A detailed study on risk assessment of mobile app permissions

Malleswari, D Naga; Dhavalya, A; sai, V.D.Varun; Srikanth, K.

doi:10.14419/ijet.v7i1.1.9706

Cited by 5 publications

(5 citation statements)

References 6 publications

(6 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The level of risk is measured based on the impact of the mobile attack. As mobile device functions grow drastically to compete with the new emergence of design among developers in the market place, mobile users face higher risks (Naga Malleswari et al 2017 ). Risk analysis is thus analysed by some procedures, such as categorising the risk, triggers, effects of the risk, re-evaluating the possibility of the risk, and finding the factor to mitigate the risk (Sharma and Gupta 2018b ; B 2018 ).…”

Section: Malware Intrusion Detection System (Ids)mentioning

confidence: 99%

“…Leading a risk assessment is interesting due to less awareness on its effect on risk decision making. A study by Naga Malleswari et al ( 2017 ) helped to improve users’ awareness by presenting the privacy risk for users before granting permission. Similarly, a study by Alali et al ( 2018 ) proposed the Fuzzy Inference Model (FIS) which determines four (4) factors of risk: threat, vulnerability, impact, and likelihood.…”

Section: Challenges and Future Directionmentioning

confidence: 99%

See 1 more Smart Citation

Towards a systematic description of the field using bibliometric analysis: malware evolution

et al. 2021

View full text Add to dashboard Cite

Malware is a blanket term for Trojan, viruses, spyware, worms, and other files that are purposely created to harm computers, mobile devices, or computer networks. Malware commonly steals, encrypts, damages, and causes a mess in these devices. The growth of malware attacks has a consequence on the growth and attractiveness of mobile features in mobile devices. Most malware research aims to probe the different methods of preventing, analysing, and detecting malware attacks. This paper aims to demonstrate an exhaustive knowledge map of the Android malware by collecting a ten (10) year dataset from the Web of Science database. A bibliometric analysis was employed for analysing articles published between 2010 and 2019. Using the keyword "malware", 5622 articles were retrieved. After scrutinising with the keywords of "Android malware", 1278 articles were then collected. This study provides an overview of the articles, productivity, research area, the Web of Science categories, authors, high-cited articles, institutions, and impact journals examining malware. Research activities are continued by placing terms in the classification of malware detection systems that outline important areas in malware research. From the analysis, it can be concluded that the highest number of publications focusing on malware studies came from the continent of Asia. Additionally, this study discusses the challenges of malware studies in the recent research studies as well as the future direction.

show abstract

Section: Malware Intrusion Detection System (Ids)mentioning

confidence: 99%

Section: Challenges and Future Directionmentioning

confidence: 99%

Towards a systematic description of the field using bibliometric analysis: malware evolution

et al. 2021

View full text Add to dashboard Cite

show abstract

“…The risk of unauthorised access to sensitive information, which may be acquired through interception of information, malware (Balaganesh et al, 2018;Yan and Yan, 2018), phishing and subscriber identification module swaps (Buku and Mazer, 2017), represents a major threat. If unauthorised access to aspects such as login names, bank account numbers, usernames and passwords is obtained, it may be used by criminals for fraudulent purposes, such as identity theft and financial fraud (Balaganesh et al, 2018;Bouazzouni et al, 2018;Buku and Mazer, 2017;Malleswari et al, 2018;Zhang et al, 2017).…”

Section: Mobile Threatsmentioning

confidence: 99%

“…Mobile malware represents malicious programs developed specifically by malware authors to exploit typical properties associated with mobile devices, such as its mobility and connectivity capabilities. Malware can be downloaded onto smartphones without the user's knowledge and consent (Yan and Yan, 2018;Zhang et al, 2017) and can for example access and use sensitive data and information such as calls and messages, contacts and call history, location information and keystrokes (Balaganesh et al, 2018;Bouazzouni et al, 2018;Malleswari et al, 2018;Unuchek, 2018). Mobile malware is growing exponentially (Abawajy et al, 2018).…”

Section: Mobile Threatsmentioning

confidence: 99%

“…Mobile malware is growing exponentially (Abawajy et al, 2018). Negative consequences associated with malware include unauthorised access to information, slowing-down or even rendering phones unusable, "pushing" unwanted and fake apps, that users have to pay for, on unsuspecting users and draining the phone's battery or preventing the phone from going to sleep-mode, enabling malware activities to take place in the background (Das and Ullah Khan, 2016;Davis and Samani, 2018;Malleswari et al, 2018;Unuchek, 2018). Some downloaded apps can increase users' susceptibility to mobile threats.…”

Section: Mobile Threatsmentioning

confidence: 99%

See 1 more Smart Citation

A systematic literature review of the factors affecting smartphone user threat avoidance behaviour

Butler

2020

ICS

View full text Add to dashboard Cite

Purpose There is a need for behavioural research within the smartphone context to better understand users’ behaviour, as it is one of the reasons for the proliferation of mobile threats. This study aims to identify the human factors that affect smartphone users’ threat avoidance behaviour. Design/methodology/approach A structured literature review (SLR) was applied to answer the research question. A total of 27 sources were analysed, from which 16 codes emerged. After synthesis, six themes transpired. Findings Six factors were identified as drivers and/or challenges of smartphone users’ threat avoidance behaviour, namely, knowledge and awareness, misconceptions and trust, cost and benefit considerations, carelessness, perceived measure effectiveness and the user’s perceived skills and efficacy. Research limitations/implications The results can encourage and provide a starting point for further research on human behaviour to improve smartphone user behaviour. Practical implications The mobile industry should focus on eradicating common misconceptions and undue trust in mobile security that is prevalent among smartphone users and make cost effective and usable interventions available. Training and awareness programs should be updated to include the factors that were identified in this study to affect smartphone users’ threat avoidance behaviour. In addition to improving users’ declarative knowledge concerning available smartphone measures and tools, procedural knowledge should also be improved to ensure proper use of available protective measures. Users should realise the importance of staying updated with evolving smartphone technology and associated threats. Originality/value This study acknowledges and supports the notion that addressing human behaviour is crucial in the fight against mobile threats. It addresses the need for behavioural research to analyse the factors that drive smartphone user behaviour. Furthermore, it uses and documents the use of a SLR, a research technique often unfamiliar among information security researchers.

show abstract