Thu 29 Oct 2015 10:52 - 11:15 at Grand Station 1 - 5. Mobility Chair(s): Lukasz Ziarek

Given a program whose functionality depends on access to certain external resources, we investigate the question of how to gracefully degrade functionality when a subset of those resources is unavailable. The concrete setting motivating this problem statement is mobile applications, which rely on contextual data (e.g., device identifiers, user location and contacts, etc.) to fulfill their functionality. In particular, we focus on the Android platform, which mediates access to resources via an installation-time permission model. On the one hand, granting an app the permission to access a resource (e.g., the device ID) entails privacy threats (e.g., releasing the device ID to advertising servers). On the other hand, denying access to a resource could render the app useless (e.g., if inability to read the device ID is treated as an error state). Our goal is to specialize an existing Android app in such a way that it is disabled from accessing certain sensitive resources (or contextual data) as specified by the user, while still being able to execute functionality that does not depend on those resources. We present ShamDroid, a program transformation algorithm, based on specialized forms of program slicing, backwards static analysis and constraint solving, that enables the use of Android apps with partial permissions. We rigorously state the guarantees provided by ShamDroid w.r.t. functionality maximization. We provide an evaluation over the top 500 Google Play apps and report on an extensive comparative evaluation of ShamDroid against three other state-of-the-art solutions (APM, XPrivacy, and Google App Ops) that mediate resource access at the system (rather than app) level. ShamDroid performs better than all of these tools by a significant margin, leading to abnormal behavior in only 1 out of 27 apps we manually investigated, compared to the other solutions, which cause crashes and abnormalities in 9 or more of the apps. This demonstrates the importance of performing app-sensitive mocking.

Thu 29 Oct

Displayed time zone: Eastern Time (US & Canada) change

10:30 - 12:00
5. MobilityOOPSLA at Grand Station 1
Chair(s): Lukasz Ziarek State University of New York (SUNY) Buffalo
10:30
22m
Talk
Interactively Verifying Absence of Explicit Information Flows in Android Apps
OOPSLA
Osbert Bastani Stanford University, Saswat Anand Stanford University, Alex Aiken Stanford University
DOI Media Attached
10:52
22m
Talk
ShamDroid: Gracefully Degrading Functionality in the Presence of Limited Resource Access
OOPSLA
Lucas Brutschy ETH Zurich, Switzerland, Pietro Ferrara IBM Research, USA, Omer Tripp IBM Research, USA, Marco Pistoia IBM Research, USA
Pre-print Media Attached
11:15
22m
Talk
Scalable Race Detection for Android ApplicationsOOPSLA Artifact
OOPSLA
Pavol Bielik ETH Zurich, Switzerland, Veselin Raychev ETH Zurich, Switzerland, Martin Vechev ETH Zurich, Switzerland
DOI Media Attached
11:37
22m
Talk
Versatile yet Lightweight Record-and-Replay for Android
OOPSLA
Yongjian Hu University of California at Riverside, USA, Tanzirul Azim University of California at Riverside, USA, Iulian Neamtiu University of California at Riverside, USA
DOI Media Attached