Associated Risks in Mobile Applications Permissions

信息安全(英文) Pub Date : 2019-03-26 DOI:10.4236/JIS.2019.102004

Mohammed Al Jutail, M. Al-Akhras, Abdulaziz A. Albesher

{"title":"Associated Risks in Mobile Applications Permissions","authors":"Mohammed Al Jutail, M. Al-Akhras, Abdulaziz A. Albesher","doi":"10.4236/JIS.2019.102004","DOIUrl":null,"url":null,"abstract":"Mobile applications affect user’s privacy based on the granted application’s permissions as attackers exploit mobile application permissions in Android and other mobile operating systems. This research divides permissions based on Google’s classification of dangerous permissions into three groups. The first group contains the permissions that can access user’s private data such as reading call log. The second group contains the permissions that can modify user’s data such as modifying the numbers in contacts. The third group contains the remaining permissions which can track the location, and use the microphone and other sensitive issues that can spy on the user. This research is supported by a study that was conducted on 100 participants in Saudi Arabia to show the level of users’ awareness of associated risks in mobile applications permissions. Associations among the collected data are also analyzed. This research fills the gap in user’s awareness by providing best practices in addition to developing a new mobile application to help users decide whether an application is safe to be installed and used or not. This application is called “Sparrow” and is available in Google Play Store.","PeriodicalId":57259,"journal":{"name":"信息安全(英文)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2019-03-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"信息安全(英文)","FirstCategoryId":"1093","ListUrlMain":"https://doi.org/10.4236/JIS.2019.102004","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

Abstract

Mobile applications affect user’s privacy based on the granted application’s permissions as attackers exploit mobile application permissions in Android and other mobile operating systems. This research divides permissions based on Google’s classification of dangerous permissions into three groups. The first group contains the permissions that can access user’s private data such as reading call log. The second group contains the permissions that can modify user’s data such as modifying the numbers in contacts. The third group contains the remaining permissions which can track the location, and use the microphone and other sensitive issues that can spy on the user. This research is supported by a study that was conducted on 100 participants in Saudi Arabia to show the level of users’ awareness of associated risks in mobile applications permissions. Associations among the collected data are also analyzed. This research fills the gap in user’s awareness by providing best practices in addition to developing a new mobile application to help users decide whether an application is safe to be installed and used or not. This application is called “Sparrow” and is available in Google Play Store.

查看原文本刊更多论文

移动应用程序权限中的相关风险

攻击者利用Android等移动操作系统的移动应用权限，通过授予应用权限来影响用户的隐私。本研究基于谷歌对危险权限的分类，将权限分为三组。第一组包含可以访问用户的私人数据的权限，例如读取呼叫记录。第二组包含修改用户数据的权限，例如修改联系人中的号码。第三组包含剩余的权限，可以跟踪位置，使用麦克风和其他可以监视用户的敏感问题。这项研究得到了一项研究的支持，该研究对沙特阿拉伯的100名参与者进行了调查，以显示用户对移动应用程序权限相关风险的认识水平。还分析了所收集数据之间的关联。这项研究除了开发新的移动应用程序外，还提供了最佳实践，以帮助用户确定应用程序是否可以安全安装和使用，从而填补了用户意识上的空白。这个应用程序被称为“麻雀”，可在b谷歌Play商店。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

信息安全(英文)

自引率

0.00%

发文量

211