An Empirical Analysis of Android Permission System Based on User Activities

摘要

In today's world there has been an exponential growth among smart-phone users which has led to the unbridled growth of smart-phone apps available in Google play store, app store etc., In case of android application, there are many free applications for which the user need not shell out a penny to use the services. Here the magic word is "free" which entices millions of pliant people into installing those apps and giving unnecessary access to their data and device control. Current studies have shown that over 70% of the apps in market, request to gather data digressive to the most functions of apps that might cause seeping of personal data or inefficient use of mobile resources. Of late, couple of malignant applications gather unobtrusive information of the user through third-party applications by increasing their permissions to high-level on the Android Operating System. Android permission system provides, the user access to the third party apps and in return based on the permissions granted by the user, an app can access the related resource from the user's mobile. A user is bound to grant or deny permits during the installation of the application. For the most part, users don't focus on the asked permissions, or sometimes users do not understand the meaning of the permission and install the app on their device. They allow a way for attackers to perform the malicious task by demanding for more than expected set of permissions. These extra permissions permit the attacker to exploit the device and also retrieve sensitive information from it. In this research paper we describe how permission system security can create an awareness among the users that would assist them in deciding on permission grants. This improved and responsible user activities in Android OS can help the users in utilizing their device securely.