Short Paper: WifiLeaks: Underestimated Privacy Implications of the ACCESS_WIFI_STATE Android Permission

Abstract : On Android, installing an application implies accepting the permissions it requests, and these permissions are then enforced at runtime. In this work, we focus on the privacy implications of the ACCESS_WIFI_STATE permission. For this purpose, we analyzed permissions of the 2700 most popular applications on Google Play and found that the ACCESS_WIFI_STATE permission is used by 41% of them. We then performed a static analysis of 998 applications requesting this permission and based on the results, chose 88 applications for dynamic analysis. Our analyses reveal that this permission is already used by some companies to collect user Personally Identifiable Information (PII). We also conducted an online survey to study users' perception of the privacy risks associated with this permission. This survey shows that users largely underestimate the privacy implications of this permission. As this permission is very common, most users are therefore potentially at risk.
Document type :
Conference papers
Complete list of metadatas

Cited literature [12 references]  Display  Hide  Download

https://hal.inria.fr/hal-00997716
Contributor : Mathieu Cunche <>
Submitted on : Wednesday, May 28, 2014 - 4:20:46 PM
Last modification on : Saturday, October 27, 2018 - 1:19:54 AM
Long-term archiving on : Thursday, August 28, 2014 - 12:51:23 PM

File

appwifiprivacy_camera-ready.pd...
Files produced by the author(s)

Identifiers

Citation

Jagdish Prasad Achara, Mathieu Cunche, Vincent Roca, Aurélien Francillon. Short Paper: WifiLeaks: Underestimated Privacy Implications of the ACCESS_WIFI_STATE Android Permission. 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec)), Jul 2014, Oxford, United Kingdom. ⟨10.1145/2627393.2627399⟩. ⟨hal-00997716⟩

Share

Metrics

Record views

1810

Files downloads

944