INSTITUTIONAL DIGITAL REPOSITORY

A multi-dimensional measure for intrusion: the intrusiveness quality attribute

Show simple item record

dc.contributor.author Agrawal, A.
dc.contributor.author Sodhi, B.
dc.contributor.author Prabhakar, T.V.
dc.date.accessioned 2016-11-29T05:54:21Z
dc.date.available 2016-11-29T05:54:21Z
dc.date.issued 2016-11-29
dc.identifier.uri http://localhost:8080/xmlui/handle/123456789/661
dc.description.abstract Security in personal devices like mobile phones, tablets, is a major concern because these devices often carry sensitive information. Device platforms (e.g. Android) implement "limit access" and "authorize" security tactics to protect privacy/security-sensitive resources against misuse by an app. For instance, Android defines a set of 100+ permissions that guard resources such as phonebook data, network sockets and so on. However, due to poor understanding of these complex permissions, users inadvertently grant dangerous permissions to the apps, which defeat the security tactics implemented. Thus, security of a device is directly related to the capabilities granted to the intruder (app in this case). In this paper, we define a new quality attribute (QA) called Intrusiveness of an app, which characterizes the capabilities of an app to cause violation of personal and operational information of the user/device. We suggest a framework to compute "in-trusiveness" on a given platform. Intrusiveness of an app is represented as a 4-tuple. This tuple characterizes the extent to which the permissions, that are being sought by an app, could compromise in 4 dimensions of information, viz. User, Device, Carrier and the External World. It helps the user to realize the nature of privacy-sensitive resources that (s)he is exposing to the app. Efficacy of our framework is demonstrated by examining intrusiveness of 814 most popular free apps on Android. The Intrusiveness QA could be used to compute potential violation of User Personal Privacy, User Locational Privacy and violation of Device Integrity. Our analysis shows that 84% of apps examined are in a position to compromise User Personal Privacy, 96% can comprise Device Integrity and 92% can compromise Locational Privacy. en_US
dc.language.iso en_US en_US
dc.subject Android en_US
dc.subject Intrusiveness en_US
dc.subject Privacy en_US
dc.title A multi-dimensional measure for intrusion: the intrusiveness quality attribute en_US
dc.type Article en_US


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search DSpace


Advanced Search

Browse

My Account