Differentiated context-aware hook placement for different owners' smartphones
This addresses privacy concerns for Android smartphone users by providing a personalized, automated solution, though it is incremental as it builds on existing hook-based methods.
The paper tackled the problem of automating hook placement in the Android Framework to enforce user privacy policies, resulting in no privacy violations in tests and small runtime overhead.
A hook is a piece of code. It checks user privacy policy before some sensitive operations happen. We propose an automated solution named Prihook for hook placement in the Android Framework. Addressing specific context-aware user privacy concerns, the hook placement in Prihook is personalized. Specifically, we design User Privacy Preference Table (UPPT) to help a user express his privacy concerns. And we leverage machine learning to discover a Potential Method Set (consisting of Sensor Data Access Methods and Sensor Control Methods) from which we can select a particular subset to put hooks. We propose a mapping from words in the UPPT lexicon to methods in the Potential Method Set. With this mapping, Prihook is able to (a) select a specific set of methods; and (b) generate and place hooks automatically. We test Prihook separately on 6 typical UPPTs representing 6 kinds of resource-sensitive UPPTs, and no user privacy violation is found. The experimental results show that the hooks placed by PriHook have small runtime overhead.