Android permissions remystified: A field study on contextual integrity. Wijesekera, P., Baokar, A., Hosseini, A., Egelman, S., Wagner, D., & Beznosov, K. In 24th USENIX Security Symposium (USENIX Security 15), pages 499–514, 2015. ![Android permissions remystified: A field study on contextual integrity [link]](https://bibbase.org/img/filetypes/link.svg "link")
Paper abstract bibtex We instrumented the Android platform to collect data regarding how often and under what circumstances smartphone applications access protected resources regulated by permissions. We performed a 36-person field study to explore the notion of “contextual integrity,” i.e., how often applications access protected resources when users are not expecting it. Based on our collection of 27M data points and exit interviews with participants, we examine the situations in which users would like the ability to deny applications access to protected resources. At least 80% of our participants would have preferred to prevent at least one permission request, and overall, they stated a desire to block over a third of all requests. Our findings pave the way for future systems to automatically determine the situations in which users would want to be confronted with security decisions.
@InProceedings{wijesekera2015android,
author = {Wijesekera, Primal and Baokar, Arjun and Hosseini, Ashkan and Egelman, Serge and Wagner, David and Beznosov, Konstantin},
booktitle = {24th USENIX Security Symposium (USENIX Security 15)},
title = {{A}ndroid permissions remystified: {A} field study on contextual integrity},
year = {2015},
pages = {499--514},
abstract = {We instrumented the Android platform to collect data regarding how often and under what circumstances smartphone applications access protected resources regulated by permissions. We performed a 36-person field study to explore the notion of “contextual integrity,” i.e., how often applications access protected resources when users are not expecting it. Based on our collection of 27M data points and exit interviews with participants, we examine the situations in which users would like the ability to deny applications access to protected resources. At least 80% of our participants would have preferred to prevent at least one permission request, and overall, they stated a desire to block over a third of all requests. Our findings pave the way for future systems to automatically determine the situations in which users would want to be confronted with security decisions.},
url = {https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/wijesekera},
}
Downloads: 0
{"_id":"FXetN9CLch7kamp7B","bibbaseid":"wijesekera-baokar-hosseini-egelman-wagner-beznosov-androidpermissionsremystifiedafieldstudyoncontextualintegrity-2015","downloads":0,"creationDate":"2019-02-15T15:14:58.851Z","title":"Android permissions remystified: A field study on contextual integrity","author_short":["Wijesekera, P.","Baokar, A.","Hosseini, A.","Egelman, S.","Wagner, D.","Beznosov, K."],"year":2015,"bibtype":"inproceedings","biburl":"https://bibbase.org/f/i3hTAQ2wxvvLpcpZu/lersse_publications.bib","bibdata":{"bibtype":"inproceedings","type":"inproceedings","author":[{"propositions":[],"lastnames":["Wijesekera"],"firstnames":["Primal"],"suffixes":[]},{"propositions":[],"lastnames":["Baokar"],"firstnames":["Arjun"],"suffixes":[]},{"propositions":[],"lastnames":["Hosseini"],"firstnames":["Ashkan"],"suffixes":[]},{"propositions":[],"lastnames":["Egelman"],"firstnames":["Serge"],"suffixes":[]},{"propositions":[],"lastnames":["Wagner"],"firstnames":["David"],"suffixes":[]},{"propositions":[],"lastnames":["Beznosov"],"firstnames":["Konstantin"],"suffixes":[]}],"booktitle":"24th USENIX Security Symposium (USENIX Security 15)","title":"Android permissions remystified: A field study on contextual integrity","year":"2015","pages":"499–514","abstract":"We instrumented the Android platform to collect data regarding how often and under what circumstances smartphone applications access protected resources regulated by permissions. We performed a 36-person field study to explore the notion of “contextual integrity,” i.e., how often applications access protected resources when users are not expecting it. Based on our collection of 27M data points and exit interviews with participants, we examine the situations in which users would like the ability to deny applications access to protected resources. At least 80% of our participants would have preferred to prevent at least one permission request, and overall, they stated a desire to block over a third of all requests. Our findings pave the way for future systems to automatically determine the situations in which users would want to be confronted with security decisions.","url":"https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/wijesekera","bibtex":"@InProceedings{wijesekera2015android,\n author = {Wijesekera, Primal and Baokar, Arjun and Hosseini, Ashkan and Egelman, Serge and Wagner, David and Beznosov, Konstantin},\n booktitle = {24th USENIX Security Symposium (USENIX Security 15)},\n title = {{A}ndroid permissions remystified: {A} field study on contextual integrity},\n year = {2015},\n pages = {499--514},\n abstract = {We instrumented the Android platform to collect data regarding how often and under what circumstances smartphone applications access protected resources regulated by permissions. We performed a 36-person field study to explore the notion of “contextual integrity,” i.e., how often applications access protected resources when users are not expecting it. Based on our collection of 27M data points and exit interviews with participants, we examine the situations in which users would like the ability to deny applications access to protected resources. At least 80% of our participants would have preferred to prevent at least one permission request, and overall, they stated a desire to block over a third of all requests. Our findings pave the way for future systems to automatically determine the situations in which users would want to be confronted with security decisions.},\n url = {https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/wijesekera},\n}\n\n","author_short":["Wijesekera, P.","Baokar, A.","Hosseini, A.","Egelman, S.","Wagner, D.","Beznosov, K."],"key":"wijesekera2015android","id":"wijesekera2015android","bibbaseid":"wijesekera-baokar-hosseini-egelman-wagner-beznosov-androidpermissionsremystifiedafieldstudyoncontextualintegrity-2015","role":"author","urls":{"Paper":"https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/wijesekera"},"metadata":{"authorlinks":{}},"downloads":0},"search_terms":["android","permissions","remystified","field","study","contextual","integrity","wijesekera","baokar","hosseini","egelman","wagner","beznosov"],"keywords":[],"authorIDs":[],"dataSources":["SBafiCSLPjNDAPHQn","HfQ3oEd4cJiyfeXdw","P8JwfWqq8tkY57QYS","rCTENNFHjWxMTZask","gdEygGa34uWkjynDQ","ikcgcNLWkPYd7asYj","WjyYKjDEeDNZ5D7kg","YAZ3EPKt9iuMHML8Y","Z66AwpjqbyDaCRuAz","vzLiYoozjbMtpq3bv","yyg88BndAbrgER4pG","qxYmJrWKptQFZpZn2","uXASf7FkwMkTdi7XQ","L3Q9QEq5gEyYsbhX8","PCm8nFZLWR38NRiRu","jagWcnNcoBLvejBcm","8cHa97bWQybuQhHDo","Kx35bmNmuB9SWebed","M5QirAZCjcxYLMFLM","BpNnApTKxApG4JxkD","BuaeMqxTDRXAZtmNe","r8QoBNxamnpCZ3Dwb","gKAKkjtPkN44YFKMk","nDjRsp2dBrEbdKR78","Raz2SaaZA89irapRN","ZnaQsM7NDPZR4BFeb"]}