Smartphone devices running mobile operating systems are an integral part of society. Smartphone devices are used every day for communication, work purposes, online banking, shopping, and getting information, etc. There is a perception that smartphones are immune from malware and attacks, but they introduce a lot of potential privacy risks to end-users. Smartphone capabilities that can be misused include access to sensitive information such as the International Mobile Equipment Identity (IMEI) phone identifier, location tracking, and Short Message Service (SMS) privileges, which may cost the user money.
This research presents a systematic study, which identifies potential attacks and threats, and introduces a new detection method that uses machine learning models to classify apps into safe, benign, and malicious categories. The goal is to explore and quantify the relationship between app permissions and user privacy. This research would also provide a novel method to measure the severity of user privacy violation.
Previous work in malicious app detection considered just one or two features, such as the category to which each app belongs and if there are more app permissions than required, but they never considered the impact of app permissions on smartphone malware and ad networks. Also, a lot of research has been conducted on identifying if there is information leakage that apps can conduct, but to the best of my knowledge there is not a formal method to measure user privacy violation. It occurs when the user is not notified about the resources or information accessed and if the information is misused when stored in third-party servers.
The present research addresses these issues. In addition, this study develops the Android Application Permission Manager (AAPM) privacy app which would inform users about (1) over-privileged app permissions, (2) the number of ad networks associated with each app, (3) potential privacy threats that each app permission can expose the user to, and (4) how to provide a balance between app functionality and protection of the user privacy.
|Commitee:||Lipták, László, Sangeorzan, Brian, Sethi, Ishwar|
|School Location:||United States -- Michigan|
|Source:||DAI-B 79/07(E), Dissertation Abstracts International|
|Keywords:||Application permissions, Smartphone platforms, User privacy|
Copyright in each Dissertation and Thesis is retained by the author. All Rights Reserved
The supplemental file or files you are about to download were provided to ProQuest by the author as part of a
dissertation or thesis. The supplemental files are provided "AS IS" without warranty. ProQuest is not responsible for the
content, format or impact on the supplemental file(s) on our system. in some cases, the file type may be unknown or
may be a .exe file. We recommend caution as you open such files.
Copyright of the original materials contained in the supplemental file is retained by the author and your access to the
supplemental files is subject to the ProQuest Terms and Conditions of use.
Depending on the size of the file(s) you are downloading, the system may take some time to download them. Please be