Skip to main content

Impact of User Data Privacy Management Controls on Mobile Device Investigations

Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT,volume 484)

Abstract

There are many different types of mobile device users, but most of them do not seek to expand the functionality of their smartphones and prefer to interact with them using predefined user profiles and settings. However, “power users” are always seeking opportunities to gain absolute control of their devices and expand their capabilities. For this reason, power users attempt to obtain “super user” privileges (root) or jailbreak their devices. Meanwhile, the “bring your own device” (BYOD) trend in the workplace and increased numbers of high profile users who demand enhanced data privacy and protection are changing the mobile device landscape. This chapter discusses variations of the Android operating system that attempt to bypass the limitations imposed by the previous Android permission model (up to version 5.1) and highlights the fact that forensic analysts will encounter devices with altered characteristics. Also, the chapter discusses the Android permission model introduced in the latest operating system (version M or 6.0) that will likely change the way users interact with apps.

Keywords

  • Android devices
  • Privacy
  • Trust
  • Power users
  • Anti-forensics

References

  1. Andriotis, P., Oikonomou, G., Tryfonas, T.: Forensic analysis of wireless networking evidence of Android smartphones. In: Proceedings of the IEEE International Workshop on Information Forensics and Security, pp. 109–114 (2012)

    Google Scholar 

  2. Andriotis, P., Oikonomou, G., Tryfonas, T., Li, S.: Highlighting relationships of a smartphone’s social ecosystem in potentially large investigations. IEEE Transactions on Cybernetics (2016)

    Google Scholar 

  3. Andriotis, P., Tryfonas, T., Oikonomou, G., King, I.: A framework for describing multimedia circulation in a smartphone ecosystem. In: Peterson, G., Shenoi, S. (eds.) Advances in Digital Forensics XI. IFIP, vol. 462, pp. 251–267. Springer, Heidelberg (2015)

    CrossRef  Google Scholar 

  4. Beede, R., Warbritton, D., MyShield, R.H.: Protecting Mobile Device Data via Security Circles, Technical Report CU-CS-1091-12, Department of Computer Science, University of Colorado Boulder, Boulder, Colorado (2012)

    Google Scholar 

  5. Benisch, M., Kelley, P., Sadeh, N., Cranor, L.: Capturing location-privacy preferences: quantifying accuracy and user-burden tradeoffs. Personal and Ubiquitous Computing 15(7), 679–694 (2011)

    CrossRef  Google Scholar 

  6. Beresford, A., Rice, A., Skehin, N., MockDroid, R.S.: Trading privacy for application functionality on smartphones. In: Proceedings of the Twelfth Workshop on Mobile Computing Systems and Applications, pp. 49–54 (2011)

    Google Scholar 

  7. Bernheim Brush, A., Krumm, J., Scott, J.: Exploring end user preferences for location obfuscation, location-based services and the value of location. In: Proceedings of the Twelfth ACM International Conference on Ubiquitous Computing, pp. 95–104 (2010)

    Google Scholar 

  8. Fisher, D., Dorner, L., Wagner, D.: Location privacy: user behavior in the field. Proceedings of the Second ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 51–56 (2012)

    Google Scholar 

  9. Harris, M., Patten, K.: Mobile device security considerations for small- and medium-sized enterprise business mobility. Information Management and Computer Security 22(1), 97–114 (2014)

    CrossRef  Google Scholar 

  10. Henne, B., Kater, C., Smith, M.: Usable location privacy for Android with crowd recommendations. In: Proceedings of the Seventh International Conference on Trust and Trustworthy Computing, pp. 74–82 (2014)

    Google Scholar 

  11. Henne, B., Kater, C., Smith, M., Brenner, M.: Selective cloaking: need-to-know for location-based apps. In: Proceedings of the Eleventh International Conference on Privacy, Security and Trust, pp. 19–26 (2013)

    Google Scholar 

  12. Hornyack, P., Han, S., Jung, J., Schechter, S., Wetherall, D.: These aren’t the droids you’re looking for: retrofitting Android to protect data from imperious applications. In: Proceedings of the Eighteenth ACM Conference on Computer and Communications Security, pp. 639–652 (2011)

    Google Scholar 

  13. Kaiser, T.: Google removes “App. Ops” privacy control feature from Android 4.4.2, DailyTech, December 16, 2013

    Google Scholar 

  14. Lin, J., Amini, S., Hong, J., Sadeh, N., Lindqvist, J., Zhang, J.: Expectation and purpose: understanding users’ mental models of mobile app. privacy through crowdsourcing. In: Proceedings of the ACM International Conference on Ubiquitous Computing, pp. 501–510 (2012)

    Google Scholar 

  15. Tang, K., Hong, J., Siewiorek, D.: The implications of offering more disclosure choices for social location sharing. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 391–394 (2012)

    Google Scholar 

  16. Vidas, T., Christin, N.: Evading Android runtime analysis via sandbox detection. In: Proceedings of the Ninth ACM Symposium on Information, Computer and Communications Security, pp. 447–458 (2014)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Panagiotis Andriotis .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2016 IFIP International Federation for Information Processing

About this paper

Cite this paper

Andriotis, P., Tryfonas, T. (2016). Impact of User Data Privacy Management Controls on Mobile Device Investigations. In: Peterson, G., Shenoi, S. (eds) Advances in Digital Forensics XII. DigitalForensics 2016. IFIP Advances in Information and Communication Technology, vol 484. Springer, Cham. https://doi.org/10.1007/978-3-319-46279-0_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-46279-0_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-46278-3

  • Online ISBN: 978-3-319-46279-0

  • eBook Packages: Computer ScienceComputer Science (R0)