Skip to main content
SpringerLink
Log in

Analyzing Unnecessary Permissions Requested by Android Apps Based on Users’ Opinions

  • Conference paper
  • First Online:
Information Security Applications (WISA 2014)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8909))

Included in the following conference series:

Abstract

Many existing mobile apps request for unnecessary permissions knowing that users often ignore permission warning messages. We conducted an online user study to investigate how users feel about permissions being requested by both free and paid Android apps. Results show that users tend to feel that free Android apps request for more unnecessary permissions compared to paid apps. Users also felt that older apps (those that are previously released and have gone through several updates) request for more unnecessary permissions than those that are newly released. Based on that observation, we surmise that many developers initially publish apps that require a small set of permissions (so that users are not discouraged from installing an app), and gradually add more permissions to their apps through updates.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Barrera, D., Kayacik, H.G., van Oorschot, P.C., Somayaji, A.: A methodology for empirical analysis of permission-based security models and its application to android. In: Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS) (2010)

    Google Scholar 

  2. Egelman, S., Tsai, J., Cranor, L.F., Acquisti, A.: Timing is everything?: the effects of timing and placement of online privacy indicators. In: Proceedings of the 27th ACM Conference on Human Factors in Computing Systems (2009)

    Google Scholar 

  3. Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D.: Android permissions demystified. In: Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS) (2011)

    Google Scholar 

  4. Felt, A.P., Greenwood, K., Wagner, D.: The effectiveness of application permissions. In: Proceedings of the 2nd USENIX Conference on Web Application Development (WebApps) (2011)

    Google Scholar 

  5. Felt, A.P., Ha, E., Egelman, S., Haney, A., Chin, E., Wagner, D.: Android permissions: user attention, comprehension, and behavior. In: Proceedings of the 8th Symposium on Usable Privacy and Security (SOUPS) (2012)

    Google Scholar 

  6. Kelley, P.G., Cranor, L.F., Sadeh, N.: Privacy as part of the app decision-making process. In: Proceedings of the 31st ACM Conference on Human Factors in Computing Systems (2013)

    Google Scholar 

  7. Kelley, P.G., Consolvo, S., Cranor, L.F., Jung, J., Sadeh, N., Wetherall, D.: A conundrum of permissions: installing applications on an android smartphone. In: Blyth, J., Dietrich, S., Camp, L.J. (eds.) FC 2012. LNCS, vol. 7398, pp. 68–79. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  8. Leyden, J.: The TRUTH about LEAKY, STALKING, SPYING smartphone applications. The Register (2014)

    Google Scholar 

  9. Saltzer, J.H., Schroeder, M.D.: The protection of information in computer systems. Proc. IEEE 63(9), 1278–1308 (1975)

    Article  Google Scholar 

  10. Schlegel, R., Zhang, K., Zhou, X., Intwala, M., Kapadia, A., Wang, X.: Soundcomber: a stealthy and context-aware sound trojan for smartphones. In: Proceedings of the 18th Network and Distributed System Security Symposium (NDSS) (2011)

    Google Scholar 

  11. Vidas, T., Christin, N., Cranor, L.: Curbing android permission creep. In: Proceedings of the 5th Workshop on Web 2.0 Security and Privacy (W2SP) (2011)

    Google Scholar 

  12. Xu, N., Zhang, F., Luo, Y., Jia, W., Xuan, D., Teng, J.: Stealthy video capturer: a new video-based spyware in 3G smartphones. In: Proceedings of the 2nd ACM Conference on Wireless Network Security (WiSec) (2009)

    Google Scholar 

Download references

Acknowledgements

This research was partly supported by the MSIP (Ministry of Science, ICT & Future Planning), Korea, under the ITRC (Information Technology Research Center) support program (NIPA-2014-H0301-14-1010) supervised by the NIPA (National IT Industry Promotion Agency) and is funded in part by the ICT R&D program (2014-044-072-003, ‘Development of Cyber Quarantine System using SDN Techniques’) of MSIP/IITP.

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Sungkyunkwan University, Seoul, Korea

    Jina Kang, Daehyun Kim & Hyoungshick Kim

  2. Honeywell ACS Labs, Golden Valley, USA

    Jun Ho Huh

Authors
  1. Jina Kang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Daehyun Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hyoungshick Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jun Ho Huh
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jun Ho Huh .

Editor information

Editors and Affiliations

  1. Pukyong National University, Busan, Korea, Republic of (South Korea)

    Kyung-Hyune Rhee

  2. School of Computer Science and Engineering, Soongsil University, Seoul, Korea, Republic of (South Korea)

    Jeong Hyun Yi

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Kang, J., Kim, D., Kim, H., Huh, J.H. (2015). Analyzing Unnecessary Permissions Requested by Android Apps Based on Users’ Opinions. In: Rhee, KH., Yi, J. (eds) Information Security Applications. WISA 2014. Lecture Notes in Computer Science(), vol 8909. Springer, Cham. https://doi.org/10.1007/978-3-319-15087-1_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-15087-1_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-15086-4

  • Online ISBN: 978-3-319-15087-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation