A Multilateral Privacy Impact Analysis Method for Android Applications-Reference-Cited by-同舟云学术

A Multilateral Privacy Impact Analysis Method for Android Applications

Published:2022-12-01 Issue:2 Volume:7 Page:1-20
ISSN:2544-6320
Container-title:Annals of Science and Technology
language:en
Short-container-title:

Author:

Orjiude Kelly E.¹,Yinka-Banjo Chika O.¹

Affiliation:

1. Department of Computer Science , University of Lagos , Nigeria

Abstract

Abstract Most people’s private lives can be monitored by smartphone applications (apps). Apps have the potential to invade private spaces, access and map social interactions, track users’ whereabouts, and track their online activities. Our interest is in the volume of data that a specific app can and seeks to retrieve on a smartphone. Smartphone app privacy friendliness is normally evaluated based on single-source analyses, which often do not offer a thorough assessment of the app’s actual privacy threats. In order to analyze Android apps’ privacy, this study proposes a multi-source methodology. Our data sets and methodology from app manifestos, privacy policies, vulnerability analysis and user reviews were described. Results from a case study on ten well-known finance applications operating in Nigeria were provided in order to assess our methodology. Our findings showed distinct patterns regarding the possible privacy implications of apps, with some of the apps in the data set infringing fundamental privacy principles. The case study’s findings reveal significant differences that can guide users in making relevant app choices.

Publisher

Walter de Gruyter GmbH

Link

https://www.sciendo.com/pdf/10.2478/ast-2022-0005

Reference61 articles.

1. Achara, J.P., Roca, V., Castelluccia, C., and Francillon, A. (2016). MobileAppScrutinator: A Simple yet Efficient Dynamic Analysis Approach for Detecting Privacy Leaks across Mobile OSs. https://doi.org/10.48550/arXiv.1605.08357

2. Achara, J. P., Acs, G., and Castelluccia, C. (2015). On the Unicity of Smartphone Applications, In Proceedings of the 14th ACM Workshop on Privacy in the Electronic Society (WPES ‘15). Association for Computing Machinery, New York, NY, USA, 27–36. https://doi.org/10.1145/2808138.280814610.1145/2808138.2808146

3. Alepis, E., Patsakis, C. (2019). Unravelling Security Issues of Runtime Permissions in Android, Journal of Hardware and Systems Security (3); 45–63. https://doi.org/10.1007/s41635-018-0053-210.1007/s41635-018-0053-2

4. Arp, D., Quiring, E., Wressneger, C., and Rieck, K. (2017). Privacy Threats through Ultrasonic Side Channels on Mobile Devices, IEEE European Symposium on Security and Privacy (EuroS&P); 35-47. https://doi.org/10.1109/EuroSP.2017.3310.1109/EuroSP.2017.33

5. Chin, E., Felt, A.P., Sekar, V., and Wagner, D.A. (2012). Measuring user confidence in smartphone security and privacy. In Proceedings of the Eighth Symposium on Usable Privacy and Security (SOUPS ‘12). Association for Computing Machinery, New York, NY, USA (Article 1); 1–16. https://doi.org/10.1145/2335356.233535810.1145/2335356.2335358