A Comprehensive Analysis of the Android Permissions System

Almomani, Iman; Alkhayer, Aala

doi:10.1109/access.2020.3041432

Cited by 48 publications

(23 citation statements)

References 39 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…With the growth of Android in the market, malicious applications have also surfaced, which has driven many studies and research works towards it. Iman and Aala [25] proposed a comprehensive analysis of Android permission systems. They provided important insight into the permission system evolution over the years and how permission usage has increased up to 73.33% in top applications by 2020.…”

Section: Related Workmentioning

confidence: 99%

Privacy Protection Framework for Android

et al. 2022

View full text Add to dashboard Cite

The increase in popularity and users of the Android platform in recent years has led to a lot of innovative and smart Android applications (apps). Many of these apps are highly interactive, customizable, and require user data to provide services. While being convenient, user privacy is the primary concern. It is not guaranteed that these apps are not storing user data for their need or scrapping algorithms through them. Android uses the system of permissions to provide security and protect user data. The user can grant permission for requested resources either at runtime or during the installation process. However, this system is often misused in practice by demanding extra permissions that are not required to provide services. These kinds of apps stop functioning if all permissions are not granted to them. Therefore, in this paper, a privacy preserved secure framework is proposed to prevent an app from stealing user data by restricting all unnecessary permissions. Unnecessary permissions are recognized by predicting the permissions required by a given app by using collaborative filtering and frequent permission set mining algorithms. Thus, the proposed model interacts with the target application and modifies the permission data inside. Experimental results reveal that the proposed model not only protects the user data but also ensures the proper functioning of the given application.

show abstract

Section: Related Workmentioning

confidence: 99%

Privacy Protection Framework for Android

et al. 2022

View full text Add to dashboard Cite

show abstract

“…Ek olarak, vaka çalışmasının sonuçları hem satıcılar hem de geliştiriciler tarafından izin dağıtımının anlaşılmasına katkıda bulunur. Son olarak, izne dayalı güvenlik geliştirmeleriyle ilgili bir sonuç olarak Android izin sisteminin çeşitli güvenlik sorunları ile karşı karşıya olduğunu ortaya koymaktadır [5].…”

Section: Literatür İncelemesiunclassified

Android İşletim Sistemlerinde Zaman Tabanlı İzin Yaklaşımı ile Saldırı Önleme Sistemi

Zaim

Bedir

Aydın

2021

Haliç Üniversitesi Fen Bilimleri Dergisi

View full text Add to dashboard Cite

Araştırma Makalesi/ Research Article ÖzetPazarın %72.2'sini oluşturan Android işletim sistemi, en çok tercih edilen ve kullanılan mobil işletim sistemidir. Kullanıcılar, birçok platformdan farklı uygulamaları bu işletim sistemine rahatlıkla kurabilir. Akıllı cihazlar son zamanlarda çok fazla özel kullanıcı bilgisini taşıdığından dolayı siber saldırıların daha sık hedefi haline gelmiştir. Andorid işlem sistemi, uygulamaların mobil cihazda ulaşabileceği alanları kısıtlamak, özel kullanıcı bilgisi olan konum, kamera, şifre ve rehber gibi kullanıcı gizliliğini korumak için birçok izin çeşidi kullanır. Bu çalışmada, mevcut izin kontrol sistemindeki eksiklikleri göstermek için kötü amaçlı bir uygulama üretilmiştir ve bu uygulama üzerinden birkaç siber saldırı gerçekleştirilmiştir. Bu sorunların sebebinin, kullanıcıların istenen izinlerin niyetini tam olarak anlamadığından ve mevcut izin sisteminin kullanıcıya başka izin onaylama seçenekleri önerememesinden dolayı olduğu görülmüştür. Daha sonra, uygulama çalıştırırken kullanıcının ilgili fonksiyonu ne kadar zaman kullandığını belirleyerek daha kolay izin kontrolü sağlayabilen, müdahaleci olmayan, iznin süresini belirleyen zaman tabanlı bir izin kontrol sistemi önerilir.

show abstract

“…This section of the paper provides a brief examination of some of the related works carried out. Almomani and Al Khayer [1] discussed the Android permission systems by providing a general overview of the Android control mechanism. The study identified and grouped Android dangerous permissions based on their API levels.…”

Section: Permission-based Detection and Feature Extractionmentioning

confidence: 99%

“…Among the smartphone platforms, Android is the most popular. A previous study [1] showed that Android owns 74.5% of the mobile device marketplace. The popularity of Android has caused an increase in third-party application development to respond to the shift.…”

Section: Introductionmentioning

confidence: 99%

Modeling Correlation between Android Permissions Based on Threat and Protection Level Using Exploratory Factor Plane Analysis

Ashawa

Morris

2021

JCP

View full text Add to dashboard Cite

The evolution of mobile technology has increased correspondingly with the number of attacks on mobile devices. Malware attack on mobile devices is one of the top security challenges the mobile community faces daily. While malware classification and detection tools are being developed to fight malware infection, hackers keep deploying different infection strategies, including permissions usage. Among mobile platforms, Android is the most targeted by malware because of its open OS and popularity. Permissions is one of the major security techniques used by Android and other mobile platforms to control device resources and enhance access control. In this study, we used the t-Distribution stochastic neighbor embedding (t-SNE) and Self-Organizing Map techniques to produce a visualization method using exploratory factor plane analysis to visualize permissions correlation in Android applications. Two categories of datasets were used for this study: the benign and malicious datasets. Dataset was obtained from Contagio, VirusShare, VirusTotal, and Androzoo repositories. A total of 12,267 malicious and 10,837 benign applications with different categories were used. We demonstrate that our method can identify the correlation between permissions and classify Android applications based on their protection and threat level. Our results show that every permission has a threat level. This signifies those permissions with the same protection level have the same threat level.

show abstract

A Comprehensive Analysis of the Android Permissions System

Cited by 48 publications

References 39 publications

Privacy Protection Framework for Android

Privacy Protection Framework for Android

Android İşletim Sistemlerinde Zaman Tabanlı İzin Yaklaşımı ile Saldırı Önleme Sistemi

Modeling Correlation between Android Permissions Based on Threat and Protection Level Using Exploratory Factor Plane Analysis

Contact Info

Product

Resources

About