Sensor Guardian: prevent privacy inference on Android sensors

Xiaolong Bai; Jie Yin; Yu-Ping Wang

doi:10.1186/s13635-017-0061-8

EURASIP Journal on Information Security (Jun 2017)

Sensor Guardian: prevent privacy inference on Android sensors

Xiaolong Bai,
Jie Yin,
Yu-Ping Wang

Affiliations

Xiaolong Bai: Department of Computer Science and Technology, Tsinghua University
Jie Yin: Department of Computer Science and Technology, Tsinghua University
Yu-Ping Wang: Department of Computer Science and Technology, Tsinghua University

DOI: https://doi.org/10.1186/s13635-017-0061-8
Journal volume & issue: Vol. 2017, no. 1
pp. 1 – 17

Abstract

Read online

Abstract Privacy inference attacks based on sensor data is an emerging and severe threat on smart devices, in which malicious applications leverage data from innocuous sensors to infer sensitive information of user, e.g., utilizing accelerometers to infer user’s keystroke. In this paper, we present Sensor Guardian, a privacy protection system that mitigates this threat on Android by hooking and controlling applications’ access to sensors. Sensor Guardian inserts hooks into applications by statically instrumenting their APK (short for Android Package Kit) files and enforces control policies in these hooks at runtime. Our evaluation shows that Sensor Guardian can effectively and efficiently mitigate the privacy inference threat on Android sensors, with negligible overhead during both static instrumentation and runtime control.

Published in EURASIP Journal on Information Security

ISSN: 2510-523X (Online)
Publisher: SpringerOpen
Country of publisher: United Kingdom
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering: Electronics: Computer engineering. Computer hardware; Science: Mathematics: Instruments and machines: Electronic computers. Computer science
Website: http://jis.eurasipjournals.com/

About the journal

Abstract

Keywords