This document discusses runtime information gathering (RIG) attacks on Android and proposes an app-level protection called AppGuardian. It describes challenges in protecting against RIG attacks due to vague Android permissions and information leaked via /proc files. AppGuardian monitors app behavior and permissions to detect suspicious RIG attacks like phone call recording. It kills suspicious apps and restricts their actions until the user confirms them. Evaluation shows AppGuardian defeats known RIG attacks with minimal overhead on CPU, memory, and battery usage. The document concludes RIG is a serious threat and AppGuardian provides effective app-level protection.