An Investigation into Android Run-time Permissions from the End Users' Perspective

G.L. Scoccia, Ivano Malavolta, Marco Autili, Amleto Di Salle, Paola Inverardi

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

To protect the privacy of end users from intended or unintended
malicious behaviour, the Android operating system provides a
permissions-based security model that restricts access to privacy-
relevant parts of the platform. Starting with Android 6, the per-
mission system has been revamped, moving to a run-time model.
Users are now prompted for confirmation when an app attempts to
access a restricted part of the platform.
We conducted a large-scale empirical study to investigate how
end users perceive the new run-time permission system of Android,
collecting and inspecting over 4.3 million user reviews about 5,572
apps published in the Google Play Store. Among them, we iden-
tified, classified, and analyzed 3,574 permission-related reviews,
employing machine learning and Natural Language Processing
techniques. Out of the permission-related reviews, we determined
recurring points made by users about the new permission system
and classified them into a taxonomy. Results of our analysis sug-
gest that, even with the new system, permission-related issues are
widespread, with 8% of collected apps having user reviews with
negative comments about permissions. We identify a number of
points for improv
ement in the Android run-time permission system,
and provide recommendations for future research.
Original languageEnglish
Title of host publicationMOBILESoft '18 Proceedings of the 5th International Conference on Mobile Software Engineering and Systems
Place of PublicationNew York, NY
PublisherACM
Pages45-55
Number of pages11
ISBN (Print)9781450357128
DOIs
Publication statusPublished - 1 May 2018
EventMOBILESoft '18 Proceedings of the 5th International Conference on Mobile Software Engineering and Systems - Gothenburg, Sweden
Duration: 27 May 201828 May 2018
Conference number: 5

Conference

ConferenceMOBILESoft '18 Proceedings of the 5th International Conference on Mobile Software Engineering and Systems
Abbreviated titleMOBILESoft '18
CountrySweden
CityGothenburg
Period27/05/1828/05/18

Fingerprint Dive into the research topics of 'An Investigation into Android Run-time Permissions from the End Users' Perspective'. Together they form a unique fingerprint.

Cite this