Risk assessing and privacy-preserving scheme for privacy leakage in APP

被引：0

作者：

Wang X. ^{[1
,2
]}

Niu B. ^{[1
]}

Li F. ^{[1
,2
]}

He K. ^{[1
,2
]}

机构：

[1] Institute of Information Engineering, Chinese Academy of Sciences, Beijing

[2] School of Cyber Security, University of Chinese Academy of Sciences, Beijing

来源：

Tongxin Xuebao/Journal on Communications | 2019年 / 40卷 / 05期

基金：

国家重点研发计划; 中国国家自然科学基金;

关键词：

Android; Permission management; Privacy-preserving; Risk assessment;

D O I：

10.11959/j.issn.1000-436x.2019085

中图分类号：

学科分类号：

摘要：

The APP in smartphone contain various third-party services. However, the service providers illegally read the user's private information. To address this problem, a privacy risk assessing scheme called PRAS was proposed. Firstly, a model was built to assess the risk of privacy leakage, by counting all the permissions acquired by each service providers and considering the non-linear impact of the permissions combination on privacy leakage. Then, by analyzing the balance between service quality and privacy-preserving, an optimal model was used to minimized the risk of private information leakage, and a permission management method was given to protect the privacy information among APP. The experiment results show that PRAS reduces the risk of privacy leakage by an average of 18.5%. © 2019, Editorial Board of Journal on Communications. All right reserved.

引用

页码：13 / 23

页数：10

共 26 条

[1] Li F.H., Li H., Jia Y., Et al., Privacy computing: concept, connotation and its research trend, Journal on Communications, 37, 4, pp. 1-11, (2016)
[2] Survey on personal information leakage by APP, (2018)
[3] China mobile phone safety ecology report, (2018)
[4] Grace M.C., Zhou W., Jiang X., Et al., Unsafe exposure analysis of mobile in-APP advertisements, The ACM Conference on Security and Privacy in Wireless and Mobile Networks, pp. 101-112, (2012)
[5] Chen K., Liu P., Zhang Y., Achieving accuracy and scalability simultaneously in detecting application clones on Android markets, The ACM International Conference on Software Engineering, pp. 175-186, (2014)
[6] Narayanan A., Chen L., Chan C.K., Addetect: automated detection of android ad libraries using semantic analysis, The IEEE International Conference on Intelligent Sensors, Sensor Networks and Information Processing, pp. 1-6, (2014)
[7] Liu B., Liu B., Jin H., Et al., Efficient privilege de-escalation for ad libraries in mobile APPs, The ACM Annual International Conference on Mobile Systems, APPlications, and Services, pp. 89-103, (2015)
[8] Crussell J., Gibler C., Chen H., Scalable semantics-based detection of similar android applications, The European Symposium on Computer Security, pp. 1-21, (2013)
[9] Wang H., Guo Y., Ma Z., Et al., WuKong: a scalable and accurate two-phase approach to Android APP clone detection, The ACM International Symposium on Software Testing and Analysis, pp. 71-82, (2015)
[10] Ma Z., Wang H., Guo Y., Et al., LibRadar: fast and accurate detection of third-party libraries in Android apps, The ACM International Conference on Software Engineering, pp. 653-656, (2016)

← 1 2 3 →