Android applications may abuse their permissions on private data, leaking the user's privacy out of the mobile device via data transmissions. A straightforward way to deal with this problem is to restrict the application permissions. However, the restriction not only prevents the undesirable operations from leaking privacy but also prohibits the desirable operations from utilizing private data. Our goal is to get both of the points: ensuring the user's privacy by preventing undesirable private-data transmissions and enduring no degradation on the desirable application functionalities. We propose SieveDroid, a fine-grained runtime privacy control framework. SieveDroid addresses two key challenges of intercepting the undesirable private-data transmissions: revealing how private-data transmissions occur to end-users and setting privacy control rules which intercept the undesirable private-data transmissions at runtime without interfering with desirable ones. We evaluate SieveDroid by using Android malware samples and real applications from the Android market. The results demonstrate that SieveDroid reveals the undesirable operations precisely and concisely and it can effectively intercept the undesirable data transmissions. Besides, desirable functionalities in 98% of the tested applications are not affected.

中文翻译：

---

SieveDroid：拦截Android应用程序中不希望的私人数据传输

Android应用程序可能会滥用其对私有数据的权限，从而通过数据传输将用户的隐私泄露到移动设备之外。解决此问题的一种直接方法是限制应用程序权限。然而，该限制不仅防止不期望的操作泄漏隐私，而且还禁止了期望的操作利用私有数据。我们的目标是要实现这两点：通过防止不良的私人数据传输来确保用户的隐私，并在所需的应用程序功能上不降低性能。我们提出了SieveDroid，一个细粒度的运行时隐私控制框架。SieveDroid解决了拦截不良的私人数据传输的两个关键挑战：揭示最终用户如何进行私有数据传输，并设置隐私控制规则，以在运行时拦截不希望的私有数据传输而不会干扰希望的私有数据传输。我们使用Android恶意软件样本和来自Android市场的实际应用程序评估SieveDroid。结果表明，SieveDroid可以准确，简洁地揭示不良操作，并且可以有效拦截不良数据传输。此外，在98％的测试应用程序中所需的功能不会受到影响。结果表明，SieveDroid可以准确，简洁地揭示不良操作，并且可以有效拦截不良数据传输。此外，在98％的测试应用程序中所需的功能不会受到影响。结果表明，SieveDroid准确，简洁地揭示了不良操作，并且可以有效拦截不良数据传输。此外，在98％的测试应用程序中所需的功能不会受到影响。