Dissertation/Thesis Abstract

Relationship between User Privacy and Application Permissions in Smartphone Platforms
by Caushaj, Eralda, Ph.D., Oakland University, 2017, 159; 10639215
Abstract (Summary)

Smartphone devices running mobile operating systems are an integral part of society. Smartphone devices are used every day for communication, work purposes, online banking, shopping, and getting information, etc. There is a perception that smartphones are immune from malware and attacks, but they introduce a lot of potential privacy risks to end-users. Smartphone capabilities that can be misused include access to sensitive information such as the International Mobile Equipment Identity (IMEI) phone identifier, location tracking, and Short Message Service (SMS) privileges, which may cost the user money.

This research presents a systematic study, which identifies potential attacks and threats, and introduces a new detection method that uses machine learning models to classify apps into safe, benign, and malicious categories. The goal is to explore and quantify the relationship between app permissions and user privacy. This research would also provide a novel method to measure the severity of user privacy violation.

Previous work in malicious app detection considered just one or two features, such as the category to which each app belongs and if there are more app permissions than required, but they never considered the impact of app permissions on smartphone malware and ad networks. Also, a lot of research has been conducted on identifying if there is information leakage that apps can conduct, but to the best of my knowledge there is not a formal method to measure user privacy violation. It occurs when the user is not notified about the resources or information accessed and if the information is misused when stored in third-party servers.

The present research addresses these issues. In addition, this study develops the Android Application Permission Manager (AAPM) privacy app which would inform users about (1) over-privileged app permissions, (2) the number of ad networks associated with each app, (3) potential privacy threats that each app permission can expose the user to, and (4) how to provide a balance between app functionality and protection of the user privacy.

Indexing (document details)
Advisor: Fu, Huirong
Commitee: Lipták, László, Sangeorzan, Brian, Sethi, Ishwar
School: Oakland University
Department: Engineering
School Location: United States -- Michigan
Source: DAI-B 79/07(E), Dissertation Abstracts International
Source Type: DISSERTATION
Subjects: Computer science
Keywords: Application permissions, Smartphone platforms, User privacy
Publication Number: 10639215
ISBN: 9780355660777
Copyright © 2019 ProQuest LLC. All rights reserved. Terms and Conditions Privacy Policy Cookie Policy
ProQuest