Panoptispy: Characterizing Audio and Video Exfiltration from Android Applications


The high-fidelity sensors and ubiquitous internet connectivity offered by mobile devices have facilitated an explosion in mobile device apps that rely on multimedia features. However, these sensors can also be used in ways that may violate user's expectations and personal privacy. For example, apps have been caught taking pictures without the user's knowledge and passively listened for inaudible, ultrasonic audio beacons. The developers of mobile device operating systems recognize that sensor data is sensitive, but unfortunately existing permission models only mitigate some of the privacy concerns surrounding multimedia data.
In this work, we present the first large-scale empirical study of media permissions and leaks from Android apps, covering 17,260 apps from Google Play, App China, Mi.com, and Anzhi. We empirically study the behavior these apps using a combination of static and dynamic analysis techniques. Our study reveals several alarming privacy risks in the Android app ecosystem, including apps that over-provision their media permissions and apps that share image and video data with other parties in unexpected ways, without user knowledge or consent. We also identify a previously unreported privacy risk that arises from third party libraries that record and upload screenshots and videos of the screen without informing the user. This can occur without needing any permissions from the user.

Anonymized Dataset

We make our anonymized dataset available for the community. Specifically we provide two versions:

  • Media leaks dataset (only including apps transmitting media files): available here (~573M). The dataset includes our static analysis results and dynamic analyses on apps that exfiltrate media information during our experiments (traffic+extracted files). We encourage you to start with this highlighted version.
  • Full dataset: available here (91+G). In addition to the media leaks dataset, we also include data from apps for which we did not detect media exfiltration during our experiments.

Publication

For more details, please check out the PETS paper:
  • Elleen Pan, Jingjing Ren, Martina Lindorfer, Christo Wilson and David Choffnes. Panoptispy: Characterizing Audio and Video Exfiltration from Android Applications. Proceedings of Privacy Enhancing Technologies, 2018(4). [PDF]
To cite:
  • @article{pan2018panoptispy,
    title={Panoptispy: Characterizing Audio and Video Exfiltration from Android Applications},
    author={Pan, Elleen and Ren, Jingjing and Lindorfer, Martina and Wilson, Christo and Choffnes, David R. ,
    booktitle={Proceedings of Privacy Enhancing Technologies Symposium},
    year={2018}
    }

Acknowledgments

This material is based upon work supported by the DHS S&T contract FA8750-17-2-0145; the NSF under Award No. CNS-1408632, IIS-1408345, and IIS-1553088; a Security, Privacy and Anti-Abuse award from Google; a Comcast Innovation Fund grant; and a Data Trans- parency Lab grant. Any opinions, findings, and conclu- sions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of our sponsors.

Press

Gizmodo: These Academics Spent the Last Year Testing Whether Your Phone Is Secretly Listening to You.