• DocumentCode
    2847631
  • Title

    Analysis of Android Applications´ Permissions

  • Author

    Johnson, Ryan ; Wang, Zhaohui ; Gagnon, Corey ; Stavrou, Angelos

  • Author_Institution
    Center for Secure Inf. Syst., George Mason Univ., Fairfax, VA, USA
  • fYear
    2012
  • fDate
    20-22 June 2012
  • Firstpage
    45
  • Lastpage
    46
  • Abstract
    We developed an architecture that automatically searches for and downloads Android applications from the Android Market. Furthermore, we created a detailed mapping of Android application programming interface (API) calls to the required permission(s), if any, for each call. We then performed an analysis of 141,372 Android applications to determine if they have the appropriate set of permissions based on the static analysis of the APK bytecode of each application. Our findings indicate that the majority of mobile software developers are not using the correct permission set and that they either over-specify or under-specify their security requirements.
  • Keywords
    application program interfaces; mobile computing; operating systems (computers); program diagnostics; security of data; software engineering; API; APK bytecode; Android application permissions; Android application programming interface; Android market; detailed mapping; mobile software developers; security requirements; static analysis; Androids; Educational institutions; Humanoid robots; Java; Security; Smart phones; Software;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Software Security and Reliability Companion (SERE-C), 2012 IEEE Sixth International Conference on
  • Conference_Location
    Gaithersburg, MD
  • Print_ISBN
    978-1-4673-2670-4
  • Type

    conf

  • DOI
    10.1109/SERE-C.2012.44
  • Filename
    6258449
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2847631