Related papers: A Comprehensive Analysis of Evolving Permission Usage in Android Apps: Trends, Threats, and Ecosystem Insights

A Comprehensive Analysis of Evolving Permission Usage in Android Apps: Trends, Threats, and Ecosystem Insights

URL: http://arxiv.org/abs/2508.02008v1
Date: Mon, 04 Aug 2025 02:54:10 GMT
Title: A Comprehensive Analysis of Evolving Permission Usage in Android Apps: Trends, Threats, and Ecosystem Insights
Authors: Ali Alkinoon, Trung Cuong Dang, Ahod Alghuried, Abdulaziz Alghamdi, Soohyeon Choi, Manar Mohaisen, An Wang, Saeed Salem, David Mohaisen,
Abstract summary: Despite official Android platform documentation on proper permission usage, there are still many cases of permission abuse.<n>This study provides a comprehensive analysis of the Android permission landscape.<n>By distinguishing between benign and malicious applications, we uncover developers' evolving strategies.
Score: 9.172402449557264
License: http://creativecommons.org/licenses/by-nc-nd/4.0/
Abstract: The proper use of Android app permissions is crucial to the success and security of these apps. Users must agree to permission requests when installing or running their apps. Despite official Android platform documentation on proper permission usage, there are still many cases of permission abuse. This study provides a comprehensive analysis of the Android permission landscape, highlighting trends and patterns in permission requests across various applications from the Google Play Store. By distinguishing between benign and malicious applications, we uncover developers' evolving strategies, with malicious apps increasingly requesting fewer permissions to evade detection, while benign apps request more to enhance functionality. In addition to examining permission trends across years and app features such as advertisements, in-app purchases, content ratings, and app sizes, we leverage association rule mining using the FP-Growth algorithm. This allows us to uncover frequent permission combinations across the entire dataset, specific years, and 16 app genres. The analysis reveals significant differences in permission usage patterns, providing a deeper understanding of co-occurring permissions and their implications for user privacy and app functionality. By categorizing permissions into high-level semantic groups and examining their application across distinct app categories, this study offers a structured approach to analyzing the dynamics within the Android ecosystem. The findings emphasize the importance of continuous monitoring, user education, and regulatory oversight to address permission misuse effectively.

Related papers

Understanding Concept Drift with Deprecated Permissions in Android Malware Detection [10.268191178804168]
We investigate the impact of deprecation or restriction of permissions on the performance of machine learning models.<n>A dataset containing 166 permissions was used, encompassing more than 70,000 malware and benign applications.<n>The results suggest that Android permissions are highly effective features for malware detection.
arXiv Detail & Related papers (2025-07-29T20:54:48Z)
Creating General User Models from Computer Use [62.91116265732001]
This paper presents an architecture for a general user model (GUM) that learns about you by observing any interaction you have with your computer.<n>The GUM takes as input any unstructured observation of a user (e.g., device screenshots) and constructs confidence-weighted propositions that capture user knowledge and preferences.
arXiv Detail & Related papers (2025-05-16T04:00:31Z)
What If We Had Used a Different App? Reliable Counterfactual KPI Analysis in Wireless Systems [52.499838151272016]
This paper addresses the problem of estimating the values of traffic that would have been obtained if a different app had been implemented by the RAN.<n>We propose a conformal-prediction-based counterfactual analysis method for wireless systems.
arXiv Detail & Related papers (2024-09-30T18:47:26Z)
User Strategization and Trustworthy Algorithms [81.82279667028423]
We show that user strategization can actually help platforms in the short term. We then show that it corrupts platforms' data and ultimately hurts their ability to make counterfactual decisions.
arXiv Detail & Related papers (2023-12-29T16:09:42Z)
Investigating Software Developers' Challenges for Android Permissions in Stack Overflow [0.9821874476902969]
This study investigates the permission-related challenges developers face on the crowdsourcing platform Stack Overflow. We conducted qualitative and quantitative analyses on 3,327 permission-related questions and 3,271 corresponding answers. Our study indicates the need for clear, consistent documentation to guide the use of permissions and reduce developer misunderstanding.
arXiv Detail & Related papers (2023-10-31T18:37:03Z)
Intent-Aware Permission Architecture: A Model for Rethinking Informed Consent for Android Apps [3.383670923637874]
This paper proposes an unambiguous, informed consent process that provides developers with a standardized method for declaring Intent. The overarching objective of this model is to ensure end-users are adequately informed before making decisions on their data.
arXiv Detail & Related papers (2022-02-14T19:22:44Z)
Erasing Labor with Labor: Dark Patterns and Lockstep Behaviors on Google Play [13.658284581863839]
Google Play's policy forbids the use of incentivized installs, ratings, and reviews to manipulate the placement of apps. We examine install-incentivizing apps through a socio-technical lens and perform a mixed-methods analysis of their reviews and permissions. Our dataset contains 319K reviews collected daily over five months from 60 such apps that cumulatively account for over 160.5M installs. We find evidence of fraudulent reviews on install-incentivizing apps, following which we model them as an edge stream in a dynamic bipartite graph of apps and reviewers.
arXiv Detail & Related papers (2022-02-09T16:54:27Z)
Analysis of Longitudinal Changes in Privacy Behavior of Android Applications [79.71330613821037]
In this paper, we examine the trends in how Android apps have changed over time with respect to privacy. We examine the adoption of HTTPS, whether apps scan the device for other installed apps, the use of permissions for privacy-sensitive data, and the use of unique identifiers. We find that privacy-related behavior has improved with time as apps continue to receive updates, and that the third-party libraries used by apps are responsible for more issues with privacy.
arXiv Detail & Related papers (2021-12-28T16:21:31Z)
Emerging App Issue Identification via Online Joint Sentiment-Topic Tracing [66.57888248681303]
We propose a novel emerging issue detection approach named MERIT. Based on the AOBST model, we infer the topics negatively reflected in user reviews for one app version. Experiments on popular apps from Google Play and Apple's App Store demonstrate the effectiveness of MERIT.
arXiv Detail & Related papers (2020-08-23T06:34:05Z)
General-Purpose User Embeddings based on Mobile App Usage [46.343844014289246]
behaviors on mobile app usage, including retention, installation, and uninstallation, can be a good indicator for both long-term and short-term interests of users. Traditionally, user modeling from mobile app usage heavily relies on handcrafted feature engineering. We present a tailored AutoEncoder-coupled Transformer Network (AETN), by which we overcome these challenges and achieve the goals of reducing manual efforts and boosting performance.
arXiv Detail & Related papers (2020-05-27T12:01:50Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.