Skip to main content
SpringerLink
Log in
Book cover

International Symposium on Research in Attacks, Intrusions, and Defenses

RAID 2016: Research in Attacks, Intrusions, and Defenses pp 346–367Cite as

Small Changes, Big Changes: An Updated View on the Android Permission System

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9854))

Abstract

Since the appearance of Android, its permission system was central to many studies of Android security. For a long time, the description of the architecture provided by Enck et al. in [31] was immutably used in various research papers. The introduction of highly anticipated runtime permissions in Android 6.0 forced us to reconsider this model. To our surprise, the permission system evolved with almost every release. After analysis of 16 Android versions, we can confirm that the modifications, especially introduced in Android 6.0, considerably impact the aptness of old conclusions and tools for newer releases. For instance, since Android 6.0 some signature permissions, previously granted only to apps signed with a platform certificate, can be granted to third-party apps even if they are signed with a non-platform certificate; many permissions considered before as threatening are now granted by default. In this paper, we review in detail the updated system, introduced changes, and their security implications. We highlight some bizarre behaviors, which may be of interest for developers and security researchers. We also found a number of bugs during our analysis, and provided patches to AOSP where possible.

We thank the anonymous reviewers for their comments that allowed to improve the paper. We are also very grateful to William Enck for shepherding the paper and suggesting many improvements to it. The work of Olga Gadyatskaya was supported by the Luxembourg National Research Fund (C15/IS/10404933/COMMA).

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    http://developer.android.com/guide/topics/manifest/manifest-intro.html.

  2. 2.

    For this table we interpret the protection levels normal, dangerous, signature and signature|system as an ordered set, where normal corresponds to the least critical permissions and signature|system – to the most critical.

  3. 3.

    This permission was added in API 20, which we did not analyze (API 20 was developed for wearable systems).

  4. 4.

    http://stackoverflow.com/questions/33482474/android-marshmallow-permission-model-on-os-4-0-read-external-storage-permission.

  5. 5.

    https://ibotpeaches.github.io/Apktool/.

References

  1. Android Open Source Project. http://source.android.com/. Accessed 31 Mar 2016

  2. Commit 2af5708: Add per UID control to app ops. https://android.googlesource.com/platform/frameworks/base/+/2af5708

  3. Commit 2ca2c87: More adjustments to permissions. https://android.googlesource.com/platform/frameworks/base/+/2ca2c87

  4. Commit 33f5ddd: Add permissions associated with app ops. https://android.googlesource.com/platform/frameworks/base/+/33f5ddd

  5. Commit 3e7d977: Grant installer and verifier install permissions robustly. https://android.googlesource.com/platform/frameworks/base/+/3e7d977

  6. Commit 4516798: Moving launcher permission to framework. https://android.googlesource.com/platform/frameworks/base/+/4516798

  7. Commit 6d2c0e5: Remove not needed contacts related permissions. https://android.googlesource.com/platform/frameworks/base/+/6d2c0e5

  8. Commit a90c8de: Add new “preinstalled” permission flag. https://android.googlesource.com/platform/frameworks/base/+/a90c8de

  9. Commit ccbf84f: Some system apps are more system than others. https://android.googlesource.com/platform/frameworks/base/+/ccbf84f

  10. Commit cfbfafe: Additional permissions aren’t properly disabled after toggling them off. https://android.googlesource.com/platform/frameworks/base/+/cfbfafe

  11. Commit de15eda: Scope WRITE_SETTINGS and SYSTEM_ALERT_WINDOW to an explicit toggle to enable in Settings. https://android.googlesource.com/platform/frameworks/base/+/de15eda

  12. Commit e639da7: New development permissions. https://android.googlesource.com/platform/frameworks/base/+/e639da7

  13. Dashboards. http://goo.gl/mFciT7. Accessed 31 Mar 2016

  14. Google says Android has 1.4 billion active users. http://goo.gl/aUuUNw. Accessed 31 Mar 2016

  15. Microsoft Excel. https://play.google.com/store/apps/details?id=com.microsoft.office.excel. Accessed 31 Mar 2016

  16. Microsoft PowerPoint. https://play.google.com/store/apps/details?id=com.microsoft.office.powerpoint. Accessed 31 Mar 2016

  17. Not just for phones and tablets: what other devices run Android? http://goo.gl/kQ4Pi8. Accessed 31 Mar 2016

  18. Play store permissions change opens door to rogue apps. http://goo.gl/nJCwoY. Accessed 31 Mar 2016

  19. Requesting permissions at run time. http://developer.android.com/training/permissions/requesting.html

  20. Smartphone OS market share, 2015 Q2. http://goo.gl/WQwfZO. Accessed 31 Mar 2016

  21. Arp, D., Speizenbarth, M., Hubner, M., Gascon, H., Rieck, K.: DREBIN: effective and explainable detection of Android malware in your pocket. In: Proceedings of NDSS (2014)

    Google Scholar 

  22. Au, K., Zhou, Y.F., Huang, Z., Gill, P., Lie, D.: Short paper: a look at smartphone permission models. In: Proceedings of SPSM (2011)

    Google Scholar 

  23. Au, K.W.Y., Zhou, Y.F., Huang, Z., Lie, D.: PScout: analyzing the Android permission specification. In: Proceedings of CCS (2012)

    Google Scholar 

  24. Backes, M., Bugiel, S., Derr, E., Weisgerber, S., McDaniel, P., Octeau, D.: On demystifying the Android application framework: re-visiting Android permission specification analysis. In: Poster Session of IEEE EuroS&P (2016)

    Google Scholar 

  25. Barrera, D., Kayacik, H.G., van Oorschot, P.C., Somayaji, A.: A methodology for empirical analysis of permission-based security models and its application to Android. In: Proceedings of CCS (2010)

    Google Scholar 

  26. Bartel, A., Klein, J., Le Traon, Y., Monperrus, M.: Automatically securing permission-based software by reducing the attack surface: an application to Android. In: Proceedings of ASE (2012)

    Google Scholar 

  27. Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Reza-Sadeghi, A., Shastry, B.: Towards taming privilege-escalation attacks on Android. In: Proceedings of NDSS (2012)

    Google Scholar 

  28. Chen, K.Z., Johnson, N., D’Silva, V., Dai, S., MacNamara, K., Magrino, T., Wu, E., Rinard, M., Song, D.: Contextual policy enforcement in Android applications with permission event graphs. In: Proceedings of NDSS (2013)

    Google Scholar 

  29. Conti, M., Crispo, B., Fernandes, E., Zhauniarovich, Y.: CRêPE: a system for enforcing fine-grained context-related policies on Android. IEEE Trans. Inf. Forensics Secur. 7(5), 1426–1438 (2012)

    Article  Google Scholar 

  30. Elenkov, N.: Android Security Internals: An In-Depth Guide to Android’s Security Architecture, 1st edn. No Starch Press, San Francisco (2014)

    Google Scholar 

  31. Enck, W., Ongtang, M., McDaniel, P.: Understanding Android security. IEEE Secur. Priv. Mag. 7(1), 50–57 (2009)

    Article  Google Scholar 

  32. Enck, W., Ongtang, M., McDaniel, P.: On lightweight mobile phone application certification. In: Proceedings of CCS (2009)

    Google Scholar 

  33. Fang, Z., Han, W., Li, D., Guo, Z., Guo, D., Wang, X.S., Qian, Z., Chen, H.: revDroid: code analysis of the side effects after dynamic permission revocation of Android apps. In: Proceedings of ASIACCS (2016)

    Google Scholar 

  34. Fang, Z., Han, W., Li, Y.: Permission based Android security: issues and countermeasures. Comput. Secur. 43, 205–218 (2014)

    Article  Google Scholar 

  35. Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D.: Android permissions demystified. In: Proceedings of CCS (2011)

    Google Scholar 

  36. Felt, A.P., Ha, E., Egelman, S., Haney, A., Chin, E., Wagner, D.: Android permissions: user attention, comprehension, and behavior. In: Proceedings of SOUPS (2012)

    Google Scholar 

  37. Fragkaki, E., Bauer, L., Jia, L., Swasey, D.: Modeling and enhancing Android’s permission system. In: Proceedings of ESORICS (2013)

    Google Scholar 

  38. Fratantonio, Y., Bianchi, A., Robertson, W., Egele, M., Kruegel, C., Kirda, E., Vigna, G.: On the security and engineering implications of finer-grained access controls for Android developers and users. In: Almgren, M., Gulisano, V., Maggi, F. (eds.) DIMVA 2015. LNCS, vol. 9148, pp. 282–303. Springer, Heidelberg (2015)

    Chapter  Google Scholar 

  39. Gadyatskaya, O., Massacci, F., Zhauniarovich, Y.: Security in the firefox OS and Tizen mobile platforms. IEEE Comput. 47(6), 57–63 (2014)

    Article  Google Scholar 

  40. Gibler, C., Crussell, J., Erickson, J., Chen, H.: AndroidLeaks: automatically detecting potential privacy leaks in Android applications on a large scale. In: Katzenbeisser, S., Weippl, E., Camp, L.J., Volkamer, M., Reiter, M., Zhang, X. (eds.) Trust 2012. LNCS, vol. 7344, pp. 291–307. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  41. Jeon, J., Micinski, K.K., Vaughan, J.A., Fogel, A., Reddy, N., Foster, J.S., Millstein, T.: Dr. Android and Mr. Hide: fine-grained permissions in Android applications. In: Proceedings of SPSM (2012)

    Google Scholar 

  42. Murphy, M.: Libraries and dangerous permissions. https://goo.gl/NJAjMx. Accessed 25 June 2016

  43. Murphy, M.: Runtime permissions, files, and ACTION_SEND. https://goo.gl/slhHoI. Accessed 25 June 2016

  44. Murphy, M.: You cannot hold non-existent permissions. https://goo.gl/nyDjUj. Accessed 25 June 2016

  45. Nauman, M., Khan, S., Zhang, X.: Apex: extending Android permission model and enforcement with user-defined runtime constraints. In: Proceedings of ASIACCS (2010)

    Google Scholar 

  46. Pandita, R., Xiao, X., Wang, W., Enck, W., Xie, T.: WHYPER: towards automating risk assessment of mobile applications. In: Proceedings of USENIX Security (2013)

    Google Scholar 

  47. Singh, K.: Practical context-aware permission control for hybrid mobile applications. In: Stolfo, S.J., Stavrou, A., Wright, C.V. (eds.) RAID 2013. LNCS, vol. 8145, pp. 307–327. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  48. Vidas, T., Christin, N., Cranor, L.F.: Curbing Android permission creep. In: Proceedings of W2SP (2011)

    Google Scholar 

  49. Wei, X., Gomez, L., Neamtiu, I., Faloutsos, M.: Permission evolution in the Android ecosystem. In: Proceedings of ACSAC (2012)

    Google Scholar 

  50. Wijesekera, P., Baokar, A., Hosseini, A., Egelman, S., Wagner, D., Beznosov, K.: Android permissions remystified: a field study on contextual integrity. In: Proceedings of USENIX Security (2015)

    Google Scholar 

  51. Xing, L., Pan, X., Wang, R., Yuan, K., Wang, X.: Upgrading your Android, elevating my malware: privilege escalation through mobile OS updating. In: Proceedings of S&P (2014)

    Google Scholar 

  52. Zhang, Y., Yang, M., Xu, B., Yang, Z., Gu, G., Ning, P., Wang, X.S., Zang, B.: Vetting undesirable behaviors in Android apps with permission use analysis. In: Proceedings of CCS (2013)

    Google Scholar 

  53. Zhauniarovich, Y., Ahmad, M., Gadyatskaya, O., Crispo, B., Massacci, F.: StaDynA: addressing the problem of dynamic code updates in the security analysis of Android applications. In: Proceedings of CODASPY (2015)

    Google Scholar 

  54. Zhauniarovich, Y., Russello, G., Conti, M., Crispo, B., Fernandes, E.: MOSES: supporting and enforcing security profiles on smartphones. IEEE Trans. Dependable Secure Comput. 11(3), 211–223 (2014)

    Article  Google Scholar 

  55. Zhou, Y., Jiang, X.: Dissecting Android malware: characterization and evolution. In: Proceedings of S&P (2012)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Qatar Computing Research Institute, HBKU, Doha, Qatar

    Yury Zhauniarovich

  2. SnT, University of Luxembourg, Luxembourg City, Luxembourg

    Olga Gadyatskaya

Authors
  1. Yury Zhauniarovich
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Olga Gadyatskaya
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Yury Zhauniarovich or Olga Gadyatskaya .

Editor information

Editors and Affiliations

  1. University of North Carolina at Chapel H , Chapel-Hill, USA

    Fabian Monrose

  2. Qatar Computing Research Institute , Doha, Qatar

    Marc Dacier

  3. Université Paris-Saclay , Evry, France

    Gregory Blanc

  4. TELECOM SudParis , EVRY, France

    Joaquin Garcia-Alfaro

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Zhauniarovich, Y., Gadyatskaya, O. (2016). Small Changes, Big Changes: An Updated View on the Android Permission System. In: Monrose, F., Dacier, M., Blanc, G., Garcia-Alfaro, J. (eds) Research in Attacks, Intrusions, and Defenses. RAID 2016. Lecture Notes in Computer Science(), vol 9854. Springer, Cham. https://doi.org/10.1007/978-3-319-45719-2_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-45719-2_16

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-45718-5

  • Online ISBN: 978-3-319-45719-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation