PrivacyProxy: Using Crowdsourcing to Detect and Mitigate Information Leakage on Smartphones
Numerous studies have shown that smartphone apps often transmit personally identifiable information (PII) in the background, without the user’s knowledge. To date, most of the studies relied on either static analysis or operating system instrumentation to detect leakage based on the types of information accessed by an app. This approach has several shortcomings that prevent widespread adoption. First of all, it is very hard for an average user to run the tools to analyze an app or to modify the smartphone’s OS. Secondly, without modifying the OS, there is no way to mitigate the information leakage. Furthermore, most PII access enforcement occurs at the app granularity, so there is no way to have different access policies for different parts of an app. Thirdly, apps may generate app-specific IDs to identify an user. Such practice is common among mobile analytics libraries which generate per-device IDs in order to track a user across multiple apps using the same libraries. Lastly, individual users may not be well-informed enough to make decisions about whether to allow or deny an app’s access to PII. We can crowdsource this decision across peers to help users set a reasonable default policy for each app. We present PrivacyProxy, an Android app that can be used on any device running Android 4.0 or above, without any modification to the OS. It scans through outbound network requests to build host-specific signatures - structures recording the frequencies of different values as seen in all the requests to a host. Signatures from different users can be anonymously combined and shared such that for every new request that is sent to a host, the client can consult the signature for the host to see if other users are seeing similar values in their requests. By leveraging this information, we can detect and notify users of PII leaks. We also give users the opportunity to modify the content of a request before it leaves the device, thereby mitigating PII leaks.