Abstract
Many existing mobile apps request for unnecessary permissions knowing that users often ignore permission warning messages. We conducted an online user study to investigate how users feel about permissions being requested by both free and paid Android apps. Results show that users tend to feel that free Android apps request for more unnecessary permissions compared to paid apps. Users also felt that older apps (those that are previously released and have gone through several updates) request for more unnecessary permissions than those that are newly released. Based on that observation, we surmise that many developers initially publish apps that require a small set of permissions (so that users are not discouraged from installing an app), and gradually add more permissions to their apps through updates.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Barrera, D., Kayacik, H.G., van Oorschot, P.C., Somayaji, A.: A methodology for empirical analysis of permission-based security models and its application to android. In: Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS) (2010)
Egelman, S., Tsai, J., Cranor, L.F., Acquisti, A.: Timing is everything?: the effects of timing and placement of online privacy indicators. In: Proceedings of the 27th ACM Conference on Human Factors in Computing Systems (2009)
Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D.: Android permissions demystified. In: Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS) (2011)
Felt, A.P., Greenwood, K., Wagner, D.: The effectiveness of application permissions. In: Proceedings of the 2nd USENIX Conference on Web Application Development (WebApps) (2011)
Felt, A.P., Ha, E., Egelman, S., Haney, A., Chin, E., Wagner, D.: Android permissions: user attention, comprehension, and behavior. In: Proceedings of the 8th Symposium on Usable Privacy and Security (SOUPS) (2012)
Kelley, P.G., Cranor, L.F., Sadeh, N.: Privacy as part of the app decision-making process. In: Proceedings of the 31st ACM Conference on Human Factors in Computing Systems (2013)
Kelley, P.G., Consolvo, S., Cranor, L.F., Jung, J., Sadeh, N., Wetherall, D.: A conundrum of permissions: installing applications on an android smartphone. In: Blyth, J., Dietrich, S., Camp, L.J. (eds.) FC 2012. LNCS, vol. 7398, pp. 68–79. Springer, Heidelberg (2012)
Leyden, J.: The TRUTH about LEAKY, STALKING, SPYING smartphone applications. The Register (2014)
Saltzer, J.H., Schroeder, M.D.: The protection of information in computer systems. Proc. IEEE 63(9), 1278–1308 (1975)
Schlegel, R., Zhang, K., Zhou, X., Intwala, M., Kapadia, A., Wang, X.: Soundcomber: a stealthy and context-aware sound trojan for smartphones. In: Proceedings of the 18th Network and Distributed System Security Symposium (NDSS) (2011)
Vidas, T., Christin, N., Cranor, L.: Curbing android permission creep. In: Proceedings of the 5th Workshop on Web 2.0 Security and Privacy (W2SP) (2011)
Xu, N., Zhang, F., Luo, Y., Jia, W., Xuan, D., Teng, J.: Stealthy video capturer: a new video-based spyware in 3G smartphones. In: Proceedings of the 2nd ACM Conference on Wireless Network Security (WiSec) (2009)
Acknowledgements
This research was partly supported by the MSIP (Ministry of Science, ICT & Future Planning), Korea, under the ITRC (Information Technology Research Center) support program (NIPA-2014-H0301-14-1010) supervised by the NIPA (National IT Industry Promotion Agency) and is funded in part by the ICT R&D program (2014-044-072-003, ‘Development of Cyber Quarantine System using SDN Techniques’) of MSIP/IITP.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Kang, J., Kim, D., Kim, H., Huh, J.H. (2015). Analyzing Unnecessary Permissions Requested by Android Apps Based on Users’ Opinions. In: Rhee, KH., Yi, J. (eds) Information Security Applications. WISA 2014. Lecture Notes in Computer Science(), vol 8909. Springer, Cham. https://doi.org/10.1007/978-3-319-15087-1_6
Download citation
DOI: https://doi.org/10.1007/978-3-319-15087-1_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-15086-4
Online ISBN: 978-3-319-15087-1
eBook Packages: Computer ScienceComputer Science (R0)