{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,20]],"date-time":"2026-04-20T10:44:14Z","timestamp":1776681854877,"version":"3.51.2"},"publisher-location":"New York, NY, USA","reference-count":46,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,7,1]],"date-time":"2024-07-01T00:00:00Z","timestamp":1719792000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,7]]},"DOI":"10.1145\/3634737.3645014","type":"proceedings-article","created":{"date-parts":[[2024,6,28]],"date-time":"2024-06-28T11:51:38Z","timestamp":1719575498000},"page":"1630-1643","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["(In)visible Privacy Indicator: Security Analysis of Privacy Indicator on Android Devices"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0006-6200-6071","authenticated-orcid":false,"given":"Yurak","family":"Choe","sequence":"first","affiliation":[{"name":"Sungkyunkwan University, Suwon, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-3564-660X","authenticated-orcid":false,"given":"Hyungseok","family":"Yu","sequence":"additional","affiliation":[{"name":"Samsung Electronics, Suwon, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0009-0001-2326-0812","authenticated-orcid":false,"given":"Taeho","family":"Kim","sequence":"additional","affiliation":[{"name":"Samsung Electronics, Suwon, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-0176-6706","authenticated-orcid":false,"given":"Shinjae","family":"Lee","sequence":"additional","affiliation":[{"name":"Samsung Electronics, Suwon, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5344-6266","authenticated-orcid":false,"given":"Hojoon","family":"Lee","sequence":"additional","affiliation":[{"name":"Sungkyunkwan University, Suwon, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1605-3866","authenticated-orcid":false,"given":"Hyoungshick","family":"Kim","sequence":"additional","affiliation":[{"name":"Sungkyunkwan University, Suwon, Republic of Korea"}]}],"member":"320","published-online":{"date-parts":[[2024,7]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"[n. d.]. libpng. http:\/\/www.libpng.org\/pub\/png\/libpng.html. Accessed: May 4 2023."},{"key":"e_1_3_2_1_2_1","unstructured":"[n. d.]. Magisk GitHub Repository. https:\/\/github.com\/topjohnwu\/Magisk."},{"key":"e_1_3_2_1_3_1","volume-title":"Android Virtualization Framework (AVF) overview. Retrieved","year":"2023","unstructured":"2023. Android Virtualization Framework (AVF) overview. Retrieved June 7, 2023 from https:\/\/source.android.com\/docs\/core\/virtualization"},{"key":"e_1_3_2_1_4_1","volume-title":"https:\/\/source.android.com\/docs\/core\/architecture\/hidl-cpp\/types. Accessed","author":"Types HIDL","year":"2023","unstructured":"2023. HIDL C++ Types. https:\/\/source.android.com\/docs\/core\/architecture\/hidl-cpp\/types. Accessed: June 29, 2023."},{"key":"e_1_3_2_1_5_1","unstructured":"Alexis Ahmed. 2022. CVE-2022-0847 Dirty Pipe Exploits. https:\/\/github.com\/AlexisAhmed\/CVE-2022-0847-DirtyPipe-Exploits"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"crossref","first-page":"889","DOI":"10.1109\/TMC.2013.90","article-title":"An empirical evaluation of security indicators in mobile web browsers","volume":"14","author":"Amrutkar Chaitrali","year":"2013","unstructured":"Chaitrali Amrutkar, Patrick Traynor, and Paul C Van Oorschot. 2013. An empirical evaluation of security indicators in mobile web browsers. IEEE Transactions on Mobile Computing 14, 5 (2013), 889--903.","journal-title":"IEEE Transactions on Mobile Computing"},{"key":"e_1_3_2_1_7_1","unstructured":"Android Developers. 2021. DeviceConfig. https:\/\/developer.android.com\/reference\/kotlin\/androidx\/wear\/watchface\/client\/DeviceConfig. Accessed on 2023-05-02."},{"key":"e_1_3_2_1_8_1","unstructured":"Apple. 2021. If the camera or flash on your iPhone iPad or iPod touch isn't working. iOS. https:\/\/support.apple.com\/en-us\/HT211808"},{"key":"e_1_3_2_1_9_1","unstructured":"ARM. 2022. SoC and CPU System-Wide Approach to Security. ARM. https:\/\/www.arm.com\/technologies\/trustzone-for-cortex-a"},{"key":"e_1_3_2_1_10_1","unstructured":"ARM. 2023. Stage 2 Translation."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660350"},{"key":"e_1_3_2_1_12_1","volume-title":"23rd USENIX Security Symposium (USENIX Security 14)","author":"Brocker Mathew","year":"2014","unstructured":"Mathew Brocker and Stephen Checkoway. 2014. IseeYou: disabling the MacBook webcam indicator LED. In 23rd USENIX Security Symposium (USENIX Security 14). USENIX Association, 387--402."},{"key":"e_1_3_2_1_13_1","volume-title":"https:\/\/checkmarx.com\/ Accessed on","year":"2023","unstructured":"Checkmarx. 2006. Checkmarx. https:\/\/checkmarx.com\/ Accessed on August 17, 2023."},{"key":"e_1_3_2_1_14_1","unstructured":"Joseph Cox. 2022. Hacker steals customers' text messages from android spyware company. https:\/\/www.vice.com\/en\/article\/qvm44m\/hacker-steals-text-messages-android-spyware-company-spyhuman"},{"key":"e_1_3_2_1_15_1","volume-title":"22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID","author":"Diao Wenrui","year":"2019","unstructured":"Wenrui Diao, Yue Zhang, Li Zhang, Zhou Li, Fenghao Xu, Xiaorui Pan, Xiangyu Liu, Jian Weng, Kehuan Zhang, and XiaoFeng Wang. 2019. Kindness is a Risky Business: On the Usage of the Accessibility {APIs} in Android. In 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2019). 261--275."},{"key":"e_1_3_2_1_16_1","unstructured":"Lorenzo Franceschi-Bicchierai. 2022. Stalkerware company flexispy calls catastrophic hack 'just some false news'. https:\/\/www.vice.com\/en\/article\/xyjwpw\/flexispy-calls-catastrophic-hack-just-some-false-news"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.39"},{"key":"e_1_3_2_1_18_1","unstructured":"Nitish Gadangi. 2021. Privacy Indicator App. https:\/\/github.com\/NitishGadangi\/Privacy-Indicator-App. Accessed: 2023-05-05."},{"key":"e_1_3_2_1_19_1","volume-title":"Skia: a 2D graphics library for accelerating the user interface. Google Developers","year":"2020","unstructured":"Google. 2020. Skia: a 2D graphics library for accelerating the user interface. Google Developers (2020)."},{"key":"e_1_3_2_1_20_1","unstructured":"Google. 2021. Android 12 Features and APIs. https:\/\/developer.android.com\/about\/versions\/12\/features. Accessed on 2023-05-01."},{"key":"e_1_3_2_1_21_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Huang Jie","year":"2021","unstructured":"Jie Huang, Michael Backes, and Sven Bugiel. 2021. A11y and Privacy don't have to be mutually exclusive: Constraining Accessibility Service Misuse on Android. In 30th USENIX Security Symposium (USENIX Security 21). 3631--3648."},{"key":"e_1_3_2_1_22_1","unstructured":"Independent JPEG Group. 2021. libjpeg. http:\/\/libjpeg.sourceforge.net\/."},{"key":"e_1_3_2_1_23_1","volume-title":"Dirty Pipe: Reading and Writing to Any Memory Location on Linux. https:\/\/dirtypipe.cm4all.com\/","author":"Indutny Fedor","year":"2022","unstructured":"Fedor Indutny and Michael Zalewski. 2022. Dirty Pipe: Reading and Writing to Any Memory Location on Linux. https:\/\/dirtypipe.cm4all.com\/ (2022)."},{"key":"e_1_3_2_1_24_1","unstructured":"Cyber Insurance. 2022. mspy - cyberinsurance.com. https:\/\/www.cyberinsurance.com\/breaches\/mspy\/"},{"key":"e_1_3_2_1_25_1","unstructured":"Joseph Cox. 2022. Hacker strikes 'stalkerware' companies stealing alleged texts and GPS locations of customers. https:\/\/www.vice.com\/en\/article\/7x77ex\/hacker-strikes-stalkerware-companies-stealing-alleged-texts-and-gps-locations-of-customers"},{"key":"e_1_3_2_1_26_1","volume-title":"d.]. AndroRAT. https:\/\/github.com\/karma9874\/AndroRAT. Accessed","year":"2023","unstructured":"Karma9874. [n. d.]. AndroRAT. https:\/\/github.com\/karma9874\/AndroRAT. Accessed: May 5, 2023."},{"key":"e_1_3_2_1_27_1","unstructured":"Max Kellermann. 2022. The Dirty Pipe Vulnerability. M4ALL. https:\/\/dirtypipe.cm4all.com\/"},{"key":"e_1_3_2_1_28_1","unstructured":"Brian Krebs. 2022. mspy breach krebs on security. https:\/\/krebsonsecurity.com\/tag\/mspy-breach\/"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/3210240.3210334"},{"key":"e_1_3_2_1_31_1","unstructured":"MITRE. 2019. CVE-2019-2234. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2019-2234. Accessed: 2023-05-03."},{"key":"e_1_3_2_1_32_1","unstructured":"Charlie Osborne. 2022. Spyware firm spyfone leaves customer data recordings exposed online. https:\/\/www.zdnet.com\/article\/spyware-firm-spyfone-leaves-customer-data-recordings-exposed-online\/"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/3458864.3467887"},{"key":"e_1_3_2_1_34_1","unstructured":"Rapid7. 2021. Metasploit. https:\/\/www.metasploit.com\/. Accessed: 2021-09-29."},{"key":"e_1_3_2_1_35_1","unstructured":"Rithvik. 2022. Cerberus acknowledges data breach states some usernames and encrypted passwords stolen. https:\/\/www.droidlife.com\/2014\/03\/26\/cerberus-data-breach\/"},{"key":"e_1_3_2_1_36_1","volume-title":"Raz Ben Yehuda","author":"Zaidenberg Ron Stajnrod Nezer Jacob","year":"2021","unstructured":"Nezer Jacob Zaidenberg Ron Stajnrod, Raz Ben Yehuda. 2021. Attacking TrustZone on devices lacking memory protection. In Journal of Computer Virology and Hacking Techniques."},{"key":"e_1_3_2_1_37_1","unstructured":"Samsung. 2020. Samsung Knox - HdmManager. https:\/\/docs.samsungknox.com\/devref\/knox-sdk\/reference\/com\/samsung\/android\/knox\/hdm\/HdmManager.html."},{"key":"e_1_3_2_1_38_1","unstructured":"Samsung Insights. 2022. Defense in Depth: How Samsung Knox Defeats Mobile Malware. https:\/\/insights.samsung.com\/2022\/08\/14\/defense-in-depth-how-samsung-knox-defeats-mobile-malware-2\/."},{"key":"e_1_3_2_1_39_1","first-page":"17","article-title":"A study on Dirty Pipe Linux vulnerability","volume":"14","author":"Tanwar Saurav","year":"2022","unstructured":"Saurav Tanwar and Hee Wan Kim. 2022. A study on Dirty Pipe Linux vulnerability. International Journal of Internet, Broadcasting and Communication 14, 3 (2022), 17--21.","journal-title":"International Journal of Internet, Broadcasting and Communication"},{"key":"e_1_3_2_1_40_1","unstructured":"Lisa Vaas. 2018. Hacker claims spyware maker retina-x has been breached again. https:\/\/nakedsecurity.sophos.com\/2018\/02\/23\/hacker-claims-spyware-maker-retina-x-has-been-breached-again\/."},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.3390\/app11125571"},{"key":"e_1_3_2_1_42_1","unstructured":"Waqas. 2022. Company that sells spyware to domestic abusers hacked. https:\/\/www.hackread.com\/company-that-sells-spywareto-domestic-abusers-hacked\/"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/3307334.3326094"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/3471621.3471625"},{"key":"e_1_3_2_1_45_1","volume-title":"Proceedings of the 5th ACM Conference on Data and Application Security and Privacy. 99--110","author":"Zhang Zhongwen","year":"2015","unstructured":"Zhongwen Zhang, Peng Liu, Ji Xiang, Jiwu Jing, and Lingguang Lei. 2015. How your phone camera can be used to stealthily spy on you: Transplantation attacks against android camera service. In Proceedings of the 5th ACM Conference on Data and Application Security and Privacy. 99--110."},{"key":"e_1_3_2_1_46_1","unstructured":"Zimperium. 2021. PhoneSpy: The App-based Cyberattack Snooping South Korean Citizens. Zimperium. https:\/\/www.zimperium.com\/blog\/phonespy-the-app-based-cyberattack-snooping-south-korean-citizens\/"},{"key":"e_1_3_2_1_47_1","unstructured":"Zeljka Zorz. 2022. Retina-x admits they have suffered a data breach - help net security. https:\/\/www.helpnetsecurity.com\/2017\/05\/02\/retina-x-data-breach\/"}],"event":{"name":"ASIA CCS '24: 19th ACM Asia Conference on Computer and Communications Security","location":"Singapore Singapore","acronym":"ASIA CCS '24","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 19th ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3634737.3645014","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T23:44:07Z","timestamp":1750290247000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3634737.3645014"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,7]]},"references-count":46,"alternative-id":["10.1145\/3634737.3645014","10.1145\/3634737"],"URL":"https:\/\/doi.org\/10.1145\/3634737.3645014","relation":{},"subject":[],"published":{"date-parts":[[2024,7]]},"assertion":[{"value":"2024-07-01","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}