University of Surrey

Test tubes in the lab Research in the ATI Dance Research

Android Privacy C(R)ache: Reading your External Storage for Fun and Profit

Gisdakis, S, Giannetsos, Athanasios and Papadimitratos, P (2016) Android Privacy C(R)ache: Reading your External Storage for Fun and Profit In: Workshop on Privacy-Aware Mobile Computing (PAMCO) 2016 - In Conjunction with ACM MobiHoc 2016, 2016-07-05 - 2016-07-08, Paderborn, Germany.

[img]
Preview
Text
PCrache.pdf - Accepted version Manuscript
Available under License : See the attached licence file.

Download (1MB) | Preview
[img]
Preview
PDF (licence)
SRI_deposit_agreement.pdf
Available under License : See the attached licence file.

Download (33kB) | Preview

Abstract

Android's permission system empowers informed privacy de- cisions when installing third-party applications. However, ex- amining the access permissions is not enough to assess privacy exposure; even seemingly harmless applications can severely expose user data. This is what we demonstrate here: an ap- plication with the common READ EXTERNAL STORAGE and the INTERNET permissions can be the basis of extract- ing and inferring a wealth of private information. What has been overlooked is that such a \curious" application can prey on data stored in the Android's commonly accessible external storage or on unprotected phone sensors. By accessing and stealthily extracting data thought to be unworthy of protec- tion, we manage to access highly sensitive information: user identi ers and habits. Leveraging data-mining techniques, we explore a set of popular applications, establishing that there is a clear privacy danger for numerous users installing innocent-looking and but, possibly, \curious" applications.

Item Type: Conference or Workshop Item (Conference Paper)
Subjects : Computer Science
Divisions : Faculty of Engineering and Physical Sciences > Computing Science
Authors :
NameEmailORCID
Gisdakis, SUNSPECIFIEDUNSPECIFIED
Giannetsos, Athanasiosa.giannetsos@surrey.ac.ukUNSPECIFIED
Papadimitratos, PUNSPECIFIEDUNSPECIFIED
Date : July 2016
Identification Number : 10.1145/2940343.2940346
Copyright Disclaimer : Copyright 2016 ACM
Related URLs :
Depositing User : Symplectic Elements
Date Deposited : 01 Mar 2017 17:15
Last Modified : 06 Jul 2017 06:43
URI: http://epubs.surrey.ac.uk/id/eprint/813664

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year


Information about this web site

© The University of Surrey, Guildford, Surrey, GU2 7XH, United Kingdom.
+44 (0)1483 300800