TITLE:
Associated Risks in Mobile Applications Permissions
AUTHORS:
Mohammed Al Jutail, Mousa Al-Akhras, Abdulaziz Albesher
KEYWORDS:
Mobile Permission, Android, Privacy, Attack, Security, Association, Apriori
JOURNAL NAME:
Journal of Information Security,
Vol.10 No.2,
March
26,
2019
ABSTRACT: Mobile applications affect user’s privacy based on the granted application’s
permissions as attackers exploit mobile application permissions in Android
and other mobile operating systems. This research divides permissions based
on Google’s classification of dangerous permissions into three groups. The
first group contains the permissions that can access user’s private data such as
reading call log. The second group contains the permissions that can modify
user’s data such as modifying the numbers in contacts. The third group contains
the remaining permissions which can track the location, and use the
microphone and other sensitive issues that can spy on the user. This research
is supported by a study that was conducted on 100 participants in Saudi Arabia
to show the level of users’ awareness of associated risks in mobile applications
permissions. Associations among the collected data are also analyzed.
This research fills the gap in user’s awareness by providing best practices in
addition to developing a new mobile application to help users decide whether
an application is safe to be installed and used or not. This application is called
“Sparrow” and is available in Google Play Store.