[ACM]
Each Android application runs in its own virtual machine, with its own Linux user account and corresponding permissions. Although this ensures that permissions are given as per each application’s requirements, each permission itself is still broad enough to possible exploitation. Such an exploitation may result in over consumption of phone’s resources, in terms of processing, battery, and communication bandwidth. In this paper, we propose a tool, called Chiromancer, for the developers and phone users to control application’s permissions at a fine granularity and to tune the application’s resource consumption to their satisfaction. The framework is based on static code analysis and code injection. It takes in compiled code and so does not require access to source code of the application. As a case study, we passed publicly available applications from Google Play through Chiromancer to fine tune their performance. We compared energy and data consumed by these applications before and after the code injection to corroborate our claims of improvement in performance. We observed substantial improvements.