Permission Watcher Tool: a sandbox tool based static and Dynamic analysis for Android Apps

Q3 Computer Science

International Journal of Electronic Commerce Studies Pub Date : 2019-03-17 DOI:10.7903/ijecs.1651

E. Latifa, My Ahmed El Kiram

{"title":"Permission Watcher Tool: a sandbox tool based static and Dynamic analysis for Android Apps","authors":"E. Latifa, My Ahmed El Kiram","doi":"10.7903/ijecs.1651","DOIUrl":null,"url":null,"abstract":"Android security has become a very important issue with regard to mobile phone development: Android gives great freedom to developers to create and publish their apps for free in the PlayStore. The security mechanism of Android is based on an instrument that gives users the information about permissions that the application requests before installing it. This authorization system provides an overview of the application, and this can help to raise awareness of its risks. However, standard users still do not have enough information to understand clearly these requested authorizations and their implications on their security. In this article, we present a tool called “Permission watcher” that combines dynamic and static analysis. Our proposed tool allows users to install any application with only the necessary permissions instead of accepting all permissions requested or cancel the installation completely. To cite this document: Er-rajy Latifa, and El Kiram My Ahmed, \" PERMISSION WATCHER TOOL: A SANDBOX TOOL-BASED STATIC AND DYNAMIC ANALYSIS FOR ANDROID APPS \", International Journal of Electronic Commerce Studies, Vol.9, No.2, pp.209-238, 2018. Permanent link to this document: http://dx.doi.org/10.7903/ijecs.1651","PeriodicalId":38305,"journal":{"name":"International Journal of Electronic Commerce Studies","volume":" ","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2019-03-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Electronic Commerce Studies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.7903/ijecs.1651","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"Computer Science","Score":null,"Total":0}

引用次数: 0

Abstract

Android security has become a very important issue with regard to mobile phone development: Android gives great freedom to developers to create and publish their apps for free in the PlayStore. The security mechanism of Android is based on an instrument that gives users the information about permissions that the application requests before installing it. This authorization system provides an overview of the application, and this can help to raise awareness of its risks. However, standard users still do not have enough information to understand clearly these requested authorizations and their implications on their security. In this article, we present a tool called “Permission watcher” that combines dynamic and static analysis. Our proposed tool allows users to install any application with only the necessary permissions instead of accepting all permissions requested or cancel the installation completely. To cite this document: Er-rajy Latifa, and El Kiram My Ahmed, " PERMISSION WATCHER TOOL: A SANDBOX TOOL-BASED STATIC AND DYNAMIC ANALYSIS FOR ANDROID APPS ", International Journal of Electronic Commerce Studies, Vol.9, No.2, pp.209-238, 2018. Permanent link to this document: http://dx.doi.org/10.7903/ijecs.1651

查看原文本刊更多论文

Permission Watcher Tool:一个基于静态和动态分析的沙盒工具，用于Android应用程序

安卓系统的安全性已经成为手机开发中一个非常重要的问题：安卓系统为开发者提供了很大的自由，可以在PlayStore中免费创建和发布他们的应用程序。安卓的安全机制基于一种工具，该工具在安装应用程序之前向用户提供有关应用程序请求的权限的信息。该授权系统提供了应用程序的概述，这有助于提高人们对其风险的认识。然而，标准用户仍然没有足够的信息来清楚地了解这些请求的授权及其对其安全的影响。在本文中，我们介绍了一个名为“权限观察者”的工具，它结合了动态和静态分析。我们提出的工具允许用户只使用必要的权限安装任何应用程序，而不是接受所有请求的权限或完全取消安装。引用本文件：Er rajy Latifa和El Kiram My Ahmed，“许可观察工具：基于沙盒工具的ANDROID应用程序静态和动态分析”，《国际电子商务研究杂志》，2018年第9卷，第2期，第209-238页。本文件的永久链接：http://dx.doi.org/10.7903/ijecs.1651

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Journal of Electronic Commerce Studies Computer Science-Computer Science Applications

CiteScore

1.40

自引率

0.00%

发文量

期刊介绍： The IJECS is a double-blind referred academic journal for all fields of Electronic Commerce. To serve as an international platform, the IJECS encourages manuscript submissions from authors all around the world. As a multi-discipline journal, The IJECS welcome both technology oriented and business oriented electronic commerce research articles. The purpose of the International Journal of Electronic Commerce Studies is to promote electronic commerce research and provide worldwide scholars a place to publish their innovative work in electronic commerce. To be published in the journal, the manuscript must make strong empirical, theoretical, or practical contributions and highlight the significance of the contributions to the electronic commerce field. Thus, preference is given to submissions that test, extend, or build strong theoretical frameworks for electronic commerce theory, electronic commerce system development, and electronic commerce practice. The journal is not tied to any particular national context; the geographic distribution of authors publishing in the journal came from countries around the world. Articles introducing cases of innovative applications in electronic commerce around the world are also published in the journal. The journal provides scholars opportunities to realize the electronic commerce research and development around the world. Articles in the International Journal of Electronic Commerce Studies will include, but are not limited to the following areas.