Mobile applications affect user’s privacy based on the granted application’s
permissions as attackers exploit mobile application permissions in Android
and other mobile operating systems. This research divides permissions based
on Google’s classification of dangerous permissions into three groups. The
first group contains the permissions that can access user’s private data such as
reading call log. The second group contains the permissions that can modify
user’s data such as modifying the numbers in contacts. The third group contains
the remaining permissions which can track the location, and use the
microphone and other sensitive issues that can spy on the user. This research
is supported by a study that was conducted on 100 participants in Saudi Arabia
to show the level of users’ awareness of associated risks in mobile applications
permissions. Associations among the collected data are also analyzed.
This research fills the gap in user’s awareness by providing best practices in
addition to developing a new mobile application to help users decide whether
an application is safe to be installed and used or not. This application is called
“Sparrow” and is available in Google Play Store.
References
[1]
Mass, F. (2017) Coming off a Slow 2016, Smartphone Shipment Volume Expected to Recover in 2017 and Gain Momentum into 2018, According to IDC. (IDC) Worldwide Quarterly Mobile Phone Tracker.
[2]
Chen, L., McGrew, D. and Mitchell C. (2016) Security Standardisation Research. Springer International, New York. https://doi.org/10.1007/978-3-319-49100-4
[3]
Carrascosa, I.P., Kalutarage, H.K. and Huang, Y. (2017) Data Analytics and Decision Support for Cybersecurity: Trends, Methodologies and Applications. Springer International Publishing, Cham. https://doi.org/10.1007/978-3-319-59439-2
[4]
Doherty, J. (2016) Wireless and Mobile Device Security. Jones & Bartlett Learning, Burlington.
[5]
Elenkov, N. (2015) Android Security Internals: An In-Depth Guide to Android’s Security Architecture. No Starch Press, San Francisco.
[6]
Six, J. (2012) Application Security for the Android Platform. O’Reilly Media, Sebastopol.
Pelet, J.-E. (2016) Mobile Platforms, Design, and Apps for Social Commerce. Advances in E-Business Research Series, IGI Global, New York.
[9]
Ayed, A.B. (2015) A Literature Review on Android Permission System. International Journal of Advanced Research in Computer Engineering & Technology, 4, 1520-1523.
[10]
Felt, A.P., Ha, E., Egelman, S. and Haney, A. (2012) Android Permissions: User Attention, Comprehension, and Behavior. Computer Science Department, University of California, Oakland, 1-14. https://doi.org/10.1145/2335356.2335360
[11]
Mukherjea, S. (2017) Mobile Application Development, Usability, and Security. Information Science Reference, Hershey. https://doi.org/10.4018/978-1-5225-0945-5
[12]
Agrawal, R. and Srikant, R. (1994) Fast Algorithms for Mining Association Rules. Proceedings of the 20th Very Large Data Bases (VLDB) Conference, Santiago, 12-15 September 1994, 487-499.
[13]
Frank, E., Hall, M.A. and Witten, I.H. (2016) The WEKA Workbench. Online Appendix for “Data Mining: Practical Machine Learning Tools and Techniques”. 4th Edition, Morgan Kaufmann, Burlington.
[14]
Ali, S.S., Danger, J.-L. and Eisenbarth, T. (2017) Security, Privacy, and Applied Cryptography Engineering. 7th International Conference, SPACE 2017, Goa, 13-17 December 2017. https://doi.org/10.1007/978-3-319-71501-8
[15]
Google Family Link. Google LLC. http://www.google.com/familylink
[16]
Garcia-Alfaro, J., Lioudakis, G., Cuppens-Boulahia, N., Foley, S. and Fitzgerald, W.M. (2017) Data Privacy Management and Autonomous Spontaneous Security. DPM 2013, 6th International Workshop, SETOP 2013, Egham, 12-13 September 2013, 213-231.
[17]
Chell, D., Erasmus, T., Colley, S. and Whitehouse, O. (2015) The Mobile Application Hacker’s Handbook. John Wiley & Sons, Indianapolis.
