Abstract

Privacy inference attacks based on sensor data is an emerging and severe threat on smart devices, in which malicious applications leverage data from innocuous sensors to infer sensitive information of user, e.g., utilizing accelerometers to infer user’s keystroke. In this paper, we present Sensor Guardian, a privacy protection system that mitigates this threat on Android by hooking and controlling applications’ access to sensors. Sensor Guardian inserts hooks into applications by statically instrumenting their APK (short for Android Package Kit) files and enforces control policies in these hooks at runtime. Our evaluation shows that Sensor Guardian can effectively and efficiently mitigate the privacy inference threat on Android sensors, with negligible overhead during both static instrumentation and runtime control.

Highlights

  • With the proliferation of smartphones, users are requiring various functionalities for different needs

  • Given that Android supports more kinds of unprivileged sensors than other platforms and most of prior attacks [1, 2, 4, 7, 10] are implemented on Android, in this paper, we focus on the privacy inference based on sensors” (PIS) problem on Android platform

  • Though the evaluation set is relatively small compared to the total number of Android apps on Google Play, this set covers all categories on Google Play and is enough to evaluate Sensor Guardian’s performance

Read more

Summary

Introduction

With the proliferation of smartphones, users are requiring various functionalities for different needs. All mobile platforms, including Android, iOS, and Windows Phone, provide APIs for developers to access data from these built-in sensors. Though the availability of some sensors may vary between different devices and versions, most Android devices have some basic builtin sensors like accelerometer and magnetometer. These basic sensors are still enough to infer a lot of sensitive information [1,2,3,4, 7, 8, 10]

Results
Discussion
Conclusion
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Preserving privacy on the searchable internet
Ruxia Ma ... Zhongyuan Wang
International Journal of Web Information Systems | VOL. 8
Ruxia Ma, et. al.Ruxia Ma ... Zhongyuan Wang
24 Aug 2012
Social influence‐based privacy inference attacks in online social networks
Yuzi Yi ... Jingsha He
SECURITY AND PRIVACY | VOL. 5
Yuzi Yi, et. al.Yuzi Yi ... Jingsha He
21 Nov 2021
Social Network De-Anonymization and Privacy Inference with Knowledge Graph Model
Jianwei Qian ... Junze Han
IEEE Transactions on Dependable and Secure Computing | VOL. 16
Jianwei Qian, et. al.Jianwei Qian ... Junze Han
01 Jul 2019
WhatsUpNow: urban social application with real-time peer-to-peer ambient and sensory data exchanges
Marcel Karam ... Mehedi Masud
Multimedia Tools and Applications | VOL. 75
Marcel Karam, et. al.Marcel Karam ... Mehedi Masud
12 Aug 2015
View more papers

More From: EURASIP Journal on Information Security

Paper Title
Journal
Date
Author
Performance comparison of quantum-safe multivariate polynomial public key encapsulation algorithm
Randy Kuang ... Michel Barbeau
EURASIP Journal on Information Security | VOL. 2024
Randy Kuang, et. al.Randy Kuang ... Michel Barbeau
09 Jul 2024
Performance comparison of quantum-safe multivariate polynomial public key encapsulation algorithm
Randy Kuang ... Michel Barbeau
EURASIP Journal on Information Security | VOL. 2024
Randy Kuang, et. al.Randy Kuang ... Michel Barbeau
09 Jul 2024
Errorless robust JPEG steganography using steganographic polar codes
Jimin Zhang ... Yun Cao
EURASIP Journal on Information Security | VOL. 2024
Jimin Zhang, et. al.Jimin Zhang ... Yun Cao
04 Jul 2024
Mining digital identity insights: patent analysis using NLP
Matthew Comb ... Andrew Martin
EURASIP Journal on Information Security | VOL. 2024
Matthew Comb, et. al.Matthew Comb ... Andrew Martin
03 Jul 2024
View more papers