Discovering and understanding android sensor usage behaviors with data flow analysis

Xing Liu, Jiqiang Liu, Wei Wang, Yongzhong He, Xiangliang Zhang

Research output: Contribution to journalArticlepeer-review

24 Scopus citations

Abstract

Today’s Android-powered smartphones have various embedded sensors that measure the acceleration, orientation, light and other environmental conditions. Many functions in the third-party applications (apps) need to use these sensors. However, embedded sensors may lead to security issues, as the third-party apps can read data from these sensors without claiming any permissions. It has been proven that embedded sensors can be exploited by well designed malicious apps, resulting in leaking users’ privacy. In this work, we are motivated to provide an overview of sensor usage patterns in current apps by investigating what, why and how embedded sensors are used in the apps collected from both a Chinese app. market called “AppChina” and the official market called “Google Play”. To fulfill this goal, We develop a tool called “SDFDroid” to identify the used sensors’ types and to generate the sensor data propagation graphs in each app. We then cluster the apps to find out their sensor usage patterns based on their sensor data propagation graphs. We apply our method on 22,010 apps collected from AppChina and 7,601 apps from Google Play. Extensive experiments are conducted and the experimental results show that most apps implement their sensor related functions by using the third-party libraries. We further study the sensor usage behaviors in the third-party libraries. Our results show that the accelerometer is the most frequently used sensor. Though many third-party libraries use no more than four types of sensors, there are still some third-party libraries registering all the types of sensors recklessly. These results call for more attentions on better regulating the sensor usage in Android apps.
Original languageEnglish (US)
Pages (from-to)105-126
Number of pages22
JournalWorld Wide Web
Volume21
Issue number1
DOIs
StatePublished - Mar 20 2017

Bibliographical note

KAUST Repository Item: Exported on 2020-10-01
Acknowledgements: The work reported in this paper is partially supported by the Fundamental Research funds for the central Universities of China (No. K15JB00190), Shanghai Key Laboratory of Integrated Administration Technologies for Information Security, the Ph.D. Programs Foundation of Ministry of Education of China (No. 20120009120010), the Scientific Research Foundation for the Returned Overseas Chinese Scholars, State Education Ministry (No. K14C300020), and in part by the 111 Project (B14005).

Fingerprint

Dive into the research topics of 'Discovering and understanding android sensor usage behaviors with data flow analysis'. Together they form a unique fingerprint.

Cite this