The Listening Patterns to System Events by Benign and Malicious Android Apps

Mobile applications have become an integral component of modern mobile operating systems. The usage pattern for these apps have increased tremendously the last ten years. At the same time, the security and privacy risks of these apps have also expanded in number and severity. In this paper, we spot the light on a critical component of Android mobile applications called Broadcast receivers. We focus on these receivers that are deliberately developed to listen to system's actions and events. The number of these actions has increased tremendously since the initial release of Android operating system. We showed that how such a component can pose serious privacy risks on users without their knowledge and awareness. We first illustrate a prototype of an attack that was possible due to the use of Broadcast receivers. We then show the results of analyzing a large dataset of malicious and benign Android applications in terms of their Broadcast receivers usages. Our prototype shows that with the use of Broadcast receivers the location privacy of users can be compromised, moreover, the dataset analysis results present that the usage of Broadcast receivers by malicious applications is remarkably higher than benign applications. Finally, we end with some conclusions and recommendations.