research-article

PScout: analyzing the Android permission specification

Authors:

Kathy Wain Yee Au,

David LieAuthors Info & Claims

CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security

Pages 217 - 228

https://doi.org/10.1145/2382196.2382222

Published: 16 October 2012 Publication History

Abstract

Modern smartphone operating systems (OSs) have been developed with a greater emphasis on security and protecting privacy. One of the mechanisms these systems use to protect users is a permission system, which requires developers to declare what sensitive resources their applications will use, has users agree with this request when they install the application and constrains the application to the requested resources during runtime. As these permission systems become more common, questions have risen about their design and implementation. In this paper, we perform an analysis of the permission system of the Android smartphone OS in an attempt to begin answering some of these questions. Because the documentation of Android's permission system is incomplete and because we wanted to be able to analyze several versions of Android, we developed PScout, a tool that extracts the permission specification from the Android OS source code using static analysis. PScout overcomes several challenges, such as scalability due to Android's 3.4 million line code base, accounting for permission enforcement across processes due to Android's use of IPC, and abstracting Android's diverse permission checking mechanisms into a single primitive for analysis.

We use PScout to analyze 4 versions of Android spanning version 2.2 up to the recently released Android 4.0. Our main findings are that while Android has over 75 permissions, there is little redundancy in the permission specification. However, if applications could be constrained to only use documented APIs, then about 22% of the non-system permissions are actually unnecessary. Finally, we find that a trade-off exists between enabling least-privilege security with fine-grained permissions and maintaining stability of the permission specification as the Android OS evolves.

References

[1]

K. W. Y. Au, Y. F. Zhou, Z. Huang, P. Gill, and D. Lie. Short paper: A look at smartphone permission models. In Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM), pages 63--68, Oct. 2011.

Digital Library

[2]

T. Ball, R. Majumdar, T. Millstein, and S. K. Rajamani. Automatic predicate abstraction of C programs. In Proceedings of the 2001 ACM Conference on Programming Language Design and Implementation (PLDI), pages 203--213, June 2001.

Digital Library

[3]

D. Barrera, H. Kayacik, P. van Oorschot, and A. Somayaji. A methodology for empirical analysis of permission-based security models and its application to Android. In Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS), Oct. 2010.

Digital Library

[4]

A. Bartel, J. Klein, M. Monperrus, and Y. Le Traon. Automatically securing permission-based software by reducing the attack surface: An application to Android. Technical report, University of Luxembourg, SNT, 2011. Tech Report.

[5]

L. Batyuk, M. Herpich, S. Camtepe, K. Raddatz, A. Schmidt, and S. Albayrak. Using static analysis for automatic assessment and mitigation of unwanted and malicious activities within Android applications. In Proceedings of the 6th International Conference on Malicious and Unwanted Software (MALWARE), pages 66--72, Oct. 2011.

Digital Library

[6]

A. Bose, X. Hu, K. G. Shin, and T. Park. Behavioral detection of malware on mobile handsets. In Proceedings of the 6th International Conference on Mobile Systems, Applications and Services (MobiSys), pages 225--238, June 2008.

Digital Library

[7]

I. Burguera, U. Zurutuza, and S. Nadjm-Tehrani. Crowdroid: Behavior-based malware detection system for Android. In Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM), pages 15--26, Oct. 2011.

Digital Library

[8]

A. Chaudhuri. Language-based security on Android. In Proceedings of the ACM Fourth Workshop on Programming Languages and Analysis for Security (PLAS), pages 1--7, 2009.

Digital Library

[9]

J. C. Corbett, M. B. Dwyer, J. Hatcli, S. Laubach, C. S. Pasareanu, Robby, and H. Zheng. Bandera: Extracting finite-state models from Java source code. In Proceedings of the 22nd International Conference on Software Engineering (ICSE), pages 439--448, June 2000.

Digital Library

[10]

J. Dean, D. Grove, and C. Chambers. Optimization of object-oriented programs using static class hierarchy analysis. In Proceedings of the 9th European Conference on Object-Oriented Programming (ECOOP), pages 77--101, Aug. 1995.

Digital Library

[11]

W. Enck, P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In Proceedings of the 9th Symposium on Operating Systems Design and Implementation (OSDI), pages 393--407, Oct. 2010.

Digital Library

[12]

W. Enck, D. Octeau, P. McDaniel, and S. Chaudhuri. A study of Android application security. In Proceedings of the 20th USENIX Security Symposium, pages 21--36, Aug. 2011.

Digital Library

[13]

W. Enck, M. Ongtang, and P. McDaniel. On lightweight mobile phone application certification. In Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS), pages 235--245, Nov. 2009.

Digital Library

[14]

A. P. Felt, E. Chin, S. Hanna, D. Song, and D. Wagner. Android permissions demystified. In Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS), pages 627--638, Oct. 2011.

Digital Library

[15]

A. P. Felt, K. Greenwood, and D. Wagner. The effectiveness of application permissions. In Proceedings of the 2nd USENIX Conference on Web Application Development, pages 7--18, June 2011.

Digital Library

[16]

A. P. Felt, H. Wang, A. Moshchuk, S. Hanna, and E. Chin. Permission re-delegation: Attacks and defenses. In Proceedings of the 20th USENIX Security Symposium, pages 22--37, Aug. 2011.

Digital Library

[17]

T. A. Henzinger, R. Jhala, R. Majumdar, and G. Sutre. Lazy abstraction. In Proceedings of the 29th ACM Symposium on Principles of Programming Languages (POPL), pages 58--70, Jan. 2002.

Digital Library

[18]

P. Hornyack, S. Han, J. Jung, S. Schechter, and D. Wetherall. "These aren't the droids you're looking for": Retrofitting Android to protect data from imperious applications. In Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS), pages 639--652, Oct. 2011.

Digital Library

[19]

D. Lie, A. Chou, D. Engler, and D. Dill. A simple method for extracting models from protocol code. In Proceedings of the 28th International Symposium on Computer Architecture (ISCA), pages 192--203, July 2001.

Digital Library

[20]

R. Vallee-Rai, P. Co, E. Gagnon, L. Hendren, P. Lam, and V. Sundaresan. Soot - a Java bytecode optimization framework. In Proceedings of the 1999 conference of the Centre for Advanced Studies on Collaborative research, CASCON '99, page 13. IBM Press, 1999.

Digital Library

[21]

T. Vidas, N. Christin, and L. Cranor. Curbing Android permission creep. In Proceedings of the Web 2.0 Security and Privacy 2011 workshop (W2SP 2011), Oakland, CA, May 2011.

Cited By

Zhao WWu JMeng Z(2025)AppPoet: Large language model based android malware detection via multi-view prompt engineeringExpert Systems with Applications10.1016/j.eswa.2024.125546262(125546)Online publication date: Mar-2025
https://doi.org/10.1016/j.eswa.2024.125546
Deypir MZoughi T(2025)Robust security risk estimation for android apps using nearest neighbor approach and hamming distanceSoft Computing10.1007/s00500-025-10489-z29:2(593-611)Online publication date: 10-Feb-2025
https://doi.org/10.1007/s00500-025-10489-z
Chowdhury NMaharjan ARaje R(2024)E-SERS: An Enhanced Approach to Trust-Based Ranking of AppsSoftware10.3390/software30300133:3(250-270)Online publication date: 13-Jul-2024
https://doi.org/10.3390/software3030013
Show More Cited By

Index Terms

PScout: analyzing the Android permission specification
1. Security and privacy
  1. Security services
    1. Access control
  2. Systems security
    1. Information flow control
    2. Operating systems security

Recommendations

Android permissions demystified
CCS '11: Proceedings of the 18th ACM conference on Computer and communications security

Android provides third-party applications with an extensive API that includes access to phone hardware, settings, and user data. Access to privacy- and security-relevant parts of the API is controlled with an install-time application permission system. ...
MAPPER: Mapping Application Description to Permissions
Risks and Security of Internet and Systems
Abstract
Android operating system has seen phenomenal growth, and Android Applications (Apps) have proliferated into mainstream usage across the globe. Are users informed by the developers about everything an App does when they consent to install an App ...
Information flows as a permission mechanism
ASE '14: Proceedings of the 29th ACM/IEEE International Conference on Automated Software Engineering

This paper proposes Flow Permissions, an extension to the Android permission mechanism. Unlike the existing permission mechanism, our permission mechanism contains semantic information based on information flows. Flow Permissions allow users to examine ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security

October 2012

1088 pages

ISBN:9781450316514

DOI:10.1145/2382196

General Chair:
Ting Yu
North Carolina State University, USA
,
Program Chairs:
George Danezis
Microsoft Research Cambridge, UK
,
Virgil Gligor
Carnegie Mellon University, USA

Copyright © 2012 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 16 October 2012

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS'12

Sponsor:

SIGSAC

CCS'12: the ACM Conference on Computer and Communications Security

October 16 - 18, 2012

North Carolina, Raleigh, USA

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

502
Total Citations
View Citations
4,643
Total Downloads

Downloads (Last 12 months)256
Downloads (Last 6 weeks)31

Reflects downloads up to 16 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Zhao WWu JMeng Z(2025)AppPoet: Large language model based android malware detection via multi-view prompt engineeringExpert Systems with Applications10.1016/j.eswa.2024.125546262(125546)Online publication date: Mar-2025
https://doi.org/10.1016/j.eswa.2024.125546
Deypir MZoughi T(2025)Robust security risk estimation for android apps using nearest neighbor approach and hamming distanceSoft Computing10.1007/s00500-025-10489-z29:2(593-611)Online publication date: 10-Feb-2025
https://doi.org/10.1007/s00500-025-10489-z
Chowdhury NMaharjan ARaje R(2024)E-SERS: An Enhanced Approach to Trust-Based Ranking of AppsSoftware10.3390/software30300133:3(250-270)Online publication date: 13-Jul-2024
https://doi.org/10.3390/software3030013
Zaidi SKhan SVyas PAafer YFilkov VRay BZhou M(2024)A Longitudinal Analysis Of Replicas in the Wild Wild AndroidProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695546(1821-1833)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3695546
Wang YFan MZhou HWang HJin WLi JChen WLi SZhang YHan DLiu TFilkov VRay BZhou M(2024)MiniChecker: Detecting Data Privacy Risk of Abusive Permission Request Behavior in Mini-ProgramsProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695534(1667-1679)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3695534
Zheng JLiu JZhang AZeng JYang ZLiang ZChua TFilkov VRay BZhou M(2024)MaskDroid: Robust Android Malware Detection with Masked Graph RepresentationsProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695008(331-343)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3695008
Li YYuan DZhang TCai HLo DGao CLuo XJiang H(2024)Meta-Learning for Multi-Family Android Malware ClassificationACM Transactions on Software Engineering and Methodology10.1145/366480633:7(1-27)Online publication date: 26-Aug-2024
https://dl.acm.org/doi/10.1145/3664806
Li SYang ZNan YYu SZhu QYang MLuo BLiao XXu JKirda ELie D(2024)Are We Getting Well-informed? An In-depth Study of Runtime Privacy Notice Practice in Mobile AppsProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3670377(1581-1595)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3670377
Xiong HDai QChang RQiu MWang RShen WZhou YChristakis MPradel M(2024)Atlas: Automating Cross-Language Fuzzing on Android Closed-Source LibrariesProceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3650212.3652133(350-362)Online publication date: 11-Sep-2024
https://dl.acm.org/doi/10.1145/3650212.3652133
Thung FLiu JRattanukul PMaoz SToch EGao DLo DRubin JLam WCatolino GPoshyvanyk D(2024)Towards Speedy Permission-Based Debloating for Android AppsProceedings of the IEEE/ACM 11th International Conference on Mobile Software Engineering and Systems10.1145/3647632.3651390(84-87)Online publication date: 14-Apr-2024
https://dl.acm.org/doi/10.1145/3647632.3651390
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten