Skip to main content
SpringerLink
Log in

AI and Its Risks in Android Smartphones: A Case of Google Smart Assistant

  • Conference paper
  • First Online:
Book cover Dependability in Sensor, Cloud, and Big Data Systems and Applications (DependSys 2019)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1123))

Abstract

This paper intends to highlight the risks of AI in Android smartphones. In this regard, we perform a risk analysis of Google Smart Assistant, a state-of-the-art, AI-powered smartphone app, and assess the transparency in its risk communication to users and implementation. Android users rely on the transparency of an app’s descriptions and Permission requirements for its risk evaluation, and many risk evaluation models consider the same factors while calculating app threat scores. Further, different risk evaluation models and malware detection methods for Android apps use an app’s Permissions and API usage to assess its behavior. Therefore, in our risk analysis, we assess Description-to-Permissions fidelity and Functions-to-API-Usage fidelity in Google Smart Assistant. We compare Permission and API usage in Google Smart Assistant with those of four leading smart assistants and discover that Google Smart Assistant has unusual permission requirements and sensitive API usage. Our risk analysis finds a lack of transparency in risk communication and implementation of Google Smart Assistant. This lack of transparency may make it impossible for users to assess the risks of this app. It also makes some of the state-of-the-art app risk evaluation models and malware detection methods ineffective.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Villani, C., et al.: For a Meaningful Artificial Intelligence: Towards a French and European Strategy. Conseil national du numérique, Paris (2018)

    Google Scholar 

  2. AI on the Honor V10 is a game-changer. https://www.androidauthority.com/ai-on-the-honor-v10-is-a-game-changer-832613/

  3. UNESCO, EQUALS Skills Coalition: I’d blush if I could: closing gender divides in digital skills through education (2019)

    Google Scholar 

  4. Alepis, E., Patsakis, C.: Monkey says, monkey does: security and privacy on voice assistants. IEEE Access. 5, 17841–17851 (2017)

    Article  Google Scholar 

  5. Zhang, N., Mi, X., Feng, X., Wang, X., Tian, Y., Qian, F.: Understanding and mitigating the security risks of voice-controlled third-party skills on Amazon Alexa and Google Home (2018). arXiv:1805.01525 [cs.CR]

  6. Lau, J., Zimmerman, B., Schaub, F.: Alexa, are you listening? Proc. ACM Hum. Comput. Interact. 2, 1–31 (2018)

    Article  Google Scholar 

  7. Seymour, W.: How loyal is your Alexa? In: Extended Abstracts of the 2018 CHI Conference on Human Factors in Computing Systems - CHI 2018, pp. 1–6. ACM Press, New York (2018)

    Google Scholar 

  8. Michaely, A.H., Zhang, X., Simko, G., Parada, C., Aleksic, P.: Keyword spotting for Google assistant using contextual speech recognition. In: Proceedings of 2017 IEEE Automatic Speech Recognition and Understanding Workshop, ASRU 2017, pp. 272–278, January 2018

    Google Scholar 

  9. Zhang, R., Chen, X., Lu, J., Wen, S., Nepal, S., Xiang, Y.: Using AI to Hack IA: A New Stealthy Spyware Against Voice Assistance Functions in Smart Phones (2018). arXiv:1805.06187 [cs.CR]

  10. Chung, H., Lee, S.: Intelligent Virtual Assistant knows Your Life, pp. 1–6 (2018). arXiv:1803.00466 [cs.CY]

  11. Acquisti, A., Adjerid, I., Brandimarte, L.: Gone in 15 seconds: the limits of privacy transparency and control. IEEE Secur. Priv. 11, 72–74 (2013)

    Article  Google Scholar 

  12. Google: Android Pie. https://www.android.com/versions/pie-9-0/

  13. Google: Permissions Overview. https://bit.ly/2HcAcye

  14. Gorla, A., Tavecchia, I., Gross, F., Zeller, A.: Checking app behavior against app descriptions. In: Proceedings of the 36th International Conference on Software Engineering - ICSE 2014, pp. 1025–1035. ACM Press, New York (2014)

    Google Scholar 

  15. Elahi, H., Wang, G., Xie, D.: Assessing privacy behaviors of smartphone users in the context of data over-collection problem: an exploratory study. In: 2017 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computed, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI), pp. 1–8. IEEE (2017)

    Google Scholar 

  16. Song, Y., Chen, Y., Lang, B., Liu, H., Chen, S.: Topic model based Android malware detection. In: Wang, G., Feng, J., Bhuiyan, M.Z.A., Lu, R. (eds.) SpaCCS 2019. LNCS, vol. 11611, pp. 384–396. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-24907-6_29

    Chapter  Google Scholar 

  17. Varian, H.R.: Computer mediated transactions. Am. Econ. Rev. 100, 1–10 (2010)

    Article  Google Scholar 

  18. Qu, Z., Rastogi, V., Zhang, X., Chen, Y., Zhu, T., Chen, Z.: AutoCog: measuring the description-to-permission fidelity in Android applications. In: Proceedings of 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS 2014, pp. 1354–1365 (2014)

    Google Scholar 

  19. Jing, Y., Ahn, G.-J., Zhao, Z., Hu, H.: RiskMon: continuous and automated risk assessment of mobile applications. In: Proceedings of 4th ACM Conference on Data and Application Security and Privacy - CODASPY 2014, pp. 99–110 (2014)

    Google Scholar 

  20. Rashidi, B., Fung, C., Bertino, E.: Android resource usage risk assessment using hidden Markov model and online learning. Comput. Secur. 65, 90–107 (2017)

    Article  Google Scholar 

  21. Dini, G., Martinelli, F., Matteucci, I., Petrocchi, M., Saracino, A., Sgandurra, D.: Risk analysis of Android applications: a user-centric solution. Futur. Gener. Comput. Syst. 80, 505–518 (2018)

    Article  Google Scholar 

  22. Bal, G., Rannenberg, K., Hong, J.I.: Styx: privacy risk communication for the Android smartphone platform based on apps’ data-access behavior patterns. Comput. Secur. 53, 187–202 (2015)

    Article  Google Scholar 

  23. Yeh, K.H., Lo, N.W., Fan, C.Y.: An analysis framework for information loss and privacy leakage on Android applications. 2014 IEEE 3rd Global Conference on Consumer Electronics, pp. 216–218 (2014)

    Google Scholar 

  24. Transparency, Cambridge Dictionary (Online). https://tinyurl.com/y2k94p7u

  25. The European Parliament and the Council of the European Union: Regulation (EU) 2016/679 (GDPR). Off. J. Eur. Union., pp. 1–88 (2016)

    Google Scholar 

  26. Page, J., Bain, M., Mukhlish, F.: The risks of low level narrow artificial intelligence. In: 2018 IEEE International Conference on Intelligence and Safety for Robotics (ISR), pp. 1–6. IEEE (2018)

    Google Scholar 

  27. Porter, J.: The biggest Google Assistant products from CES 2019. https://tinyurl.com/ycasf9j4

  28. Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D.: Android permissions demystified. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, Chicago, Illinois, USA, pp. 627–638. ACM, New York (2011)

    Google Scholar 

  29. Tao, G., Zheng, Z., Guo, Z., Lyu, M.R.: MalPat: mining patterns of malicious and benign Android apps via permission-related APIs. IEEE Trans. Reliab. 67, 355–369 (2018)

    Article  Google Scholar 

  30. Desnos, A.: Androguard: reverse engineering, malware and goodware analysis of Android applications. https://github.com/androguard

  31. Bohm, A.: Theoretical coding: text analysis in grounded theory. In: Flick, U., von Kardoff, E., Stein, I. (eds.) A Companion to Qualitative Research. pp. 270–275. SAGE Publications, London (2004). ISBN: 9780761973751

    Google Scholar 

  32. Lugano, G.: Virtual assistants and self-driving cars: to what extent is artificial intelligence needed in next-generation autonomous vehicles? In: 15th International Conference on ITS Telecommunications, pp. 1–5 (2017)

    Google Scholar 

  33. Elahi, H., Wang, G., Li, X.: Smartphone bloatware: an overlooked privacy problem. In: Wang, G., Atiquzzaman, M., Yan, Z., Choo, K.-K.R. (eds.) SpaCCS 2017. LNCS, vol. 10656, pp. 169–185. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-72389-1_15

    Chapter  Google Scholar 

  34. READ\(\_\)GSERVICE. https://tinyurl.com/y27dz3we

  35. Tsavli, M., Efraimidis, P.S., Katos, V., Mitrou, L.: Reengineering the user: privacy concerns about personal data on smartphones. Inf. Comput. Secur. 23, 394–405 (2015)

    Article  Google Scholar 

  36. Fan, M., Liu, J., Wang, W., Li, H., Tian, Z., Liu, T.: DAPASA: detecting Android piggybacked apps through sensitive subgraph analysis. IEEE Trans. Inf. Forensics Secur. 12, 1772–1785 (2017)

    Article  Google Scholar 

  37. Xu, Y., Wang, G., Ren, J., Zhang, Y.: An adaptive and configurable protection framework against Android privilege escalation threats. Futur. Gener. Comput. Syst. 92, 210–224 (2019)

    Article  Google Scholar 

  38. Li, J., Sun, L., Yan, Q., Li, Z., Srisa-an, W., Ye, H.: Significant permission identification for machine-learning-based Android malware detection. IEEE Trans. Ind. Inform. 14, 3216–3225 (2018)

    Article  Google Scholar 

  39. van Ditmarsch, H., French, T.: On the Interactions of Awareness and Certainty. In: Wang, D., Reynolds, M. (eds.) AI 2011. LNCS (LNAI), vol. 7106, pp. 727–738. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25832-9_74

    Chapter  Google Scholar 

  40. Spohn, W.: Two coherence principles. In: Causation, Coherence, and Concepts. Boston Studies in the Philosophy of Science, vol. 256. Springer, Dordrecht (2009). https://doi.org/10.1007/978-1-4020-5474-7_10

  41. Lee, S.-Y., Lin, F. J.: Situation awareness in a smart home environment. In: 2016 IEEE 3rd World Forum on Internet of Things (WF-IoT). pp. 678–683. IEEE (2016). http://ieeexplore.ieee.org/document/7845412/, https://doi.org/10.1109/WF-IoT.2016.7845412. ISBN: 978-1-5090-4130-5

  42. Sinha, A., Anastasopoulos, A.: Incentive mechanisms for fairness among strategic agents. IEEE J. Sel. Areas Commun. 35, 288–301 (2017). https://doi.org/10.1109/JSAC.2017.2659061

    Article  Google Scholar 

  43. Vernon, D., Metta, G., Sandini, G.: A survey of artificial cognitive systems: implictions for the autonomous development of mental capbilities in computational agents. IEEE Trans. Evol. Comput. 11, 1–30 (2007). https://doi.org/10.1109/TEVC.2006.890274

    Article  Google Scholar 

Download references

Acknowledgments

This work was supported in part by the National Natural Science Foundation of China under Grants 61632009, 61802076 and 61872097, in part by the Guangdong Provincial Natural Science Foundation under Grant 2017A030308006, and in part by the High-Level Talents Program of Higher Education in Guangdong Province under Grant 2016ZJ01.

Author information

Authors and Affiliations

  1. School of Computer Science, Guangzhou University, Guangzhou, 510006, People’s Republic of China

    Haroon Elahi, Guojun Wang, Tao Peng & Jianer Chen

Authors
  1. Haroon Elahi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Guojun Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tao Peng
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jianer Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Guojun Wang .

Editor information

Editors and Affiliations

  1. Guangzhou University, Guangzhou, China

    Guojun Wang

  2. Fordham University, New York, USA

    Md Zakirul Alam Bhuiyan

  3. Università degli Studi di Milano, Milan, Italy

    Sabrina De Capitani di Vimercati

  4. Hangzhou Dianzi University, Hangzhou, China

    Yizhi Ren

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Elahi, H., Wang, G., Peng, T., Chen, J. (2019). AI and Its Risks in Android Smartphones: A Case of Google Smart Assistant. In: Wang, G., Bhuiyan, M.Z.A., De Capitani di Vimercati, S., Ren, Y. (eds) Dependability in Sensor, Cloud, and Big Data Systems and Applications. DependSys 2019. Communications in Computer and Information Science, vol 1123. Springer, Singapore. https://doi.org/10.1007/978-981-15-1304-6_27

Download citation

  • DOI: https://doi.org/10.1007/978-981-15-1304-6_27

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-15-1303-9

  • Online ISBN: 978-981-15-1304-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation