Examining the Privacy Vulnerability Level of Android Applications

Georgia Kapitsaki, Modestos Ioannou

2019

Abstract

Mobile applications are often granted access to various data available on the mobile device. Android applications provide the notion of permissions to let the developers define the data their applications require to function properly. However, through accessing these data, applications may gain direct or indirect access to sensitive user data. In this paper, we address the detection of privacy vulnerabilities in mobile applications in Android via an analysis that is based mainly on the use of Android permissions. Different aspects of the application are analyzed in order to draw conclusions offering an aggregated view of permission analysis in the form of a penalty score, a feature that is missing in previous approaches that analyze permission use in Android. Our work is supported by a web application prototype of App Privacy Analyzer that allows users to upload an application and view the respective analysis results comparing them with other applications uploaded in previous uses of the system. This approach can be useful for security and privacy analysts and developers that wish to examine the privacy vulnerability level of their Android applications, but also for end users with technical expertise. We have used the tool for the analysis of 800 Android applications and are discussing the results the observed permission use.

Download


Paper Citation


in Harvard Style

Kapitsaki G. and Ioannou M. (2019). Examining the Privacy Vulnerability Level of Android Applications.In Proceedings of the 15th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST, ISBN 978-989-758-386-5, pages 34-45. DOI: 10.5220/0007955100340045


in Bibtex Style

@conference{webist19,
author={Georgia Kapitsaki and Modestos Ioannou},
title={Examining the Privacy Vulnerability Level of Android Applications},
booktitle={Proceedings of the 15th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,},
year={2019},
pages={34-45},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007955100340045},
isbn={978-989-758-386-5},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 15th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,
TI - Examining the Privacy Vulnerability Level of Android Applications
SN - 978-989-758-386-5
AU - Kapitsaki G.
AU - Ioannou M.
PY - 2019
SP - 34
EP - 45
DO - 10.5220/0007955100340045