A Privacy Protection Approach Based on Android Application's Runtime Behavior Monitor and Control

Abstract

This article proposes a system that focuses on Android application runtime behavior forensics. Using Linux processes, a dynamic injection and a Java function hook technology, the system is able to manipulate the runtime behavior of applications without modifying the Android framework and the application's source code. Based on this method, a privacy data protection policy that reflects users' intentions is proposed by extracting and recording the privacy data usage in applications. Moreover, an optimized random forest algorithm is proposed to reduce the policy training time. The result shows that the system realizes the functions of application runtime behavior monitor and control. An experiment on 134 widely used applications shows that the basic privacy policy could satisfy the majority of users' privacy intentions.