Hidemyapp : Hiding the Presence of Sensitive Apps on Android
HideMyApp : Hiding the Presence of Sensitive Apps on Android Anh Pham Italo Dacosta Eleonora Losiouk John Stephan EPFL, Switzerland EPFL, Switzerland University of Padova, Italy EPFL, Switzerland Kévin Huguenin Jean-Pierre Hubaux University of Lausanne, Switzerland EPFL, Switzerland Abstract patients [23], and there are around 325,000 mHealth apps available in major mobile app stores.2 Millions of users rely on mobile health (mHealth) apps to Given the sensitivity of medical data, the threats of pri- manage their wellness and medical conditions. Although the vacy leakage are one of the main hindrances to the success of popularity of such apps continues to grow, several privacy and mHealth technologies [37]. In this area, a serious and often security challenges can hinder their potential. In particular, overlooked threat is that an adversary can infer sensitive infor- the simple fact that an mHealth app is installed on a user’s mation simply from the presence of an app on a user’s phone. phone can reveal sensitive information about the user’s health. Previous studies have shown that private information, such as Due to Android’s open design, any app, even without per- age, gender, race, and religion, can be inferred from the list of missions, can easily check for the presence of a specific app installed apps [22,29,47]. With the increasing popularity of or collect the entire list of installed apps on the phone. Our mHealth apps, an adversary can now infer even more sensitive analysis shows that Android apps expose a significant amount information. For example, learning that a user has a diabetes of metadata, which facilitates fingerprinting them.
[Show full text]