Android applications (apps) generate a consistent amount of data traffic. A noticeable share of this generated data traffic is used to convey third party advertisement, or to collect information about the user and its phone, generally with the target of profiling users. Such a traffic is not needed to the correct app execution and can be considered unwanted overhead. In this paper we propose Data-Sluice, a framework for Android devices which dynamically controls the connections opened by apps, enforcing fine grained policies designed to stop advertisement from altering the user experience, avoiding private data leakage and removing or strongly reducing the data traffic overhead. We apply Data-Sluice to a set of popular Android apps to analyze the generated traffic and removing the data overhead. Furthermore, we exploit Data-Sluice to successfully stop the action of a set of malicious apps.
Data-Sluice: Fine-grained traffic control for Android application
SARACINO, ANDREA;DINI, GIANLUCA
2016-01-01
Abstract
Android applications (apps) generate a consistent amount of data traffic. A noticeable share of this generated data traffic is used to convey third party advertisement, or to collect information about the user and its phone, generally with the target of profiling users. Such a traffic is not needed to the correct app execution and can be considered unwanted overhead. In this paper we propose Data-Sluice, a framework for Android devices which dynamically controls the connections opened by apps, enforcing fine grained policies designed to stop advertisement from altering the user experience, avoiding private data leakage and removing or strongly reducing the data traffic overhead. We apply Data-Sluice to a set of popular Android apps to analyze the generated traffic and removing the data overhead. Furthermore, we exploit Data-Sluice to successfully stop the action of a set of malicious apps.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
