Covert Communication in Mobile Applications
This paper studies communication patterns in mobile applications. Our analysis shows that 63% of the external communication made by top-popular free Android applications from Google Play has no effect on the user-observable application functionality. To detect such covert communication in an efficie...
| Egile Nagusiak: | , , , |
|---|---|
| Beste egile batzuk: | |
| Formatua: | Artikulua |
| Hizkuntza: | en_US |
| Argitaratua: |
Institute of Electrical and Electronics Engineers (IEEE)
2015
|
| Sarrera elektronikoa: | http://hdl.handle.net/1721.1/99941 https://orcid.org/0000-0001-7280-1614 https://orcid.org/0000-0001-8095-8523 |
| _version_ | 1826208835422912512 |
|---|---|
| author | Rubin, Julia Gordon, Michael I. Nguyen, Nguyen Rinard, Martin C. |
| author2 | Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory |
| author_facet | Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory Rubin, Julia Gordon, Michael I. Nguyen, Nguyen Rinard, Martin C. |
| author_sort | Rubin, Julia |
| collection | MIT |
| description | This paper studies communication patterns in mobile applications. Our analysis shows that 63% of the external communication made by top-popular free Android applications from Google Play has no effect on the user-observable application functionality. To detect such covert communication in an efficient manner, we propose a highly precise and scalable static analysis technique: it achieves 93% precision and 61% recall compared to the empirically determined “ground truth”, and runs in a matter of a few minutes. Furthermore, according to human evaluators, in 42 out of 47 cases, disabling connections deemed covert by our analysis leaves the delivered application experience either completely intact or with only insignificant interference. We conclude that our technique is effective for identifying and disabling covert communication. We then use it to investigate communication patterns in the 500 top-popular applications from Google Play. |
| first_indexed | 2024-09-23T14:13:04Z |
| format | Article |
| id | mit-1721.1/99941 |
| institution | Massachusetts Institute of Technology |
| language | en_US |
| last_indexed | 2024-09-23T14:13:04Z |
| publishDate | 2015 |
| publisher | Institute of Electrical and Electronics Engineers (IEEE) |
| record_format | dspace |
| spelling | mit-1721.1/999412022-09-28T19:16:08Z Covert Communication in Mobile Applications Rubin, Julia Gordon, Michael I. Nguyen, Nguyen Rinard, Martin C. Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science Rubin, Julia Rubin, Julia Gordon, Michael I. Rinard, Martin C. This paper studies communication patterns in mobile applications. Our analysis shows that 63% of the external communication made by top-popular free Android applications from Google Play has no effect on the user-observable application functionality. To detect such covert communication in an efficient manner, we propose a highly precise and scalable static analysis technique: it achieves 93% precision and 61% recall compared to the empirically determined “ground truth”, and runs in a matter of a few minutes. Furthermore, according to human evaluators, in 42 out of 47 cases, disabling connections deemed covert by our analysis leaves the delivered application experience either completely intact or with only insignificant interference. We conclude that our technique is effective for identifying and disabling covert communication. We then use it to investigate communication patterns in the 500 top-popular applications from Google Play. United States. Defense Advanced Research Projects Agency (Agreement FA8750-12-2-0110) 2015-11-20T13:13:50Z 2015-11-20T13:13:50Z 2015-11 Article http://purl.org/eprint/type/ConferencePaper http://hdl.handle.net/1721.1/99941 Rubin, Julia, Michael I. Gordon, Nguyen Nguyen, and Martin Rinard. "Covert Communication in Mobile Applications." 30th IEEE/ACM International Conference on Automated Software Engineering (November 2015). https://orcid.org/0000-0001-7280-1614 https://orcid.org/0000-0001-8095-8523 en_US http://ase2015.unl.edu/#tab-papers Proceedings of the 30th IEEE/ACM International Conference on Automated Software Engineering Creative Commons Attribution-Noncommercial-Share Alike http://creativecommons.org/licenses/by-nc-sa/4.0/ application/pdf Institute of Electrical and Electronics Engineers (IEEE) MIT web domain |
| spellingShingle | Rubin, Julia Gordon, Michael I. Nguyen, Nguyen Rinard, Martin C. Covert Communication in Mobile Applications |
| title | Covert Communication in Mobile Applications |
| title_full | Covert Communication in Mobile Applications |
| title_fullStr | Covert Communication in Mobile Applications |
| title_full_unstemmed | Covert Communication in Mobile Applications |
| title_short | Covert Communication in Mobile Applications |
| title_sort | covert communication in mobile applications |
| url | http://hdl.handle.net/1721.1/99941 https://orcid.org/0000-0001-7280-1614 https://orcid.org/0000-0001-8095-8523 |
| work_keys_str_mv | AT rubinjulia covertcommunicationinmobileapplications AT gordonmichaeli covertcommunicationinmobileapplications AT nguyennguyen covertcommunicationinmobileapplications AT rinardmartinc covertcommunicationinmobileapplications |