TY - GEN
T1 - Android STAR
T2 - 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2018
AU - Yuan, Lun Pin
AU - Liu, Peng
AU - Zhu, Sencun
N1 - Funding Information:
Peng Liu was supported by ARO W911NF-13-1-0421 (MURI), ARO W911NF-15-1-0576, and NSF CNS-1505664. The work of Zhu was supported through NSF CNS-1618684.
Publisher Copyright:
© 2018 Association for Computing Machinery.
PY - 2018/6/18
Y1 - 2018/6/18
N2 - Messenger apps on smart phones are widely used for easy communication in a collaborative workplace. However, the use of messengers increases risks to both the organization and the collaborators. For example, an employee may receive proprietary information from one app and then accidentally leak it with another app, but neither the employer nor the employee can effectively prove or disprove what has happened inside messengers. To prove mental elements in a lawsuit, the capability of inspecting the use of messengers in a workplace is desirable to both parties: one can prove misconduct and the other can prove innocence. Yet, guilty intention is subtle if not literally described, and how to prove whether there was a guilty intention has not yet been resolved. To provide new kind of evidence, we propose Android STAR, an inspection-purposed record-and-replay service that replays conversation histories and user interactions with apps. We assume that the employer has obtained consents of employees, and the employees have installed Android STAR in their company devices. The challenge to app-usage inspection includes app variety and evidence veracity. We evaluate STAR with 10 popular messenger apps (including Telegram, LINE, and WeChat). Our results show that while STAR can replay in high-fidelity, it only introduces small performance overhead.
AB - Messenger apps on smart phones are widely used for easy communication in a collaborative workplace. However, the use of messengers increases risks to both the organization and the collaborators. For example, an employee may receive proprietary information from one app and then accidentally leak it with another app, but neither the employer nor the employee can effectively prove or disprove what has happened inside messengers. To prove mental elements in a lawsuit, the capability of inspecting the use of messengers in a workplace is desirable to both parties: one can prove misconduct and the other can prove innocence. Yet, guilty intention is subtle if not literally described, and how to prove whether there was a guilty intention has not yet been resolved. To provide new kind of evidence, we propose Android STAR, an inspection-purposed record-and-replay service that replays conversation histories and user interactions with apps. We assume that the employer has obtained consents of employees, and the employees have installed Android STAR in their company devices. The challenge to app-usage inspection includes app variety and evidence veracity. We evaluate STAR with 10 popular messenger apps (including Telegram, LINE, and WeChat). Our results show that while STAR can replay in high-fidelity, it only introduces small performance overhead.
UR - http://www.scopus.com/inward/record.url?scp=85050912125&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85050912125&partnerID=8YFLogxK
U2 - 10.1145/3212480.3212503
DO - 10.1145/3212480.3212503
M3 - Conference contribution
AN - SCOPUS:85050912125
T3 - WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks
SP - 248
EP - 259
BT - WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks
PB - Association for Computing Machinery, Inc
Y2 - 18 June 2018 through 20 June 2018
ER -