Securacy: An empirical investigation of android applications' network usage, privacy and security

Denzil Ferreira; Vassilis Kostakos; Alastair R. Beresford; Janne Lindqvist; Anind K. Dey

doi:10.1145/2766498.2766506

Securacy: An empirical investigation of android applications' network usage, privacy and security

Denzil Ferreira, Vassilis Kostakos, Alastair R. Beresford, Janne Lindqvist, Anind K. Dey

Not published at Aalto University

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

46 Citations (Scopus)

Abstract

Smartphone users do not fully know what their apps do. For example, an applications' network usage and underlying security configuration is invisible to users. In this paper we introduce Securacy, a mobile app that explores users' privacy and security concerns with Android apps. Securacy takes a reactive, personalized approach, highlighting app permission settings that the user has previously stated are concerning, and provides feedback on the use of secure and insecure network communication for each app. We began our design of Securacy by conducting a literature review and in-depth interviews with 30 participants to understand their concerns. We used this knowledge to build Securacy and evaluated its use by another set of 218 anonymous participants who installed the application from the Google Play store. Our results show that access to address book information is by far the biggest privacy concern. Over half (56.4%) of the connections made by apps are insecure, and the destination of the majority of network traffic is North America, regardless of the location of the user. Our app provides unprecedented insight into Android applications' communications behavior globally, indicating that the majority of apps currently use insecure network connections.

Original language	English
Title of host publication	Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2015
Publisher	ACM
ISBN (Electronic)	9781450336239
DOIs	https://doi.org/10.1145/2766498.2766506
Publication status	Published - 22 Jun 2015
MoE publication type	A4 Conference publication
Event	ACM Conference on Security and Privacy in Wireless and Mobile Networks - Hamburg, Germany Duration: 15 Jun 2011 → 17 Jun 2011 Conference number: 1

Publication series

Name	Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2015

Conference

Conference	ACM Conference on Security and Privacy in Wireless and Mobile Networks
Abbreviated title	WiSec
Country/Territory	Germany
City	Hamburg
Period	15/06/2011 → 17/06/2011

Keywords

Applications
Context
Experience sampling
Network
Privacy

Access to Document

10.1145/2766498.2766506

Cite this

Ferreira, D., Kostakos, V., Beresford, A. R., Lindqvist, J., & Dey, A. K. (2015). Securacy: An empirical investigation of android applications' network usage, privacy and security. In Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2015 Article a11 (Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2015). ACM. https://doi.org/10.1145/2766498.2766506

Ferreira, Denzil ; Kostakos, Vassilis ; Beresford, Alastair R. et al. / Securacy : An empirical investigation of android applications' network usage, privacy and security. Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2015. ACM, 2015. (Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2015).

@inproceedings{ed77903fa86542989d17afe7630ff961,

title = "Securacy: An empirical investigation of android applications' network usage, privacy and security",

abstract = "Smartphone users do not fully know what their apps do. For example, an applications' network usage and underlying security configuration is invisible to users. In this paper we introduce Securacy, a mobile app that explores users' privacy and security concerns with Android apps. Securacy takes a reactive, personalized approach, highlighting app permission settings that the user has previously stated are concerning, and provides feedback on the use of secure and insecure network communication for each app. We began our design of Securacy by conducting a literature review and in-depth interviews with 30 participants to understand their concerns. We used this knowledge to build Securacy and evaluated its use by another set of 218 anonymous participants who installed the application from the Google Play store. Our results show that access to address book information is by far the biggest privacy concern. Over half (56.4%) of the connections made by apps are insecure, and the destination of the majority of network traffic is North America, regardless of the location of the user. Our app provides unprecedented insight into Android applications' communications behavior globally, indicating that the majority of apps currently use insecure network connections.",

keywords = "Applications, Context, Experience sampling, Network, Privacy",

author = "Denzil Ferreira and Vassilis Kostakos and Beresford, {Alastair R.} and Janne Lindqvist and Dey, {Anind K.}",

year = "2015",

month = jun,

day = "22",

doi = "10.1145/2766498.2766506",

language = "English",

series = "Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2015",

publisher = "ACM",

booktitle = "Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2015",

address = "United States",

note = "ACM Conference on Security and Privacy in Wireless and Mobile Networks<br/>, WiSec ; Conference date: 15-06-2011 Through 17-06-2011",

}

Ferreira, D, Kostakos, V, Beresford, AR, Lindqvist, J & Dey, AK 2015, Securacy: An empirical investigation of android applications' network usage, privacy and security. in Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2015., a11, Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2015, ACM, ACM Conference on Security and Privacy in Wireless and Mobile Networks
, Hamburg, Germany, 15/06/2011. https://doi.org/10.1145/2766498.2766506

Securacy: An empirical investigation of android applications' network usage, privacy and security. / Ferreira, Denzil; Kostakos, Vassilis; Beresford, Alastair R. et al.
Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2015. ACM, 2015. a11 (Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2015).

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

TY - GEN

T1 - Securacy

T2 - ACM Conference on Security and Privacy in Wireless and Mobile Networks<br/>

AU - Ferreira, Denzil

AU - Kostakos, Vassilis

AU - Beresford, Alastair R.

AU - Lindqvist, Janne

AU - Dey, Anind K.

N1 - Conference code: 1

PY - 2015/6/22

Y1 - 2015/6/22

N2 - Smartphone users do not fully know what their apps do. For example, an applications' network usage and underlying security configuration is invisible to users. In this paper we introduce Securacy, a mobile app that explores users' privacy and security concerns with Android apps. Securacy takes a reactive, personalized approach, highlighting app permission settings that the user has previously stated are concerning, and provides feedback on the use of secure and insecure network communication for each app. We began our design of Securacy by conducting a literature review and in-depth interviews with 30 participants to understand their concerns. We used this knowledge to build Securacy and evaluated its use by another set of 218 anonymous participants who installed the application from the Google Play store. Our results show that access to address book information is by far the biggest privacy concern. Over half (56.4%) of the connections made by apps are insecure, and the destination of the majority of network traffic is North America, regardless of the location of the user. Our app provides unprecedented insight into Android applications' communications behavior globally, indicating that the majority of apps currently use insecure network connections.

AB - Smartphone users do not fully know what their apps do. For example, an applications' network usage and underlying security configuration is invisible to users. In this paper we introduce Securacy, a mobile app that explores users' privacy and security concerns with Android apps. Securacy takes a reactive, personalized approach, highlighting app permission settings that the user has previously stated are concerning, and provides feedback on the use of secure and insecure network communication for each app. We began our design of Securacy by conducting a literature review and in-depth interviews with 30 participants to understand their concerns. We used this knowledge to build Securacy and evaluated its use by another set of 218 anonymous participants who installed the application from the Google Play store. Our results show that access to address book information is by far the biggest privacy concern. Over half (56.4%) of the connections made by apps are insecure, and the destination of the majority of network traffic is North America, regardless of the location of the user. Our app provides unprecedented insight into Android applications' communications behavior globally, indicating that the majority of apps currently use insecure network connections.

KW - Applications

KW - Context

KW - Experience sampling

KW - Network

KW - Privacy

UR - http://www.scopus.com/inward/record.url?scp=84962016918&partnerID=8YFLogxK

U2 - 10.1145/2766498.2766506

DO - 10.1145/2766498.2766506

M3 - Conference article in proceedings

AN - SCOPUS:84962016918

T3 - Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2015

BT - Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2015

PB - ACM

Y2 - 15 June 2011 through 17 June 2011

ER -

Ferreira D, Kostakos V, Beresford AR, Lindqvist J, Dey AK. Securacy: An empirical investigation of android applications' network usage, privacy and security. In Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2015. ACM. 2015. a11. (Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2015). doi: 10.1145/2766498.2766506

Securacy: An empirical investigation of android applications' network usage, privacy and security

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this