CICC: A Fine-grained, Semantic-aware, and Transparent Approach to Preventing Permission Leaks for Android Permission Managers
Conference Proceeding Article
Android's permission system offers an all-or-nothing installation choice for users. To make it more flexible, users may choose a popular app tool, called permission manager, to selectively grant or revoke an app's permissions at runtime. A fundamental requirement for such permission manager is that the granted or revoked permissions should be enforced faithfully. However, we discover that none of existing permission managers meet this requirement due to permission leaks. To address this problem, we propose CICC, a fine-grained, semantic-aware, and transparent approach for any permission managers to defend against the permission leaks. Compared to existing solutions, CICC is fine-grained because it detects the permission leaks using call-chain information at the component instance level, instead of at the app level or component level. The fine-grained feature enables it to generate a minimal impact on the usability of running apps. CICC is semantic-aware in a sense that it manages call-chains in the whole lifecycle of each component instance. CICC is transparent to users and app developers, and it requires minor modification to permission managers. Our evaluation shows that CICC incurs relatively low performance overhead and power consumption.
permission manager, permission leaks, Android, call-chain
Computer Sciences | Information Security
WiSec '15: Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks, June 22-26, 2015, New York
City or Country
WANG, Daibin; YAO, Haixia; Yingjiu LI; JIN, Hai; ZOU, Deqing; and DENG, Robert H..
CICC: A Fine-grained, Semantic-aware, and Transparent Approach to Preventing Permission Leaks for Android Permission Managers. (2015). WiSec '15: Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks, June 22-26, 2015, New York. 1-6. Research Collection School Of Information Systems.
Available at: http://ink.library.smu.edu.sg/sis_research/2881