Privacy issues of android application permissions: A literature review

Gulshan Shrivastava; Prabhat Kumar; Deepak Gupta; Joel J. P. C. Rodrigues

doi:10.1002/ett.3773

journal article Oct 24, 2019

Privacy issues of android application permissions: A literature review

Gulshan Shrivastava

Prabhat Kumar

Deepak Gupta

Joel J. P. C. Rodrigues

Transactions on Emerging Telecommunications Technologies Vol. 31 No. 12 · Wiley

View at Publisher Save 10.1002/ett.3773

Abstract

AbstractAndroid is an application platform for mobile devices. It comprises of the operating system, software framework, and core programs. This platform uses permissions to hide precious information about the user from untrusted apps. However, to install an application, device feature uses permissions that are granted by the user. User has the ability to analyze permissions and abort the setup if the permissions are unfriendly or unrestrained. Android permission analysis schemes show a significant role to fight against these undesirable behaviors of untrusted android apps in the aspect of security and privacy. This survey attempts to deal with the android application permissions that are related security and privacy challenges. It includes various research articles published in computers and security, digital investigation, decision support systems, systems and software security, and information forensics journals in the last 10 years. The survey is based on the following considerations: research issues motivated by the scheme, the methodology used, ability of result analysis conducted, and android features considered for performance evaluation.

Topics

No keywords indexed for this article. Browse by subject →

References

110

[1]

Kaur S "Review paper on implementing security on Android application" J Environ Sci Comput Sci Eng Technol (2013)

[2]

Powar S "Survey on Android security framework" Int J Eng Res Appl (2013)

[3]

FeltAP ChinE HannaS SongD WagnerD.Android permissions demystified. In: Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS '11);2011;Chicago IL. 10.1145/2046707.2046779

[4]

10.1080/10447318.2018.1489580

[5]

10.1016/j.compeleceng.2019.04.019

[6]

10.1016/j.jnca.2017.02.001

[7]

10.1016/j.cose.2014.01.004

[8]

10.1016/j.pmcj.2017.09.005

[9]

BrandomR.https://www.theverge.com/2019/5/7/18528297/google-io-2019-android-devices-play-store-total-number-statistic-keynote. Accessed August2019.

[10]

10.1016/b978-0-12-415815-3.00016-9

[11]

Amalfitano D (2013)

[12]

10.1016/j.future.2012.05.023

[13]

10.1016/j.comnet.2015.06.006

[14]

10.1016/j.clsr.2015.05.004

[15]

10.1016/j.ijcip.2014.10.002

[16]

10.1016/j.compeleceng.2014.11.010

[17]

10.1016/j.cose.2015.04.009

[18]

Shrivastava G (2019)

[19]

ChinE FeltAP GreenwoodK WagnerD.Analyzing inter‐application communication in Android. In: Proceedings of the 9th International Conference on Mobile Systems Applications and Services (MobiSys '11);2011;Bethesda MD. 10.1145/1999995.2000018

[20]

SinghV SharmaK.Smartphone security: review of challenges and solution. In: Proceedings of the 2nd International Conference on Information and Communication Technology for Competitive Strategies;2016;Udaipur India. 10.1145/2905055.2905214

[21]

10.29333/ejmste/91668

[22]

He Y "Dynamic privacy leakage analysis of Android third‐party libraries" J Inf Secur Appl (2019)

[23]

10.1109/access.2018.2870534

[24]

10.1007/978-3-642-21599-5_7

[25]

10.12694/scpe.v18i3.1304

[26]

EnckW OcteauD McDanielP ChaudhuriS.A study of Android application security. In: Proceedings of the USENIX Security Symposium;2011;San Francisco CA.

[27]

FarukiP GanmoorV LaxmiV GaurMS BharmalA.AndroSimilar: robust statistical feature signature for Android malware detection. In: Proceedings of the 6th International Conference on Security of Information and Networks (SIN '13);2013;Aksaray Turkey. 10.1145/2523514.2523539

[28]

10.4018/978-1-5225-8976-1.ch002

[29]

10.1109/tifs.2014.2347206

[30]

10.1007/978-981-10-6005-2_56

[31]

10.1109/mnet.2017.1500295nm

[32]

MoserA KruegelC KirdaE.Limits of static analysis for malware detection. In: Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC 2007);2007;Miami Beach FL. 10.1109/acsac.2007.21

[33]

BatyukL HerpichM CamtepeSA RaddatzK SchmidtA‐D AlbayrakS.Using static analysis for automatic assessment and mitigation of unwanted and malicious activities within Android applications. In: Proceedings of the 2011 6th International Conference on Malicious and Unwanted Software;2011;Fajardo Puerto Rico. 10.1109/malware.2011.6112328

[34]

10.1109/tst.2013.6574680

[35]

10.1016/j.ins.2018.02.069

[36]

10.4018/ijesma.2019040101

[37]

10.1007/s10207-014-0260-y

[38]

RaveendranathR RajamaniV BabuAJ DattaSK.Android malware attacks and countermeasures: current and future directions. In: Proceedings of the 2014 International Conference on Control Instrumentation Communication and Computational Technologies (ICCICCT);2014;Kanyakumari India. 10.1109/iccicct.2014.6992944

[39]

10.1109/tifs.2014.2353996

[40]

YangZ YangM.Leakminer: detect information leakage on Android with static taint analysis. In: Proceedings of the 2012 3rd World Congress on Software Engineering;2012;Wuhan China. 10.1109/wcse.2012.26

[41]

10.1007/978-3-319-73951-9_7

[42]

DietzM ShekharS PisetskyY ShuA WallachDS.Quire: lightweight provenance for smart phone operating systems. In: Proceedings of the USENIX Security Symposium;2011;San Francisco CA.

[43]

10.1016/j.compeleceng.2017.02.013

[44]

SchlegelR ZhangK ZhouXY IntwalaM KapadiaA WangX.Soundcomber: a stealthy and context‐aware sound Trojan for smartphones. In: Proceedings of the Network and Distributed System Security Symposium (NDSS 2011);2011;San Diego CA.

[45]

NaumanM KhanS ZhangX.Apex: extending Android permission model and enforcement with user‐defined runtime constraints. In: Proceedings of the 5th ACM Symposium on Information Computer and Communications Security;2010;Beijing China. 10.1145/1755688.1755732

[46]

ZhangJ TianC DuanZ.FastDroid: efficient taint analysis for Android applications. In: Proceedings of the 41st International Conference on Software Engineering: Companion Proceedings (ICSE '19);2019;Montreal Canada. 10.1109/icse-companion.2019.00092

[47]

BugielS DaviL DmitrienkoA FischerT SadeghiA‐R ShastryB.Poster: the quest for security against privilege escalation attacks on Android. In: Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS '11);2011;Chicago IL. 10.1145/2046707.2093482

[48]

Bugiel S (2011)

[49]

10.1109/tifs.2018.2807788

[50]

10.1109/tifs.2017.2687880

Showing 50 of 110 references

Metrics

21

Citations

110

References

Details

Published: Oct 24, 2019
Vol/Issue: 31(12)
License: View

Authors

G

Gulshan Shrivastava

Department of Computer Science and Engineering National Institute of Technology Patna India

P

Prabhat Kumar

Department of Computer Science and Engineering National Institute of Technology Patna India

D

Deepak Gupta

Computer Science and Engineering Maharaja Agrasen Institute of Technology New Delhi India

J

Joel J. P. C. Rodrigues

Department of Electrical Engineering Federal University of Piauí (UFPI) Teresina PI Brazil; Covilhã Delegation Instituto de Telecomunicações Covilhã Portugal

Funding

Fundação para a Ciência e a Tecnologia Award: UID/EEA/50008/2019

Cite This Article

Gulshan Shrivastava, Prabhat Kumar, Deepak Gupta, et al. (2019). Privacy issues of android application permissions: A literature review. Transactions on Emerging Telecommunications Technologies, 31(12). https://doi.org/10.1002/ett.3773

Privacy issues of android application permissions: A literature review

You May Also Like