Automated Android Application Partitioning (A3P)
Abstract
Mobile applications have become ubiquitous and a critical part of many peoples every-day life. However, mobile operating systems provide only coarse control over how private data is accessed, transformed, or used, and users have remarkably little understanding of how this can affect their privacy. Complicating matters further are advertising libraries or other third-party software that require odd permissions in order to satisfy their particular needs, but are tangential to the main application. To address these issues, we present a system for analyzing an Android applications control flow, information flow, and security profile to partition it into a set of cooperating reduced-privilege micro-apps that reproduce the original applications functionality. Our experiments on real-world applications indicate that this approach provides significant value in reducing the security requirements of an individual micro-app, and that the original application functionality can be reproduced by the collection of micro-apps.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jul 25, 2018
- Accession Number
- AD1056702
Entities
People
- Alex Jordan
- Benjamin Clough
- Karen Sirois
- Maria Zakhalyavko
- Michelle Spina
Organizations
- BBN Technologies