Android App Scanner (2012)

Researchers: Jason Hong, Janne Lindqvist

Research Area: Mobility

Cross Cutting Thrusts: Usable Privacy and Security

Abstract

Scope: The Android Market has over 30000 apps. The Apple App Store has over 185000 apps. The problem, however, is how do we know what an app will do when it is loaded on a mobile phone? Also, how can we communicate what an app does to users? For this project, we propose two major activities. The first is to build a system that can semi-automate analysis of what an Android app is doing with respect to one’s privacy. For example, how often does this app share one’s location? What networks is it connecting to? Does it uploads part of one’s contact list to a server? The second major activity is to design a user interface that makes it easy for people to understand what the app will do. Currently, apps display a manifest that describes at a very coarse level what an app will do (for example, checks location, uses network, etc). We will design and evaluate several different interfaces to communicate to people what an app does, based on our semi-automated analysis.

Outcomes: A system that will run Android apps and provide semi-automated analysis of what the app does. A series of user studies to understand what kinds of information is important to people when installing apps, and user interfaces for communicating that information to people.

Technical Reports: Caché: Caching Location-Enhanced Content to Improve User Privacy | Towards Scalable Evaluation of Mobile Applications through Crowdsourcing and Automation