Measuring API documentation on the web
Proceedings of the 2nd International Workshop on Web 2.0 for Software Engineering
Early detection of potential experts in question answering communities
UMAP'11 Proceedings of the 19th international conference on User modeling, adaption, and personalization
Quire: lightweight provenance for smart phone operating systems
SEC'11 Proceedings of the 20th USENIX conference on Security
Android permissions demystified
Proceedings of the 18th ACM conference on Computer and communications security
ACM Transactions on Information Systems (TOIS)
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
Hi-index | 0.00 |
Security policies, which specify what applications are allowed to do, are notoriously difficult to specify correctly. Many applications were found to request over-liberal permis- sions. On mobile platforms, this might prevent a cautious user from installing an otherwise harmless application or, even worse, increase the attack surface in vulnerable applications. As a result of such difficulties, programmers frequently ask about them in on-line fora. Our goal is to gain some insight into both the misuse of permissions and the discussions of permissions in on-line fora. We analyze about 10,000 free apps from popular Android markets and found a significant sub-linear relationship between the popularity of a permission and the number of times when it is misused. We also study the relationship of permission use and the number of questions about the permission on StackOverflow. Finally, we study the effect of the influence of a permission (the functionality that it controls) and the interference of a permission (the number of other permissions that influence the same classes) on the occurrence of both permission misuse and permission discussions in StackOverflow.