Research Article
Analysis of the Impact of Permissions on the Vulnerability of Mobile Applications
@INPROCEEDINGS{10.1007/978-3-030-41593-8_1, author={Gouayon Koala and Didier Bassol\^{e} and Aminata Zerbo/Saban\^{e} and Tegawend\^{e} Bissyand\^{e} and Oumarou Si\^{e}}, title={Analysis of the Impact of Permissions on the Vulnerability of Mobile Applications}, proceedings={e-Infrastructure and e-Services for Developing Countries. 11th EAI International Conference, AFRICOMM 2019, Porto-Novo, Benin, December 3--4, 2019, Proceedings}, proceedings_a={AFRICOMM}, year={2020}, month={2}, keywords={Permission abuse Vulnerability Privilege exploit Security}, doi={10.1007/978-3-030-41593-8_1} }- Gouayon Koala
Didier Bassolé
Aminata Zerbo/Sabané
Tegawendé Bissyandé
Oumarou Sié
Year: 2020
Analysis of the Impact of Permissions on the Vulnerability of Mobile Applications
AFRICOMM
Springer
DOI: 10.1007/978-3-030-41593-8_1
Abstract
In this paper, we explored the potential risks of authorizations unexplained by benign apps in order to maintain the confidentiality and availability of personal data. More precisely, we focused on the mechanisms for managing risk permissions under Android to limit the impact of these permissions on vulnerability vectors. We analyzed a sample of forty (40) apps developed in Burkina Faso and identified abuses of dangerous authorizations in several apps in relation to their functional needs. We also discovered combinations of dangerous permissions because it exposes the confidentiality of the data. This analysis allowed us to establish a link between permissions and vulnerabilities, as a source of risk of data security. These risks facilitate exploits of privileges that should be reduced. We have therefore proposed the need to coordinate resolution mechanisms to the administrators, developers, users to better guide the required permissions by benign apps on Android.