Detecting Wearable App Permission Mismatches: A Case Study on Android Wear

被引:4
作者
Mujahid, Suhaib [1 ]
机构
[1] Concordia Univ, Dept Comp Sci & Software Engn, Data Driven Anal Software DAS Lab, Montreal, PQ, Canada
来源
ESEC/FSE 2017: PROCEEDINGS OF THE 2017 11TH JOINT MEETING ON FOUNDATIONS OF SOFTWARE ENGINEERING | 2017年
关键词
Android Wear; Permissions; Empirical Study; Wearable;
D O I
10.1145/3106237.3121279
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
Wearable devices are becoming increasingly popular. These wearable devices run what is known as wearable apps. Wearable apps are packaged with handheld apps, that must be installed on the accompanying handheld device (e.g., phone). Given that wearable apps are tightly coupled with the handheld apps, any wearable permission must also be requested in the handheld version of the app on the Android Wear platform. However, in some cases, the wearable apps may request permissions that do not exist in the handheld app, resulting in a permission mismatch, and causing the wearable app to error or crash. In this paper, we propose a technique to detect wear app permission mismatches. We perform a case study on 2,409 free Android Wear apps and find that 73 released wearable apps suffer from the permission mismatch problem.
引用
收藏
页码:1065 / 1067
页数:3
相关论文
共 10 条
  • [1] Android Developers Documentation, 2017, PACK WEAR APPS
  • [2] [Anonymous], 2016, WEAR SOFTW
  • [3] Au K. W. Y., 2012, Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS '12, ACM, New York, NY, USA, P217, DOI 10.1145/2382196.2382222
  • [4] A Methodology for Empirical Analysis of Permission-Based Security Models and its Application to Android
    Barrera, David
    Kayacik, H. Guenes
    van Oorschot, P. C.
    Somayaji, Anil
    [J]. PROCEEDINGS OF THE 17TH ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY (CCS'10), 2010, : 73 - 84
  • [5] Felt AP, 2011, PROCEEDINGS OF THE 18TH ACM CONFERENCE ON COMPUTER & COMMUNICATIONS SECURITY (CCS 11), P627
  • [6] Developer mistakes in writing Android manifests: An empirical study of configuration errors
    Jha, Ajay Kumar
    Lee, Sunghee
    Lee, Woo Jin
    [J]. 2017 IEEE/ACM 14TH INTERNATIONAL CONFERENCE ON MINING SOFTWARE REPOSITORIES (MSR 2017), 2017, : 25 - 36
  • [7] Mining Android Apps to Recommend Permissions
    Karim, Md Yasser
    Kagdi, Huzefa
    Di Penta, Massimiliano
    [J]. 2016 IEEE 23RD INTERNATIONAL CONFERENCE ON SOFTWARE ANALYSIS, EVOLUTION, AND REENGINEERING (SANER), VOL 1, 2016, : 427 - 437
  • [8] Mujahid Suhaib, 2017, 2017 IEEE/ACM 4th International Conference on Mobile Software Engineering and Systems (MOBILESoft). Proceedings, P96, DOI 10.1109/MOBILESoft.2017.25
  • [9] Stevens R, 2013, IEEE WORK CONF MIN S, P31, DOI 10.1109/MSR.2013.6624000
  • [10] [No title captured]
1