Click to open the HelpDesk interface
AECE - Front page banner

Menu:


FACTS & FIGURES

JCR Impact Factor: 0.825
JCR 5-Year IF: 0.752
SCOPUS CiteScore: 2.5
Issues per year: 4
Current issue: Aug 2022
Next issue: Nov 2022
Avg review time: 76 days
Avg accept to publ: 48 days
APC: 300 EUR


PUBLISHER

Stefan cel Mare
University of Suceava
Faculty of Electrical Engineering and
Computer Science
13, Universitatii Street
Suceava - 720229
ROMANIA

Print ISSN: 1582-7445
Online ISSN: 1844-7600
WorldCat: 643243560
doi: 10.4316/AECE


TRAFFIC STATS

1,972,669 unique visits
787,498 downloads
Since November 1, 2009



Robots online now
bingbot


SCOPUS CiteScore

SCOPUS CiteScore


SJR SCImago RANK

SCImago Journal & Country Rank




TEXT LINKS

Anycast DNS Hosting
MOST RECENT ISSUES

 Volume 22 (2022)
 
     »   Issue 3 / 2022
 
     »   Issue 2 / 2022
 
     »   Issue 1 / 2022
 
 
 Volume 21 (2021)
 
     »   Issue 4 / 2021
 
     »   Issue 3 / 2021
 
     »   Issue 2 / 2021
 
     »   Issue 1 / 2021
 
 
 Volume 20 (2020)
 
     »   Issue 4 / 2020
 
     »   Issue 3 / 2020
 
     »   Issue 2 / 2020
 
     »   Issue 1 / 2020
 
 
 Volume 19 (2019)
 
     »   Issue 4 / 2019
 
     »   Issue 3 / 2019
 
     »   Issue 2 / 2019
 
     »   Issue 1 / 2019
 
 
  View all issues  








LATEST NEWS

2022-Jun-28
Clarivate Analytics published the InCites Journal Citations Report for 2021. The InCites JCR Impact Factor of Advances in Electrical and Computer Engineering is 0.825 (0.722 without Journal self-cites), and the InCites JCR 5-Year Impact Factor is 0.752.

2022-Jun-16
SCOPUS published the CiteScore for 2021, computed by using an improved methodology, counting the citations received in 2018-2021 and dividing the sum by the number of papers published in the same time frame. The CiteScore of Advances in Electrical and Computer Engineering in 2021 is 2.5, the same as for 2020 but better than all our previous results.

2021-Jun-30
Clarivate Analytics published the InCites Journal Citations Report for 2020. The InCites JCR Impact Factor of Advances in Electrical and Computer Engineering is 1.221 (1.053 without Journal self-cites), and the InCites JCR 5-Year Impact Factor is 0.961.

2021-Jun-06
SCOPUS published the CiteScore for 2020, computed by using an improved methodology, counting the citations received in 2017-2020 and dividing the sum by the number of papers published in the same time frame. The CiteScore of Advances in Electrical and Computer Engineering in 2020 is 2.5, better than all our previous results.

2021-Apr-15
Release of the v3 version of AECE Journal website. We moved to a new server and implemented the latest cryptographic protocols to assure better compatibility with the most recent browsers. Our website accepts now only TLS 1.2 and TLS 1.3 secure connections.

Read More »


    
 

  3/2022 - 9

An Entropy-based Method for Social Apps Privacy Assessment Using the Android Permissions Architecture

SANDOR, A. See more information about SANDOR, A. on SCOPUS See more information about SANDOR, A. on IEEExplore See more information about SANDOR, A. on Web of Science, SIMION, E. See more information about SIMION, E. on SCOPUS See more information about SIMION, E. on SCOPUS See more information about SIMION, E. on Web of Science
 
View the paper record and citations in View the paper record and citations in Google Scholar
Click to see author's profile in See more information about the author on SCOPUS SCOPUS, See more information about the author on IEEE Xplore IEEE Xplore, See more information about the author on Web of Science Web of Science

Download PDF pdficon (1,107 KB) | Citation | Downloads: 116 | Views: 98

Author keywords
data privacy, information entropy, information security, permission, mobile applications

References keywords
android(24), privacy(19), security(15), mobile(13), access(11), applications(10), analysis(8), malware(6), apps(6), software(5)
Blue keywords are present in both the references section and the paper title.

About this article
Date of Publication: 2022-08-31
Volume 22, Issue 3, Year 2022, On page(s): 79 - 86
ISSN: 1582-7445, e-ISSN: 1844-7600
Digital Object Identifier: 10.4316/AECE.2022.03009
SCOPUS ID: 85137687061

Abstract
Quick view
Full text preview
Android social applications tend to be more and more popular as smartphones became very important devices for most people. Social applications increase smartphones functionalities, enabling them with most of the features available on computers. However, the use of smartphone social applications introduces users a series of vulnerabilities and risks on privacy and data protection. We aim to increase awareness on this field and propose a method to make privacy assessments and offering insights on the security and privacy level of an app before installing it. This article has the purpose to offer a solution for this type of assessment, using information entropy. The concept, widely operated in information science, will be used in this paper to evaluate social applications from the perspective of the Android operating system permission-based architecture. Using calculations of the entropy, social applications can be evaluated as safe or dangerous from a privacy and data protection point of view.


References | Cited By  «-- Click to see who has cited this paper

[1] S. Ribeiro-Navarrete, J. R. Saura, D. Palacios-Marques, "Towards a new era of mass data collection: Assessing pandemic surveillance technologies to preserve user privacy," Technological Forecasting and Social Change, vol. 167, 2021.
[CrossRef] [Web of Science Times Cited 36] [SCOPUS Times Cited 53]


[2] European Union Agency for Network and Information Security (ENISA), "Privacy and data protection in mobile applications. A study on the app development ecosystem and the technical implementation of GDPR,", November 2017

[3] M. Marsch, J. Grossklags, S. Patil, "Won't you think of others? Inderdependent privacy in smartphone app permissions," Proceedings of the ACM on Human-Computer Interaction, vol. 5, pp. 1-35, 2021.
[CrossRef] [SCOPUS Times Cited 2]


[4] M. Hatamian, "Engineering privacy in smartphone apps: a technical guideline catalog for app developers," IEEE Access, vol. 8, pp. 35429-35445, 2020.
[CrossRef] [Web of Science Times Cited 10] [SCOPUS Times Cited 16]


[5] L. Verderame, D. Caputo, A. Romdhana, A. Merlo, "On the (un)reliability of privacy policies in Android apps," in Proceedings of the 2020 International Joint Conference on Neural Networks (IJCNN), Glasgow, UK, pp. 1-9, 2020.
[CrossRef] [SCOPUS Times Cited 10]


[6] K. Oztoprak, "Mobile subscription profiling and personal service generation using location awareness," Advances in Electrical and Computer Engineering, vol. 18, no. 3, pp. 105-112, 2018.
[CrossRef] [Full Text] [Web of Science Record] [SCOPUS Times Cited 1]


[7] A. M. Farkade, S. R. Kaware, "The Android – a widely growing mobile operating system with its mobile based application," International Journal of Computer Science and Mobile Applications, vol. 3, no. 1, pp. 39-45, 2015

[8] I. M. Almomani, A. Al Khayer, "A comprehensive analysis of the Android permissions system," IEEE Access, vol. 8, pp. 216671-216688, 2020.
[CrossRef] [Web of Science Times Cited 11] [SCOPUS Times Cited 19]


[9] A. Sadeghi, R. Jabbarvand, N. Ghorbani, H. Bagheri, S. Malek, "A temporal permission analysis and enforcement framework for Android," in Proceedings of the 40th International Conference on Software Engineering, Gothenburg, Sweden, pp. 846-857, 2018.
[CrossRef] [Web of Science Times Cited 15] [SCOPUS Times Cited 23]


[10] Z. R. Alkindi, M. Sarrab, N. Alzidi, "Android application permission model. Issues and privacy violation," in Proceedings of the 4th Free and Open-Source Software Conference, Muscat, Oman, pp. 47-50, 2019

[11] Y. Feng, L. Chen, A. Zheng, C. Gao, Z. Zheng, "AC-Net: assessing the consistency of description and permission in Android apps," IEEE Access, vol. 7, pp. 57829-57842, 2019.
[CrossRef] [Web of Science Times Cited 10] [SCOPUS Times Cited 13]


[12] B. Liu, M. S. Andersen, F. Shaub, H. Almuhimedi, S. Zhang, N. Sadeh, A. Acquisti, Y. Agarwal, "Follow my recommendations: a personalized privacy assistant for mobile app permissions," in Proceedings of the 12th Symposium on Usable Privacy and Security, Denver, Colorado, USA, pp. 27-41, 2016

[13] H. Q. de la Vallee, P. Selby, S. Krishnamurthi, "On a (per)mission: building privacy into the app marketplace," in Proceedings 6th Workshop on Security and Privacy in Smartphones and Mobile Devices, Vienna, Austria, pp. 63-72, 2016.
[CrossRef] [Web of Science Times Cited 5] [SCOPUS Times Cited 10]


[14] F. Ebrahimi, M. Tushev, A. Mahmoud, "Mobile app privacy in software engineering research: a systematic mapping study," IEEE Transactions on Software Engineering, vol. 14, no. 8, 2019.
[CrossRef]


[15] G. Shrivastava, P. Kumar, "Privacy analysis of Android applications: state-of-art and literary assessment," Scalable Computing: Practice and Experience, vol. 18, no. 3, pp. 243-252, 2017.
[CrossRef] [Web of Science Times Cited 8] [SCOPUS Times Cited 17]


[16] T. Bruggemann, T. Dehling, A. Sunyaev, "No more risk, more fun! Automating breach of confidentiality risk assessment for Android mobile health applications," in Proceedings of the 52nd Hawaii International Conference on System Sciences, Grand Wailea, Hawaii, USA, pp. 4266-4275, 2019

[17] Q. Qian, J. Cai, M. Xie, R. Zhang, "Malicious behavior analysis for Android applications," International Journal of Network Security, vol. 18, no. 1, pp. 182-192, 2016.
[CrossRef]


[18] K. Alkhattabi, A. Alshehri, C. Yue, "Security and privacy analysis of Android family locator apps," in Proceedings of the 25th ACM Symposium on Access Control Models and Technologies, Barcelona, Spain, pp. 47-58, 2020.
[CrossRef] [Web of Science Record] [SCOPUS Times Cited 1]


[19] A. I. Ali-Gombe, B. Saltaformaggio, J. Ramanujam, D. Xu, G.G. Richard, "Toward a more dependable hybrid analysis of Android malware using aspect-oriented programming," Computers & Security, vol. 73, pp. 235-248, 2018.
[CrossRef] [Web of Science Times Cited 23] [SCOPUS Times Cited 30]


[20] G. Hu, B. Zhang, X. Xiao, W. Zhang, L. Liao, Y. Zhou, X. Yan, "SAMLDroid: a static taint analysis and machine learning combined high-accuracy method for identifying Android apps with location privacy leakage risks," Entropy, vol. 23, no. 11, 2021.
[CrossRef] [Web of Science Record] [SCOPUS Times Cited 2]


[21] I. K. Aksakalli, "Using convolutional neural network for Android malware detection," Computer Modelling & New Technologies, vol. 23, no. 1, pp. 29-35, 2019

[22] M. Ganesh, P. Pednekar, P. Prabhuswamy, D. S. Nair, Y. Park, H. Jeon, "CNN-based Android malware detection," in Proceedings of 2017 International Conference on Software Security and Assurance (ICSSA), Altoona, USA, pp. 60-65, 2017.
[CrossRef] [Web of Science Times Cited 20] [SCOPUS Times Cited 31]


[23] R. Sankardas. J. DeLoach, Y. Li, N. Herndon, D. Caragea, X. Ou, V.P. Ranganath, H. Li, N. Guevara, "Experimental study with real-world data for Android app security analysis using machine learning," Proceedings of the 31st Annual Computer Security Applications Conference (ACSAC 2015), Los Angeles, USA, pp. 81-90, 2015.
[CrossRef] [SCOPUS Times Cited 49]


[24] F. Alswaina, K. Elleithy, "Android malware permission-based multi-class classification using extremely randomized trees," IEEE Access, vol. 6, pp. 76217-76227, 2018.
[CrossRef] [Web of Science Times Cited 18] [SCOPUS Times Cited 26]


[25] A. Quattrone, L. Kulik, E. Tanin, K. Ramamohanarao, T. Gu, "PrivacyPalisade: evaluating app permissions and building privacy into smartphones," in Proceedings of the 10th International Conference on Information, Communications and Signal Processing (ICICS), Singapore, pp. 1-5, 2015.
[CrossRef] [SCOPUS Times Cited 4]


[26] G. M. Kapitsaki, M. Ioannou, "Examining the privacy vulnerability level of Android applications," in Proceeding of the 15th International Conference on Web Information Systems and Technologies, Vienna, Austria, pp. 34-45, 2019.
[CrossRef] [Web of Science Record] [SCOPUS Times Cited 2]


[27] N. Chau, S. Jung, "An entropy-based solution for identifying Android packers," IEEE Access, vol. 7, pp. 28412-28421, 2019.
[CrossRef] [Web of Science Times Cited 2] [SCOPUS Times Cited 4]


[28] M. Deypir, "Entropy-based security risk measurement for Android mobile applications," Soft Computing, vol. 23, no. 16, pp. 7303-7319, 2019.
[CrossRef] [Web of Science Times Cited 7] [SCOPUS Times Cited 10]


[29] M. Yang, L. Jia, T. Gao, T. Zhang, W. Xie, "Research on privacy security steady state evaluation model of mobile application based on information entropy and Markov theory," International Journal of Network Security, vol. 23, no. 5, pp. 807-816, 2021.
[CrossRef]


[30] T. Zhang, K. Zhao, M. Yang, T. Gao, W. Xie, "Research on privacy security risks assessment method of mobile commerce based on information entropy and Markov," Wireless Communications and Mobile Computing, vol. 2020, pp. 1-11, 2020.
[CrossRef] [Web of Science Times Cited 4] [SCOPUS Times Cited 7]


[31] A. Sandor, G. Tont, "Android social applications permission overview from a privacy perspective," in Proceedings of the 16th International Conference on Engineering of Modern Electric Systems (EMES), pp. 1-4, 2021.
[CrossRef] [SCOPUS Times Cited 1]


[32] S. Rani, K. S. Dhindsa, "Android malware detection in official and third-party application stores," International Journal of Advanced Networking and Applications, vol. 9, no. 4, pp. 3506-3509, 2018

[33] E. Derr, S. Bugiel, S. Fahl, Y. Acar, M. Backes, "Keep me updated: an empirical study of third-party library updatability on Android," in Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, Dallas, USA, pp. 2187-2200, 2017.
[CrossRef] [Web of Science Times Cited 67] [SCOPUS Times Cited 84]


[34] W. Yang, Y. Zhang, J. Li, H. Liu, Q. Wang, Y. Zhang, D. Gu, "Show me the money! Finding flawed implementations of third-party in-app payment in Android apps," in Proceedings of 2017 Network and Distributed System Security Symposium, San Diego, USA, 2017.
[CrossRef] [Web of Science Times Cited 6]


[35] M. Spreitzenbarth, F. Freiling, "Android malware on the rise," University of Erlangen, Dept. of Computer Science, Technical reports, CS-2012-04, 2012



References Weight

Web of Science® Citations for all references: 242 TCR
SCOPUS® Citations for all references: 415 TCR

Web of Science® Average Citations per reference: 7 ACR
SCOPUS® Average Citations per reference: 12 ACR

TCR = Total Citations for References / ACR = Average Citations per Reference

We introduced in 2010 - for the first time in scientific publishing, the term "References Weight", as a quantitative indication of the quality ... Read more

Citations for references updated on 2022-09-29 11:08 in 197 seconds.




Note1: Web of Science® is a registered trademark of Clarivate Analytics.
Note2: SCOPUS® is a registered trademark of Elsevier B.V.
Disclaimer: All queries to the respective databases were made by using the DOI record of every reference (where available). Due to technical problems beyond our control, the information is not always accurate. Please use the CrossRef link to visit the respective publisher site.

Copyright ©2001-2022
Faculty of Electrical Engineering and Computer Science
Stefan cel Mare University of Suceava, Romania


All rights reserved: Advances in Electrical and Computer Engineering is a registered trademark of the Stefan cel Mare University of Suceava. No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from the Editor. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Faculty of Electrical Engineering and Computer Science, Stefan cel Mare University of Suceava, Romania, if and only if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.

Permission for other use: The copyright owner's consent does not extend to copying for general distribution, for promotion, for creating new works, or for resale. Specific written permission must be obtained from the Editor for such copying. Direct linking to files hosted on this website is strictly prohibited.

Disclaimer: Whilst every effort is made by the publishers and editorial board to see that no inaccurate or misleading data, opinions or statements appear in this journal, they wish to make it clear that all information and opinions formulated in the articles, as well as linguistic accuracy, are the sole responsibility of the author.




Website loading speed and performance optimization powered by: