Sign In

Communications of the ACM

ACM TechNews

What Are Your Apps Hiding?


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Some Android smartphone app communications are triggered by Android analytics packages.

Massachusetts Institute of Technology researchers have shown that some phone apps engage in covert communication.

Credit: Jose-Luis Olivares/MIT

Massachusetts Institute of Technology (MIT) researchers have found the user experience is largely unaffected by much of the data transferred between the 500 most popular free Google Android cellphone applications.

MIT postdoctoral researcher Julia Rubin says about 50 percent of these "covert" communications seem to be triggered by standard Android analytics packages, which report statistics on usage patterns and program performance and are designed to help developers improve their apps. Rubin notes although the other half are not analytics-related, there still could be a good reason for covert communications; however, she says users should be notified.

The MIT team's analytic tools plot out all possible ways data can flow through an app, to determine whether or not a given command to open a communication channel will result in a control signal that is routed to either the display or the speaker.

An analysis of data traffic from some of the more popular apps uncovered some insight about the possible goals of their convert communications. "Where there's an element of surprise--and promise--is in the fact that you can't really localize all these covert channels to advertising and analytics, which is what one would intuitively expect," says the IBM T.J. Watson Research Center's Omer Tripp.

The research was presented last week at the IEEE/ACM International Conference on Automated Software Engineering (ASE 2015) in Lincoln, NE.

From MIT News
View Full Article

 

Abstracts Copyright © 2015 Information Inc., Bethesda, Maryland, USA


 

No entries found