A self-configuring and adaptive privacy-aware permission system for Android apps

Since 2008, app stores are boosting an increasing distribution of mobile apps and, today, mobile devices keep unprecedented handy capabilities at end-users’ fingertips. The price to be paid for this convenience often involves supplying and processing a certain amount of personal information, exposing end-users to novel security and privacy threats. In previous work, we proposed Android Flexible Permissions (AFP), a user-centric approach for the management of Android permissions that empowers end-users with fine-grained control over their personal data. In this paper, we extend AFP with self-configuration and self-adaptation capabilities in order to (i) ease the adoption process through the awareness of user privacy preferences, and (ii) timely adapt the permissions configuration to protect against unforeseen threats that might arise over time. Performance and accuracy of the approach implementation have been evaluated by using data collected from 46 Android users.