Smartphones are becoming the mobile hubs of information for many people and companies. What started as a way to provide users with the flexibility of installing small software components called Apps to enhance the usability of their phone has grown into a global market with hundreds of thousands of applications built by thousands of developers. However, while there are plenty of well established companies developing useful applications or entertaining games there is no easy way to differentiate them from companies that put users at risk or worse are directly distributing malware or spyware. One attribute that is often used in distinguishing “good” Apps from “bad” ones are their ratings. Nevertheless, research has shown that this can prove to be an unreliable metric, especially in cases with low rating counts. Reviews are also supposed to provide the user with an assessment of an App's trustworthiness by real people. However, fake reviews written by collaborators of the developer or the developer himself are common to boost an App's ranking. How is the average user able to distinguish between real and fake reviews? Finally, Apps run inside a security sandbox and need permissions to interact with the smartphone and the data stored on it. The problem is that users are usually not aware of what specific permissions mean or why they need to be granted. In this paper we present a trustworthiness assessment model for Apps that takes into consideration these factors as well as others to provide the user with an indication of whether an App can be trusted and if so why. Furthermore, the model incorporates various relations between Apps and we discuss whether or not they should have an impact on the individual App's assessment. The research demonstrates that in order to make a decision to install an App one has to consider more than just App information and look into its associated meta data as well.
[1]
Claire Cardie,et al.
Finding Deceptive Opinion Spam by Any Stretch of the Imagination
,
2011,
ACL.
[2]
P. Jaccard.
Distribution de la flore alpine dans le bassin des Dranses et dans quelques régions voisines
,
1901
.
[3]
Steve Hanna,et al.
A survey of mobile malware in the wild
,
2011,
SPSM '11.
[4]
Roxana Geambasu,et al.
Regaining control over cloud and mobile data
,
2011
.
[5]
IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2013, San Diego, CA, USA, February 25-28, 2013
,
2013,
CogSIMA.
[6]
Sang Joon Kim,et al.
A Mathematical Theory of Communication
,
2006
.
[7]
J. Reid,et al.
DOI : will be inserted by hand later ) X-ray emission from expanding cocoons
,
2008
.
[8]
M. Kuehnhausen,et al.
Framework for assessing the trustworthiness of cloud resources
,
2012,
2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support.
[9]
Arjun Mukherjee,et al.
Spotting fake reviewer groups in consumer reviews
,
2012,
WWW.
[10]
Steve Hanna,et al.
Android permissions demystified
,
2011,
CCS '11.
[11]
Finn Årup Nielsen,et al.
A New ANEW: Evaluation of a Word List for Sentiment Analysis in Microblogs
,
2011,
#MSM.
[12]
Jeremy Andrus,et al.
Cells: a virtual mobile smartphone architecture
,
2011,
SOSP '11.
[13]
David A. Wagner,et al.
The Effectiveness of Application Permissions
,
2011,
WebApps.
[14]
Ninghui Li,et al.
Using probabilistic generative models for ranking risks of Android apps
,
2012,
CCS.