Analyzing Android App Privacy With GP-PP Model

Kesswani, Nishtha; Lyu, Hongbo; Zhang, Zuopeng

doi:10.1109/access.2018.2850060

Cited by 8 publications

(6 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Malware datasets used Rovelli et al [115] Genome, Contagio Arp et al [116] Genome,FakeInstaller, GoldDream 27 , GingerMaster 28 , DroidKungFu 29 Yerima et al [117] McAfee Kang et al [118] VirusShare, Contagio, Malware.lu Zhao et al [119] Drebin Qiao et al [120] Genome Chen et al [121] 360 APKs 30 , MobiSec Lab Website 31 , [217] Demertzis et al [122] Magnum-Research 32 Verma et al [123] Contagio, malware forums , security blogs, Genome Wang et al [124] VirusTotal Tang et al [125] Genome, Drebin Wang et al [126] Drebin, Genome Li et al [127] Drebin Bhattacharya et al [128] Contagio Xie et al [129] Genome, VirusShare, Drebin Xie et al [130] Genome, VirusShare, Drebin, antivirus companies Ren et al [131] Anzhi, AndroTotal, Drebin Tao et al [132] VirusShare, Contagio Namrud et al [133] AndroZoo Alswaina et al [134] -Qiu et al [135] -Zhu et al [136] ViruShare Feng et al [137] No Malware Aonzo et al [138] AndroZoo Urooj et al [139] MalDroid [225], DefenseDroid 33 and a small own generated dataset Wang et al [140] No malware Wang et al [141] FakeInst, Opfake, FakeInstaller, Droid-KungFu, GinMaster, Plankton Zhang et al [142] No malware Kesswani et al [143] No malware Ibrahim et al [144] CICMalDroid 2020 Arshad et al [145] Drebin Yuan et al [146] Genome, Contagio Zhou et al [147] Genome Cilleruelo et al [148] Malware selected on the basis of lifespan criteria from Google Play Store ...…”

Section: Related Workmentioning

confidence: 99%

A comprehensive review on permissions-based Android malware detection

Sharma,

Arora

2024

Int. J. Inf. Secur.

View full text Add to dashboard Cite

The first Android-ready "G1" phone debuted in late October 2008. Since then, the growth of Android malware has been explosive analogous to the rise in the popularity of Android. The major positive aspect of Android has been its open-source nature, which empowers app developers to expand their work. But at the same time, authors with malicious intentions pose grave threats to users. In the presence of such threats, Android malware detection is the need of an hour. Consequently, researchers have proposed various techniques involving static, dynamic, and hybrid analysis to address such threats using numerous features in the last decade. But the feature that most researchers have extensively used to perform malware analysis and detection in Android security is Android permission. Hence, to provide a clarified overview of the latest and past work done in Android malware analysis and detection, we perform a comprehensive literature review using permissions as a central feature or in combination with other components by collecting and analyzing 200 studies from January 2009 to February 2023. We extracted information such as the choice opted by researchers between analysis or detection, techniques used to select or rank the permissions feature set, features used along with permissions, detection models employed, the malware datasets used by researchers, and lastly, the limitations and challenges in the field of Android malware detection to propose some future research directions. Additionally, based on the information extracted, we answer the six research questions designed considering the above factors.

show abstract

Section: Related Workmentioning

confidence: 99%

A comprehensive review on permissions-based Android malware detection

Sharma,

Arora

2024

Int. J. Inf. Secur.

View full text Add to dashboard Cite

show abstract

“…The authors of [24] categorize the permissions into invasive (i.e., access to personal information, camera, microphone, Bluetooth, and location) and generic, validating this classification with the Naive Bayes algorithm, thus constituting an evaluation model. With probabilities, this model determines, within a set of permissions, how many are invasive to privacy and the extent to which the requested authority may be harmful in the future.…”

Section: Comparison With Prior Workmentioning

confidence: 99%

PriADA: Management and Adaptation of Information Based on Data Privacy in Public Environments

et al. 2020

View full text Add to dashboard Cite

The mobile devices cause a constant struggle for the pursuit of data privacy. Nowadays, it appears that the number of mobile devices in the world is increasing. With this increase and technological evolution, thousands of data associated with everyone are generated and stored remotely. Thus, the topic of data privacy is highlighted in several areas. There is a need for control and management of data in circulation inherent to this theme. This article presents an approach to the interaction between the individual and the public environment, where this interaction will determine the access to information. This analysis was based on a data privacy management model in open environments created after reading and analyzing the current technologies. A mobile application based on location by Global Positioning System (GPS) was developed to substantiate this model, which considers the General Data Protection Regulation (GDPR) to control and manage access to each individual’s data.

show abstract

“…The inspection of apps in regard to security is well researched while app privacy analyses first received increased attention in recent years. For example, Kesswani et al [23] analyze Android app privacy based on requested permissions. They divide permissions into generic and privacy-invasive permissions and classify the app's privacy level respectively.…”

Section: Related Workmentioning

confidence: 99%

“…Finally, each score has a certain interpretation. For example, Kesswani et al [23] utilize a custom set of privacy invasive permissions, while Hatamian et al [20] rely on Google's pre-defined permissions with the protection level dangerous. These so called dangerous permissions have access to personal data such as camera or contacts, according to Google.…”

Section: Parameters Inspection Modulesmentioning

confidence: 99%

Decision Support for Mobile App Selection via Automated Privacy Assessment

Wettlaufer

Simo

2020

Privacy and Identity Management. Data for Better Living: AI and Privacy

View full text Add to dashboard Cite

Mobile apps have entered many areas of our everyday life through smartphones, smart TVs, smart cars, and smart homes. They facilitate daily routines and provide entertainment, while requiring access to sensitive data such as private end user data, e.g., contacts or photo gallery, and various persistent device identifiers, e.g., IMEI. Unfortunately, most mobile users neither pay attention nor fully understand privacy indicating factors that could expose malicious apps. We introduce APPA (Automated aPp Privacy Assessment), a technical tool to assist mobile users making privacy-enhanced app installation decisions. Given a set of empirically validated and publicly available factors which app users typically consider at install-time, APPA creates an output in form of a personalized privacy score. The score indicates the level of privacy safety of the given app integrating three different privacy perspectives. First, an analysis of app permissions determines the degree of privateness preservation after an installation. Second, user reviews are assessed to inform about the privacy-to-functionality trade-off by comparing the sentiment of privacy and functionality related reviews. Third, app privacy policies are analyzed with respect to their legal compliance with the European General Data Protection Regulation (GDPR). While the permissions based score introduces capabilities to filter over-privileged apps, privacy and functionality related reviews are classified with an average accuracy of 79%. As proof of concept, the APPA framework demonstrates the feasibility of user-centric tools to enhance transparency and informed consent as early as during the app selection phase.

show abstract

Analyzing Android App Privacy With GP-PP Model

Cited by 8 publications

References 20 publications

A comprehensive review on permissions-based Android malware detection

A comprehensive review on permissions-based Android malware detection

PriADA: Management and Adaptation of Information Based on Data Privacy in Public Environments

Decision Support for Mobile App Selection via Automated Privacy Assessment

Contact Info

Product

Resources

About