Short paper: Enhancing users' comprehension of android permissions

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2012, Pages 21-26

  Yang, Liu ^a   Boushehrinejadmoradi, Nader ^a   Roy, Pallab ^a   Ganapathy, Vinod ^a   Iftode, Liviu ^a  

^a RUTGERS UNIVERSITY   (United States)

Author keywords

Android permission; Crowdsourcing; Mobile applications; Permission understanding; Record and replay

Indexed keywords

ANDROID PERMISSION; CROWDSOURCING; MOBILE APPLICATIONS; PERMISSION UNDERSTANDING; RECORD-AND-REPLAY;

MOBILE DEVICES; SMARTPHONES;

ROBOTS;

EID: 84869771631     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2381934.2381940     Document Type: Conference Paper

References (18)

1. A. R. Beresford, A. Rice, N. Skehin, and R. Sohan. Mockdroid: trading privacy for application functionality on smartphones. In Proceedings of the 12th Workshop on Mobile Computing Systems and Applications, HotMobile '11, pages 49-54, New York, NY, USA, 2011. ACM.
2. J. Cheng, S. H. Wong, H. Yang, and S. Lu. Smartsiren: virus detection and alert for smartphones. In Proceedings of the 5th international conference on Mobile systems, applications and services, MobiSys '07, pages 258-271, New York, NY, USA, 2007. ACM.
3. CyanogenMod. http://www.cyanogenmod.com/, Retrieved in Aug 2012.
4. W. Enck, P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In Proceedings of the 9th USENIX conference on Operating systems design and implementation, OSDI'10, pages 1-6, Berkeley, CA, USA, 2010. USENIX Association.
5. W. Enck, D. Octeau, P. McDaniel, and S. Chaudhuri. A study of android application security. In Proceedings of the 20th USENIX conference on Security, SEC'11, pages 21-21, Berkeley, CA, USA, 2011. USENIX Association.
6. A. P. Felt, E. Chin, S. Hanna, D. Song, and D. Wagner. Android permissions demystified. In Proceedings of the 18th ACM conference on Computer and communications security, CCS '11, pages 627-638, New York, NY, USA, 2011. ACM.
7. A. P. Felt, E. Chin, S. Hanna, D. Song, and D. Wagner. Stowaway: A static analysis tool and permission map for identifying permission use in android applications. http://www.android-permissions.org/, 2011.
8. A. P. Felt, K. Greenwood, and D. Wagner. The effectiveness of application permissions. In Proceedings of the 2nd USENIX conference on Web application development, WebApps'11, pages 7-7, Berkeley, CA, USA, 2011. USENIX Association.
9. A. P. Felt, E. Ha, S. Egelman, A. Haney, E. Chin, and D. Wagner. Android permissions: user attention, comprehension, and behavior. In Proceedings of the Eighth Symposium on Usable Privacy and Security, SOUPS '12, pages 3:1-3:14, New York, NY, USA, 2012. ACM.
10. M. Grace, Y. Zhou, Z. Wang, and X. Jiang. Systematic detection of capability leaks in stock Android smartphones. In Proceedings of the 19th Network and Distributed System Security Symposium (NDSS), Feb. 2012.
11. P. Hornyack, S. Han, J. Jung, S. Schechter, and D. Wetherall. These aren't the droids you're looking for: retrofitting android to protect data from imperious applications. In Proceedings of the 18th ACM conference on Computer and communications security, CCS '11, pages 639-652, New York, NY, USA, 2011. ACM.
12. P. Kelley, S. Consolvo, L. Cranor, J. Jung, N. Sadeh, and D. Wetherall. A conundrum of permissions: Installing applications on an Android smartphone. In Proceedings of the Workshop on Usable Security (USEC), Feb. 2012.
13. J. Kendrick. Latest smartphone market share numbers: Apple is flat, google going strong. http://www.zdnet.com/blog/mobile-news/latest-smartphone- market-share-numbers-apple-is-flat-google-going-strong/2387, May 2011.
14. J. Lin, S. Amini, J. I. Hong, N. Sadeh, J. Lindqvist, and J. Zhang. Expecation and purpose: Understanding users' mental models of mobile app privacy through crowdsourcing. In Proceedings of the 14th ACM International Conference on Ubiquitous Computing, Sep 2012.
15. M. E. Locasto, S. Sidiroglou, and A. D. Keromytis. Software self-healing using collaborative application communities. In Proceedings of the Network and Distributed System Security Symposium, NDSS 2006, San Diego, California, USA. The Internet Society, 2006.
16. M. Nauman, S. Khan, and X. Zhang. Apex: extending android permission model and enforcement with user-defined runtime constraints. In Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, ASIACCS '10, pages 328-332, New York, NY, USA, 2010. ACM.
17. U. Shankar and C. Karlof. Doppelganger: Better browser privacy without the bother. In Proceedings of the 13th ACM conference on Computer and communications security, CCS '06, pages 154-167, New York, NY, USA, 2006. ACM.
18. K. Yadav, P. Kumaraguru, A. Goyal, A. Gupta, and V. Naik. Smsassassin: Crowdsourcing driven mobile-based system for sms spam filtering. In Proceedings of the 12th Workshop on Mobile Computing Systems & Applications, HotMobile '11. ACM, 2011.