Download PDFOpen PDF in browser

Mobile App Privacy Analysis

EasyChair Preprint 11290

14 pagesDate: November 14, 2023

Abstract

In this paper, we investigate the feasibility of identifying a small set of privacy profiles as a way of helping users manage their mobile app privacy preferences. Our analysis does not limit itself to looking at permissions people feel comfortable granting to an app. Instead, it relies on static code analysis to determine the purpose for which an app requests each of its permissions, distinguishing for instance between apps relying on particular permissions to deliver their core functionality and apps requesting these permissions to share information with advertising networks or social networks. Using privacy preferences that reflect people’s comfort with the purpose for which different apps request their permissions, we use clustering techniques to identify privacy profiles.  A major contribution of this work is to show that, while people’s mobile app privacy preferences are diverse, it is possible to identify a small number of privacy profiles that collectively do a good job at capturing these diverse preferences.

Keyphrases: Android KeyStore, Android Studio, Firebase Crashlytics, MobSF, Privacy, Vulnerabilities, data collection, dynamic analysis, static analysis

BibTeX entry
BibTeX does not have the right entry for preprints. This is a hack for producing the correct reference:
@booklet{EasyChair:11290,
  author    = {Vivek Reddy and Madhusudhan Reddy and Chaitanya Kumar Reddy and S Vikas},
  title     = {Mobile App Privacy Analysis},
  howpublished = {EasyChair Preprint 11290},
  year      = {EasyChair, 2023}}
Download PDFOpen PDF in browser