Cybersecurity for Android Applications: Permissions in Android 5 and 6

Ge, Huangyi; Li, Ninghui; Proctor, Robert W.

doi:10.1080/10447318.2018.1489580

Cited by 11 publications

(8 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…are not expected to actively search for potential threats. Fortunately, the Android system changed permission requests when it updated from version five ("lollipop") to version six ("marshmallow") in both presentation and allowance (Moore, Ge, Li, & Proctor, 2019). Whereas the fifth version required users to allow apps to access all permissions, version six allowed users to choose which permissions were accessed.…”

Section: Importance Of Risk Communication For Mobile Applicationsmentioning

confidence: 99%

The Effects of Security Framing, Time Pressure, and Brand Familiarity on Risky Mobile Application Downloads

Parker

Chen

2020

Proceedings of the Human Factors and Ergonomics Society Annual

View full text Add to dashboard Cite

Section: Importance Of Risk Communication For Mobile Applicationsmentioning

confidence: 99%

The Effects of Security Framing, Time Pressure, and Brand Familiarity on Risky Mobile Application Downloads

Parker

Chen

2020

Proceedings of the Human Factors and Ergonomics Society Annual

View full text Add to dashboard Cite

“…As classification helps to differentiate attack surfaces and prepare accordingly [64], studies [7,9,10,17,65] have already analyzed app permissions for privacy threat modeling [66][67][68]. A study [69] states five ways of privacy breaching through the app permission system.…”

Section: Android Application Permission Associated Privacy Riskmentioning

confidence: 99%

“…Usually, apps collect user consent to access sensitive personal data in lieu of app usage. However, identity profiling by app producing companies via 'app permissions' is nothing new [7,9,17,18], rather personal data collected via app permissions' permissions' are frequently breaching user's PII [14,19]. As today's mobile device are facilitated with advanced sensors, apps are allowed to collect diverse personal data [20][21][22][23].…”

Section: Introductionmentioning

confidence: 99%

Personal Information Classification on Aggregated Android Application’s Permissions

et al. 2019

View full text Add to dashboard Cite

Android is offering millions of apps on Google Play-store by the application publishers. However, those publishers do have a parent organization and share information with them. Through the ‘Android permission system’, a user permits an app to access sensitive personal data. Large-scale personal data integration can reveal user identity, enabling new insights and earn revenue for the organizations. Similarly, aggregation of Android app permissions by the app owning parent organizations can also cause privacy leakage by revealing the user profile. This work classifies risky personal data by proposing a threat model on the large-scale app permission aggregation by the app publishers and associated owners. A Google-play application programming interface (API) assisted web app is developed that visualizes all the permissions an app owner can collectively gather through multiple apps released via several publishers. The work empirically validates the performance of the risk model with two case studies. The top two Korean app owners, seven publishers, 108 apps and 720 sets of permissions are studied. With reasonable accuracy, the study finds the contact number, biometric ID, address, social graph, human behavior, email, location and unique ID as frequently exposed data. Finally, the work concludes that the real-time tracking of aggregated permissions can limit the odds of user profiling.

show abstract

“…As a result, inclines in the approach can be easily integrated to improve the consistency of quality and sufficiency. To examine the relative usefulness of the two permissions interfaces was presented in the study [2]. People were recruited through Amazon Mechanical Turk for online research.…”

Section: Introductionmentioning

confidence: 99%

Influencing User’s Behavior Concerning Android Privacy Policy: An Overview

Nazir

Deng

2021

Mobile Information Systems

View full text Add to dashboard Cite

The wide-ranging implementation of Android applications used in various devices, from smartphones to intelligent television, has made it thought-provoking for developers. The permission granting mechanism is one of the defects imposed by the developers. Such assessing of defects does not allow the user to comprehend the implication of privacy for granting permission. Mobile applications are speedily easily reachable to typical users of mobile. Despite possible applications for improving the affordability, availability, and effectiveness of delivering various services, it handles sensitive data and information. Such data and information carry considerable security and privacy risks. Users are usually unaware of how the data can be managed and used. Reusable resources are available in the form of third-party libraries, which are broadly active in android apps. It provides a diversity of functions that deliver privacy and security concerns. Host applications and third-party libraries are run in the same process and share similar permissions. The current study has presented an overview of the existing approaches, methods, and tools used for influencing user behavior concerning android privacy policy. Various prominent libraries were searched, and their search results were analyzed briefly. The search results were presented in diverse perspectives for showing the details of the work done in the area. This will help researchers to offer new solutions in the area of the research.

show abstract

Cybersecurity for Android Applications: Permissions in Android 5 and 6

Cited by 11 publications

References 18 publications

The Effects of Security Framing, Time Pressure, and Brand Familiarity on Risky Mobile Application Downloads

The Effects of Security Framing, Time Pressure, and Brand Familiarity on Risky Mobile Application Downloads

Personal Information Classification on Aggregated Android Application’s Permissions

Influencing User’s Behavior Concerning Android Privacy Policy: An Overview

Contact Info

Product

Resources

About