Analyzing Android App Privacy With GP-PP Model

Mobile devices have become the major platforms of the Internet of Things applications for industrial enterprises. The ever-increasing number of Android Phone users has raised great concerns regarding the privacy issues related to the use of Android Apps. Freely downloadable apps requesting a large number of permissions have resulted in severe privacy concerns. While granting the permissions, users usually do not read their details or are unable to judge an app based on the permissions requested. In this paper, we address the privacy issues by categorizing app permissions into privacy invasive and generic permissions and validating the classification using the Naïve Bayes classifier.

[1]  Steve Hanna,et al.  Android permissions demystified , 2011, CCS '11.

[2]  Yajin Zhou,et al.  Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets , 2012, NDSS.

[3]  Lorrie Faith Cranor,et al.  Privacy as part of the app decision-making process , 2013, CHI.

[4]  Artem Starostin,et al.  A framework for static detection of privacy leaks in android applications , 2012, SAC '12.

[5]  Zhuoqing Morley Mao,et al.  AppProfiler: a flexible method of exposing privacy-related behavior in android applications to end users , 2013, CODASPY.

[6]  Yajin Zhou,et al.  Detecting repackaged smartphone applications in third-party android marketplaces , 2012, CODASPY '12.

[7]  Norman M. Sadeh,et al.  Reconciling mobile app privacy and usability on smartphones: could user privacy profiles help? , 2014, WWW.

[8]  Ninghui Li,et al.  Android permissions: a perspective combining risks and benefits , 2012, SACMAT '12.

[9]  Cong Wang,et al.  An Interactive Trust Model for Application Market of the Internet of Things , 2014, IEEE Transactions on Industrial Informatics.

[10]  Joseph E. Beck,et al.  Naive Bayes Classifiers for User Modeling , 1999 .

[11]  Wu He,et al.  Internet of Things in Industries: A Survey , 2014, IEEE Transactions on Industrial Informatics.

[12]  Nishtha Kesswani,et al.  How privacy invasive Android apps are? , 2016, 2016 3rd International Conference on Computing for Sustainable Global Development (INDIACom).

[13]  Naixue Xiong,et al.  Android platform-based individual privacy information protection system , 2016, Personal and Ubiquitous Computing.

[14]  Sheng-De Wang,et al.  An Android Malware Detection Approach Using Bayesian Inference , 2016, 2016 IEEE International Conference on Computer and Information Technology (CIT).

[15]  Pern Hui Chia,et al.  Is this app safe?: a large scale study on application permissions and risk signals , 2012, WWW.

[16]  Sakir Sezer,et al.  Analysis of Bayesian classification-based approaches for Android malware detection , 2016, IET Inf. Secur..

[17]  Norman M. Sadeh,et al.  Expectation and purpose: understanding users' mental models of mobile app privacy through crowdsourcing , 2012, UbiComp.

[18]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[19]  Nong Ye,et al.  Naïve Bayes Classifier , 2013 .

[20]  Hao Chen,et al.  Investigating User Privacy in Android Ad Libraries , 2012 .

[21]  Yajin Zhou,et al.  Taming Information-Stealing Smartphone Applications (on Android) , 2011, TRUST.

[22]  Lorrie Faith Cranor,et al.  A Conundrum of Permissions: Installing Applications on an Android Smartphone , 2012, Financial Cryptography Workshops.

[23]  Yuan Zhang,et al.  AppIntent: analyzing sensitive data transmission in android for privacy leakage detection , 2013, CCS.

[24]  Jacques Klein,et al.  FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps , 2014, PLDI.