ABSTRACT
With the number of malicious applications (apps) for Android devices surpassing the one million threshold, Android devices and contained data are endangered. However, the user's privacy is not targeted only by those apps classified as malicious. In fact, different monetization strategies for apps bring developers to include in their apps features that cause behaviors that are not desirable on the user side. These features alter the user experience, and at different levels, introduce overhead, consume large amount of data traffic, and send out user information, which might also be privacy sensitive, and potentially expose the device to more serious threats. This chapter presents a taxonomy of threats to Android security, which are related to data traffic, coming from genuine, borderline, and malicious apps. After surveying the behavior and intrusion techniques of grayware, adsware, and spyware, we will discuss a methodology to detect the intrusion and eventually prevent it. A set of experiments on real apps is also presented to show the impact of the intrusion with numerical results and to discuss the benefit introduced by our detection and prevention methodology.
