the security risks associated with these apps. The large number of freely available apps in market days sometimes request more permissions than they use, and this fact is usually unknown to the user. Open source platform android makes it easier to introduce such flaws intentionally and steal the confidential information such as personal contacts, passwords etc. The paper presents the analysis of the survey work of vulnerabilities in android apps. The vulnerability analysis of a sample designed android app with over privileged permissions, and content leaks associated with such apps. The security measures practices that should be followed while setting the permissions have also been discussed.

A Comprehensive Analysis of the Android Permissions System

IEEE Access, 2020

Android is one of the most essential and highly used operating systems. Android permissions system is a core security component that offers an access-control mechanism to protect system resources and users' privacy. As such, it has experienced continuous change over each Android release. However, previous research on the permissions system has employed static analysis techniques. Furthermore, most of these studies are outdated, covering older versions of Android. This paper aims to discuss the permissions system intensively to provide a nutshell overview of the Android platform's access-control mechanism. The paper presents a comprehensive analysis of the Android permissions system since it was introduced in 2008 until now, accompanied by a formal model of its components. The results of the analysis reveal a continuous growth in the number of permissions since the original release-a growth of seven times in some permission categories. A case study has been conducted for the last five years' versions of the top Android apps to examine the permissions system's evolution and its attendant security issues from the applications' perspective. Some apps showed an increase in permissions usage of 73.33% by the 2020 release. Additionally, the results of the case study contribute to the understanding of permissions deployment by both vendors and developers. Finally, a discussion of the permission-based security enhancements discloses that the Android permissions system faces various security issues. In general, this paper provides researchers and academics an up-to-date, comprehensive, self-contained reference study of the Android permissions system.

AppGuard – Fine-Grained Policy Enforcement for Untrusted Android Applications

Lecture Notes in Computer Science, 2014

Android's success makes it a prominent target for malicious software. However, the user has very limited control over security-relevant operations. This work presents AppGuard, a powerful and flexible security system that overcomes these deficiencies. It enforces user-defined security policies on untrusted Android applications without requiring any changes to a smartphone's firmware, root access, or the like. Finegrained and stateful security policies are expressed in a formal specification language, which also supports secrecy requirements. Our system offers complete mediation of security-relevant methods based on calleesite inline reference monitoring and supports widespread deployment. In the experimental analysis we demonstrate the removal of permissions for overly curious apps as well as how to defend against several recent real-world attacks on Android phones. Our technique exhibits very little space and runtime overhead. The utility of AppGuard has already been demonstrated by more than 1,000,000 downloads.

Abusing Android permissions: A security perspective

2017 IEEE Jordan Conference on Applied Electrical Engineering and Computing Technologies (AEECT), 2017

The drastic increase of mobile apps and its direct impact on the security of user's device and data cannot be neglected. Such data nowadays is related to (almost) all life aspects. Even with the growing awareness to develop more secure apps, but still existed mobile apps found on app stores cannot be considered fully benign. This paper is giving a special attention to Android permissions and how they can be abused by security attacks. Most rated education apps have been selected to perform deep permissions analysis and categorization in terms of protection level and mostly abused ones. Moreover, the apps have been examined to check if they support advertisements or not. The results reveal that 80.3% of the apps are requesting permissions more than what they need and actually used. Consequently, such over-privileged apps would be exposed to serious malicious behaviors. The paper discusses possible solutions to overcome this issue and suggests possible ways to select the required ...

Context Aware Dynamic Permission Model: A Retrospect of Privacy and Security in Android System

Android security has been a topic of concern lately in both academic and industrial research because of various occurrence of privacy leaks and security breach on these devices. The security model of Android operating system is based on a permission based mechanism which limits the access of any third-party application to critical resources of the mobile device. This mechanism has been broadly condemned for its coarse-grained control over system resources and inappropriate authorization of permissions by application developers, advertisers and end users. This paper inspects the emerging issues in permission based security mechanisms and proposes the concept of context aware dynamic permissions model (CAPM) for Android systems. The proposed model deals with the dynamic enforcement of permissions to a particular application according to the defined context without user's intervention. Our model assign profiles to different applications based on their functional groups and these profiles contain a set of permissions with some associated context. The context can be based upon system or sensor sources. This way, if the data is private or confidential, the permissions set ought to be stricter than usual. Our concept is unique as it associates context with permissions as opposed to the existing model of assigning permissions according to applications functionality. This concept can be proved helpful in protecting user's private data from being leaked simply by modifying the existing resource access mechanism.

An Investigation into Android Run-time Permissions from the End Users' Perspective

To protect the privacy of end users from intended or unintended malicious behaviour, the Android operating system provides a permissions-based security model that restricts access to privacyrelevant parts of the platform. Starting with Android 6, the permission system has been revamped, moving to a run-time model. Users are now prompted for confirmation when an app attempts to access a restricted part of the platform.