How do Apps Evolve in Their Permission Requests? A Preliminary Study

被引:24
作者
Calciati, Paolo [1 ,2 ]
Gorla, Alessandra [1 ]
机构
[1] IMDEA Software Inst, Madrid, Spain
[2] Univ Politecn Madrid, Madrid, Spain
来源
2017 IEEE/ACM 14TH INTERNATIONAL CONFERENCE ON MINING SOFTWARE REPOSITORIES (MSR 2017) | 2017年
关键词
D O I
10.1109/MSR.2017.64
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
We present a preliminary study to understand how apps evolve in their permission requests across different releases. We analyze over 14K releases of 227 Android apps, and we see how permission requests change and how they are used. We find that apps tend to request more permissions in their evolution, and many of the newly requested permissions are initially overprivileged. Our qualitative analysis, however, shows that the results that popular tools report on overprivileged apps may be biased by incomplete information or by other factors. Finally, we observe that when apps no longer request a permission, it does not necessarily mean that the new release offers less in terms of functionalities.
引用
收藏
页码:37 / 41
页数:5
相关论文
共 10 条
[1]  
Allix K, 2016, 13TH WORKING CONFERENCE ON MINING SOFTWARE REPOSITORIES (MSR 2016), P468, DOI [10.1145/2901739.2903508, 10.1109/MSR.2016.056]
[2]   Empirical assessment of machine learning-based malware detectors for Android Measuring the gap between in-the-lab and in-the-wild validation scenarios [J].
Allix, Kevin ;
Bissyande, Tegawende F. ;
Jerome, Quentin ;
Klein, Jacques ;
State, Radu ;
Le Traon, Yves .
EMPIRICAL SOFTWARE ENGINEERING, 2016, 21 (01) :183-211
[3]  
[Anonymous], 2012, NDSS
[4]  
Au K. W. Y., 2012, Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS '12, ACM, New York, NY, USA, P217, DOI 10.1145/2382196.2382222
[5]  
Bartel A, 2012, IEEE INT CONF AUTOM, P274, DOI 10.1145/2351676.2351722
[6]  
Felt AP, 2011, PROCEEDINGS OF THE 18TH ACM CONFERENCE ON COMPUTER & COMMUNICATIONS SECURITY (CCS 11), P627
[7]   A Dataset of Open-Source Android Applications [J].
Krutz, Daniel E. ;
Mirakhorli, Mehdi ;
Malachowsky, Samuel A. ;
Ruiz, Andres ;
Peterson, Jacob ;
Filipski, Andrew ;
Smith, Jared .
12TH WORKING CONFERENCE ON MINING SOFTWARE REPOSITORIES (MSR 2015), 2015, :522-525
[8]   Which Android App Store Can be Trusted in China? [J].
Ng, Yi Ying ;
Zhou, Hucheng ;
Ji, Zhiyuan ;
Luo, Huan ;
Dong, Yuan .
2014 IEEE 38TH ANNUAL INTERNATIONAL COMPUTERS, SOFTWARE AND APPLICATIONS CONFERENCE (COMPSAC), 2014, :509-518
[9]  
Taylor V. F., 2016, CORR
[10]  
Wei XT, 2012, 28TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE (ACSAC 2012), P31
1