Android apps provide several useful ways for people to extend the capabilities of their device. But with the popularity and rapid development of Android, its security issues have also become increasingly prominent. The more people rely on mobile devices, the more private information about these people can be accessed from their devices. Collection of such private information is one of the most important threats today Android users have. Though Android operating system is trying to provide few security options to the user, these options are still insufficient to provide users with adequate visibility into when third-party applications access their private data. Most of the proposed approaches that help address this problem either rely on modified versions of the Android operating system or are not available directly on the device which makes it hard to use by the average user.
In order to audit the access to private data by Android applications we propose a user level tool Monitor. Its working can be divided in two phases. In the first phase (Active phase), whenever new application is installed, Monitor takes application package, decompiles it, injects a small patch into the bytecode and repackages the application. The second phase (Listening phase) comprises of informing the user about the sensitive data access when the introduced patch generates notification. Monitor does not require root permission to run on a device. it relies on the repackaging of a compiled application and the injection of a reporter at byte code level. According to our experiments, Monitor can effectively detect private data access of most applications with almost no overhead on power consumption and app performance.