Permission Issues in Open-Source Android Apps: An Exploratory Study

Scoccia, Gian Luca; Peruma, Anthony; Pujols, Virginia; Malavolta, Ivano; Krutz, Daniel E.

doi:10.1109/scam.2019.00034

Cited by 14 publications

(14 citation statements)

References 51 publications

(113 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In line with previous literature of mental health app reviews, we identified similar themes including the quality of information provided and language used, the presence of advertisements and customer service amongst other larger themes. Additionally, we also identified themes not exclusively reported for mental health apps including functionality ( 69 ), accessibility ( 70 ), and concerns about privacy and security ( 69 , 71 – 73 ). However, our analysis reveals theme frequencies and patterns which differ from previous findings.…”

Section: Discussionmentioning

confidence: 99%

mHealth Solutions for Mental Health Screening and Diagnosis: A Review of App User Perspectives Using Sentiment and Thematic Analysis

et al. 2022

View full text Add to dashboard Cite

Mental health screening and diagnostic apps can provide an opportunity to reduce strain on mental health services, improve patient well-being, and increase access for underrepresented groups. Despite promise of their acceptability, many mental health apps on the market suffer from high dropout due to a multitude of issues. Understanding user opinions of currently available mental health apps beyond star ratings can provide knowledge which can inform the development of future mental health apps. This study aimed to conduct a review of current apps which offer screening and/or aid diagnosis of mental health conditions on the Apple app store (iOS), Google Play app store (Android), and using the m-health Index and Navigation Database (MIND). In addition, the study aimed to evaluate user experiences of the apps, identify common app features and determine which features are associated with app use discontinuation. The Apple app store, Google Play app store, and MIND were searched. User reviews and associated metadata were then extracted to perform a sentiment and thematic analysis. The final sample included 92 apps. 45.65% (n = 42) of these apps only screened for or diagnosed a single mental health condition and the most commonly assessed mental health condition was depression (38.04%, n = 35). 73.91% (n = 68) of the apps offered additional in-app features to the mental health assessment (e.g., mood tracking). The average user rating for the included apps was 3.70 (SD = 1.63) and just under two-thirds had a rating of four stars or above (65.09%, n = 442). Sentiment analysis revealed that 65.24%, n = 441 of the reviews had a positive sentiment. Ten themes were identified in the thematic analysis, with the most frequently occurring being performance (41.32%, n = 231) and functionality (39.18%, n = 219). In reviews which commented on app use discontinuation, functionality and accessibility in combination were the most frequent barriers to sustained app use (25.33%, n = 19). Despite the majority of user reviews demonstrating a positive sentiment, there are several areas of improvement to be addressed. User reviews can reveal ways to increase performance and functionality. App user reviews are a valuable resource for the development and future improvements of apps designed for mental health diagnosis and screening.

show abstract

Section: Discussionmentioning

confidence: 99%

mHealth Solutions for Mental Health Screening and Diagnosis: A Review of App User Perspectives Using Sentiment and Thematic Analysis

et al. 2022

View full text Add to dashboard Cite

show abstract

“…Our approach is similar to [32,2,36,35] in terms of permission-related concerns, we dissimilar in terms of the dataset (including the size, features, and the number of permissions), using machine learning, and considering the categories'apps in their studies. In our present work, we expand on the existing research.…”

Section: B Permissions Based Studymentioning

confidence: 99%

“…In [32], the authors performed an empirical research of 574 open-source Android app GitHub repositories. They examined the incidence of four distinct sorts of permission-related concerns throughout the duration of the apps' lifetimes.…”

mentioning

confidence: 99%

Deep-Layer Clustering to Identify Permission Usage Patterns of Android App Categories

et al. 2022

View full text Add to dashboard Cite

With the increasing usage of smartphones in banks, medical services and m-commerce, and the uploading of applications from unofficial sources, security has become a major concern for smartphone users. Malicious apps can steal passwords, leak details, and generally cause havoc with users' accounts. Current anti-virus programs rely on static signatures that need to be changed periodically and cannot identify zero-day malware. The Android permission system is the central security mechanism that regulates the execution of application tasks. Although recent advances in research have provided various approaches and detection methods for finding malware apps, the available literature lacks a full analysis of this subject. We fill this gap by: 1) Systematically and automatically building a large dataset of malware and benign apps, which we have made available to the community. Our dataset has around 16K apps and 118 features. 2) We offer a novel approach for automatically identifying permission usage patterns, which are groupings of permissions that developers frequently utilise together. The approach combines SOM and K-means clustering algorithms to classify permissions according to app usage categories. The results demonstrate that the proposed methodology is able to detect most of the consistent and coherent permission usage patterns across a wide variety of application categories. To assess our strategy, we add the identified patterns as features to our dataset and then apply an SVM classifier for malware detection. Our results indicate that the identified patterns improve the performance of the classifier.

show abstract

“…The permissions system is considered a cornerstone component of the Android security model [8]. Consequently, the misuse of Android permissions is considered a major concern in the research community [9], [10] [11]. Several studies have been conducted on the evolution of Android permissions system [6], [7], [12], [5], [13].…”

Section: Literature Reviewmentioning

confidence: 99%

“…Even though the security of Android permission system seems protected, the continues enhancements introduce various security issues and drawbacks [10], [11], [14]. Regardless of the Android version, the access enforcement in Android platform is subject to the API targeted level.…”

Section: B Permission-based Security Issuesmentioning

confidence: 99%

A Comprehensive Analysis of the Android Permissions System

Almomani

Alkhayer

2020

IEEE Access

View full text Add to dashboard Cite

Android is one of the most essential and highly used operating systems. Android permissions system is a core security component that offers an access-control mechanism to protect system resources and users' privacy. As such, it has experienced continuous change over each Android release. However, previous research on the permissions system has employed static analysis techniques. Furthermore, most of these studies are outdated, covering older versions of Android. This paper aims to discuss the permissions system intensively to provide a nutshell overview of the Android platform's access-control mechanism. The paper presents a comprehensive analysis of the Android permissions system since it was introduced in 2008 until now, accompanied by a formal model of its components. The results of the analysis reveal a continuous growth in the number of permissions since the original release-a growth of seven times in some permission categories. A case study has been conducted for the last five years' versions of the top Android apps to examine the permissions system's evolution and its attendant security issues from the applications' perspective. Some apps showed an increase in permissions usage of 73.33% by the 2020 release. Additionally, the results of the case study contribute to the understanding of permissions deployment by both vendors and developers. Finally, a discussion of the permission-based security enhancements discloses that the Android permissions system faces various security issues. In general, this paper provides researchers and academics an up-to-date, comprehensive, self-contained reference study of the Android permissions system.

show abstract

Permission Issues in Open-Source Android Apps: An Exploratory Study

Cited by 14 publications

References 51 publications

mHealth Solutions for Mental Health Screening and Diagnosis: A Review of App User Perspectives Using Sentiment and Thematic Analysis

mHealth Solutions for Mental Health Screening and Diagnosis: A Review of App User Perspectives Using Sentiment and Thematic Analysis

Deep-Layer Clustering to Identify Permission Usage Patterns of Android App Categories

A Comprehensive Analysis of the Android Permissions System

Contact Info

Product

Resources

About