DPerm: Assisting the Migration of Android Apps to Runtime Permissions

TL;DR

This paper introduces DPSpec, a comprehensive permission specification for Android, and DPerm, a static analysis tool that accurately recommends permission request locations, easing app migration to runtime permissions.

Contribution

It presents DPSpec, a detailed permission specification, and DPerm, a static analysis tool with high precision for permission request placement in Android apps.

Findings

DPSpec detects more permission usages than existing specifications.

DPerm achieves 96% precision and 89% recall in empirical tests.

The approach improves app migration to runtime permissions significantly.

Abstract

Android apps require permissions when accessing resources related to privacy or system integrity. Starting from Android 6, these permissions have to be asked at runtime. However, migrating to the new permission model poses multiple challenges for developers. First, developers have to discover where the app uses permissions, which requires a permission specification. To date several such specifications have been built, yet these are either imprecise, incomplete or don't support all types of protected resources. We first present DPSpec, a novel permission specification built from several documentation formats supplied with the Android SDK. Compared with the state the art specification, it contains 2.5x as many entries for protected methods and detects dangerous permission usages in more than twice as many apps. A second challenge for developers is where to insert permission requests, with possible locations restricted by the request mechanism. We also present DPerm, a static analysis for Android apps that recommends locations for permission requests in code. It achieves high precision through context sensitivity and improves recall through a general call graph augmentation algorithm for incomplete code. Our empirical evaluation on 32 apps shows a precision of 96% and recall of 89%.