loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Authors: Kris Heid ; Elena Julia Sonntag and Jens Heider

Affiliation: Fraunhofer SIT — ATHENE - National Research Center for Applied Cybersecurity, Rheinstraße 75, 64295 Darmstadt, Germany

Keyword(s): Permission, Third-Party Libraries, Android, Static Analysis.

Abstract: Permissions have been employed to let the user decide on components an app can interact with. However, apps typically consist of the main app along with several libraries to support the developer with various functionality and tasks. The fact that libraries inherit the permissions of the main app gives these libraries often more rights than needed for their core functionality. Many libraries do permission piggybacking and thus probe available permissions without requesting permissions themselves and adapt their behavior accordingly. Especially, advertisement and tracking libraries show high interest to collect as much user data as possible through this technique. Many works have previously addressed this problem but no solution has made its way into Android. This work delivers a novel analysis technique agnostic to the Android API level without manual mapping effort like previous works. Our results show, that permission piggybacking remains a problem to be urgently addressed.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.16.47.72

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Heid, K., Sonntag, E. J. and Heider, J. (2025). Revisiting Permission Piggybacking of Third-Party Libraries in Android Apps. In Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP; ISBN 978-989-758-735-1; ISSN 2184-4356, SciTePress, pages 39-46. DOI: 10.5220/0013126500003899

@conference{icissp25,
author={Kris Heid and Elena Julia Sonntag and Jens Heider},
title={Revisiting Permission Piggybacking of Third-Party Libraries in Android Apps},
booktitle={Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP},
year={2025},
pages={39-46},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013126500003899},
isbn={978-989-758-735-1},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP
TI - Revisiting Permission Piggybacking of Third-Party Libraries in Android Apps
SN - 978-989-758-735-1
IS - 2184-4356
AU - Heid, K.
AU - Sonntag, E.
AU - Heider, J.
PY - 2025
SP - 39
EP - 46
DO - 10.5220/0013126500003899
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic