A Comprehensive Analysis of Evolving Permission Usage in Android Apps: Trends, Threats, and Ecosystem Insights
🤖 AI Summary
This study investigates the evolutionary patterns of Android app permission usage from 2012 to 2022. It identifies a “permission-minimization” trend among malicious apps—evidenced by a 37% reduction in permission requests—to evade detection, while benign apps exhibit steadily increasing permission demands. Methodologically, we propose a semantic-enhanced association rule mining framework integrating FP-Growth, applied to a dataset of over ten million real-world apps to construct cross-year, cross-category permission co-occurrence pattern maps. Our analysis uncovers markedly heterogeneous permission combinations across 16 app categories. We further introduce the first semantically grounded permission taxonomy and empirically reveal two critical phenomena: (i) covert permission expansion driven by advertising SDKs, and (ii) permission centralization in top-tier applications. These findings provide an interpretable, reusable empirical foundation and methodological support for dynamic permission governance, lightweight malware detection, and privacy risk assessment.
Application Category
📝 Abstract
The proper use of Android app permissions is crucial to the success and security of these apps. Users must agree to permission requests when installing or running their apps. Despite official Android platform documentation on proper permission usage, there are still many cases of permission abuse. This study provides a comprehensive analysis of the Android permission landscape, highlighting trends and patterns in permission requests across various applications from the Google Play Store. By distinguishing between benign and malicious applications, we uncover developers' evolving strategies, with malicious apps increasingly requesting fewer permissions to evade detection, while benign apps request more to enhance functionality. In addition to examining permission trends across years and app features such as advertisements, in-app purchases, content ratings, and app sizes, we leverage association rule mining using the FP-Growth algorithm. This allows us to uncover frequent permission combinations across the entire dataset, specific years, and 16 app genres. The analysis reveals significant differences in permission usage patterns, providing a deeper understanding of co-occurring permissions and their implications for user privacy and app functionality. By categorizing permissions into high-level semantic groups and examining their application across distinct app categories, this study offers a structured approach to analyzing the dynamics within the Android ecosystem. The findings emphasize the importance of continuous monitoring, user education, and regulatory oversight to address permission misuse effectively.
Problem
Research questions and friction points this paper is trying to address.
Analyzing trends in Android app permission usage and abuse
Distinguishing permission strategies between benign and malicious apps
Exploring permission combinations impact on privacy and functionality
Innovation
Methods, ideas, or system contributions that make the work stand out.
FP-Growth algorithm for permission association mining
Distinguishing benign and malicious app permission trends
Categorizing permissions into high-level semantic groups
🔎 Similar Papers
No similar papers found.
