April 4, 2017
Paolo Calciati
We present a preliminary study to understand how apps evolve in their permission requests across different releases. We analyze over 14K releases of 227 Android apps, and we see how permission requests change and how they are used. We find that apps tend to request more permissions in their evolution, and many of the newly requested permissions are initially overprivileged. Our qualitative analysis, however, shows that the results that popular tools report on overprivileged apps may be biased by incomplete information or by other factors. We also observe that when apps no longer request a permission, it does not necessarily mean that the new release offers less in terms of functionalities. In the second part of the talk we present our ongoing research, where we use both static and dynamic analyses to better understand how apps evolve in their behavior. We use taint analysis tools to identify sensitive information leaks, and we use a framework, which automatically generates user and system events, to monitor network traffic and system calls at runtime. Our final aim is to highlight possible stealthy behavior that may appear with the application evolution.