TY - GEN
T1 - SemaDroid
T2 - 5th ACM Conference on Data and Application Security and Privacy, CODASPY 2015
AU - Xu, Zhi
AU - Zhu, Sencun
N1 - Publisher Copyright:
Copyright © 2015 ACM.
PY - 2015/3/2
Y1 - 2015/3/2
N2 - While mobile sensing applications are booming, the sensor man- agement mechanisms in current smartphone operating systems are left behind - they are incomprehensive and coarse-grained, expos- ing a huge attack surface for malicious or aggressive third party apps to steal user's private information through mobile sensors. In this paper, we propose a privacy-aware sensor management framework, called SemaDroid, which extends the existing sensor management framework on Android to provide comprehensive and fine-grained access control over onboard sensors. SemaDroid al- lows the user to monitor the sensor usage of installed apps, and to control the disclosure of sensing information while not affect- ing the app's usability. Furthermore, SemaDroid supports context- aware and quality-of-sensing based access control policies. The en- forcement and update of the policies are in real-time. Detailed de- sign and implementation of SemaDroid on Android are presented to show that SemaDroid works compatible with the existing An- droid security framework. Demonstrations are also given to show the capability of SemaDroid on sensor management and on defeat- ing emerging sensor-based attacks. Finally, we show the high effi- ciency and security of SemaDroid.
AB - While mobile sensing applications are booming, the sensor man- agement mechanisms in current smartphone operating systems are left behind - they are incomprehensive and coarse-grained, expos- ing a huge attack surface for malicious or aggressive third party apps to steal user's private information through mobile sensors. In this paper, we propose a privacy-aware sensor management framework, called SemaDroid, which extends the existing sensor management framework on Android to provide comprehensive and fine-grained access control over onboard sensors. SemaDroid al- lows the user to monitor the sensor usage of installed apps, and to control the disclosure of sensing information while not affect- ing the app's usability. Furthermore, SemaDroid supports context- aware and quality-of-sensing based access control policies. The en- forcement and update of the policies are in real-time. Detailed de- sign and implementation of SemaDroid on Android are presented to show that SemaDroid works compatible with the existing An- droid security framework. Demonstrations are also given to show the capability of SemaDroid on sensor management and on defeat- ing emerging sensor-based attacks. Finally, we show the high effi- ciency and security of SemaDroid.
UR - http://www.scopus.com/inward/record.url?scp=84928103622&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84928103622&partnerID=8YFLogxK
U2 - 10.1145/2699026.2699114
DO - 10.1145/2699026.2699114
M3 - Conference contribution
AN - SCOPUS:84928103622
T3 - CODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy
SP - 61
EP - 72
BT - CODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy
PB - Association for Computing Machinery
Y2 - 2 March 2015 through 4 March 2015
ER -