{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,5]],"date-time":"2025-08-05T12:19:31Z","timestamp":1754396371538,"version":"3.41.0"},"publisher-location":"Cham","reference-count":36,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319715001"},{"type":"electronic","value":"9783319715018"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-71501-8_4","type":"book-chapter","created":{"date-parts":[[2017,11,21]],"date-time":"2017-11-21T07:46:46Z","timestamp":1511250406000},"page":"53-73","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":17,"title":["Hey Doc, Is This Normal?: Exploring Android Permissions in the Post Marshmallow Era"],"prefix":"10.1007","author":[{"given":"Efthimios","family":"Alepis","sequence":"first","affiliation":[]},{"given":"Constantinos","family":"Patsakis","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,11,22]]},"reference":[{"doi-asserted-by":"crossref","unstructured":"Achara, J.P., Cunche, M., Roca, V., Francillon, A.: WifiLeaks: underestimated privacy implications of the access_wifi_state Android permission. In: Proceedings of the 2014 ACM Conference on Security and Privacy in Wireless and Mobile Networks, pp. 231\u2013236. ACM (2014)","key":"4_CR1","DOI":"10.1145\/2627393.2627399"},{"key":"4_CR2","doi-asserted-by":"publisher","first-page":"17841","DOI":"10.1109\/ACCESS.2017.2747626","volume":"5","author":"E Alepis","year":"2017","unstructured":"Alepis, E., Patsakis, C.: Monkey says, monkey does: security and privacy on voice assistants. IEEE Access 5, 17841\u201317851 (2017)","journal-title":"IEEE Access"},{"doi-asserted-by":"crossref","unstructured":"Alepis, E., Patsakis, C.: Theres wally! location tracking in Android without permissions. In: Proceedings of the 3rd International Conference on Information Systems Security and Privacy, ICISSP, vol. 1, pp. 278\u2013284. INSTICC, ScitePress (2017)","key":"4_CR3","DOI":"10.5220\/0006125502780284"},{"key":"4_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"334","DOI":"10.1007\/978-3-319-66332-6_15","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"E Alepis","year":"2017","unstructured":"Alepis, E., Patsakis, C.: Trapped by the UI: the Android case. In: Dacier, M., Bailey, M., Polychronakis, M., Antonakakis, M. (eds.) RAID 2017. LNCS, vol. 10453, pp. 334\u2013354. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-66332-6_15"},{"unstructured":"Android Developer: Manifest.permission - System_Alert_Window. https:\/\/developer.android.com\/reference\/android\/Manifest.permission.html#SYSTEM_ALERT_WINDOW. Accessed 28 Mar 2017","key":"4_CR5"},{"unstructured":"Android Source Code: platform_frameworks_base\/core\/res\/AndroidManifest.xml (2017). https:\/\/github.com\/Android\/platform_frameworks_base\/blob\/master\/core\/res\/AndroidManifest.xml","key":"4_CR6"},{"doi-asserted-by":"crossref","unstructured":"Balebako, R., Jung, J., Lu, W., Cranor, L.F., Nguyen, C.: Little brothers watching you: raising awareness of data leaks on smartphones. In: Proceedings of the Ninth Symposium on Usable Privacy and Security, p. 12. ACM (2013)","key":"4_CR7","DOI":"10.1145\/2501604.2501616"},{"doi-asserted-by":"crossref","unstructured":"Barrera, D., Kayacik, H.G., van Oorschot, P.C., Somayaji, A.: A methodology for empirical analysis of permission-based security models and its application to Android. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 73\u201384. ACM (2010)","key":"4_CR8","DOI":"10.1145\/1866307.1866317"},{"doi-asserted-by":"crossref","unstructured":"Bartel, A., Klein, J., Le Traon, Y., Monperrus, M.: Automatically securing permission-based software by reducing the attack surface: an application to Android. In: Proceedings of the 27th IEEE\/ACM International Conference on Automated Software Engineering, pp. 274\u2013277. ACM (2012)","key":"4_CR9","DOI":"10.1145\/2351676.2351722"},{"doi-asserted-by":"publisher","unstructured":"Blasco, J., Chen, T.M.: Automated generation of colluding apps for experimental research. J. Comput. Virol. Hacking Tech. 1\u201312 (2017). https:\/\/doi.org\/10.1007\/s11416-017-0296-4","key":"4_CR10","DOI":"10.1007\/s11416-017-0296-4"},{"unstructured":"Book, T., Pridgen, A., Wallach, D.S.: Longitudinal analysis of Android ad library permissions. arXiv preprint arXiv:1303.0857 (2013)","key":"4_CR11"},{"doi-asserted-by":"crossref","unstructured":"Book, T., Wallach, D.S.: A case of collusion: a study of the interface between ad libraries and their apps. In: Proceedings of the Third ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 79\u201386. ACM (2013)","key":"4_CR12","DOI":"10.1145\/2516760.2516762"},{"key":"4_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"346","DOI":"10.1007\/978-3-642-18178-8_30","volume-title":"Information Security","author":"L Davi","year":"2011","unstructured":"Davi, L., Dmitrienko, A., Sadeghi, A.-R., Winandy, M.: Privilege escalation attacks on Android. In: Burmester, M., Tsudik, G., Magliveras, S., Ili\u0107, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 346\u2013360. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-18178-8_30"},{"doi-asserted-by":"crossref","unstructured":"Diao, W., Liu, X., Zhou, Z., Zhang, K.: Your voice assistant is mine: how to abuse speakers to steal information and control your phone. In: Proceedings of the 4th ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 63\u201374. ACM (2014)","key":"4_CR14","DOI":"10.1145\/2666620.2666623"},{"doi-asserted-by":"crossref","unstructured":"Dimitriadis, A., Efraimidis, P.S., Katos, V.: Malevolent app pairs: an Android permission overpassing scheme. In: Proceedings of the ACM International Conference on Computing Frontiers, pp. 431\u2013436. ACM (2016)","key":"4_CR15","DOI":"10.1145\/2903150.2911706"},{"doi-asserted-by":"crossref","unstructured":"Durumeric, Z., Kasten, J., Adrian, D., Halderman, J.A., Bailey, M., Li, F., Weaver, N., Amann, J., Beekman, J., Payer, M., et al.: The matter of heartbleed. In: Proceedings of the 2014 Conference on Internet Measurement Conference, pp. 475\u2013488. ACM (2014)","key":"4_CR16","DOI":"10.1145\/2663716.2663755"},{"issue":"2","key":"4_CR17","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1145\/2619091","volume":"32","author":"W Enck","year":"2014","unstructured":"Enck, W., Gilbert, P., Han, S., Tendulkar, V., Chun, B.G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. (TOCS) 32(2), 5 (2014)","journal-title":"ACM Trans. Comput. Syst. (TOCS)"},{"key":"4_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"144","DOI":"10.1007\/978-3-642-39884-1_12","volume-title":"Financial Cryptography and Data Security","author":"S Fahl","year":"2013","unstructured":"Fahl, S., Harbach, M., Oltrogge, M., Muders, T., Smith, M.: Hey, you, get off of my clipboard. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 144\u2013161. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-39884-1_12"},{"issue":"2","key":"4_CR19","doi-asserted-by":"publisher","first-page":"998","DOI":"10.1109\/COMST.2014.2386139","volume":"17","author":"P Faruki","year":"2015","unstructured":"Faruki, P., Bharmal, A., Laxmi, V., Ganmoor, V., Gaur, M.S., Conti, M., Rajarajan, M.: Android security: a survey of issues, malware penetration, and defenses. IEEE Commun. Surv. Tutor. 17(2), 998\u20131022 (2015)","journal-title":"IEEE Commun. Surv. Tutor."},{"doi-asserted-by":"crossref","unstructured":"Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D.: Android permissions demystified. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 627\u2013638. ACM (2011)","key":"4_CR20","DOI":"10.1145\/2046707.2046779"},{"unstructured":"Felt, A.P., Greenwood, K., Wagner, D.: The effectiveness of application permissions. In: Proceedings of the 2nd USENIX Conference on Web Application Development, p. 7 (2011)","key":"4_CR21"},{"doi-asserted-by":"crossref","unstructured":"Felt, A.P., Ha, E., Egelman, S., Haney, A., Chin, E., Wagner, D.: Android permissions: user attention, comprehension, and behavior. In: Proceedings of the Eighth Symposium on Usable Privacy and Security, p. 3. ACM (2012)","key":"4_CR22","DOI":"10.1145\/2335356.2335360"},{"doi-asserted-by":"crossref","unstructured":"Fratantonio, Y., Qian, C., Chung, S., Lee, W.: Cloak and Dagger: from two permissions to complete control of the UI feedback loop. In: Proceedings of the IEEE Symposium on Security and Privacy (Oakland), San Jose, CA, May 2017","key":"4_CR23","DOI":"10.1109\/SP.2017.39"},{"unstructured":"Goodin, D.: Beware of ads that use inaudible sound to link your phone, TV, Tablet, and PC (2015). http:\/\/arstechnica.com\/tech-policy\/2015\/11\/beware-of-ads-that-use-inaudible-sound-to-link-your-phone-tv-tablet-and-pc\/","key":"4_CR24"},{"unstructured":"Grace, M.C., Zhou, Y., Wang, Z., Jiang, X.: Systematic detection of capability leaks in stock Android smartphones. In: NDSS (2012)","key":"4_CR25"},{"doi-asserted-by":"crossref","unstructured":"Jeon, J., Micinski, K.K., Vaughan, J.A., Fogel, A., Reddy, N., Foster, J.S., Millstein, T.: Dr. Android and Mr. Hide: fine-grained permissions in Android applications. In: Proceedings of the Second ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 3\u201314. ACM (2012)","key":"4_CR26","DOI":"10.1145\/2381934.2381938"},{"key":"4_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"68","DOI":"10.1007\/978-3-642-34638-5_6","volume-title":"Financial Cryptography and Data Security","author":"PG Kelley","year":"2012","unstructured":"Kelley, P.G., Consolvo, S., Cranor, L.F., Jung, J., Sadeh, N., Wetherall, D.: A conundrum of permissions: installing applications on an Android smartphone. In: Blyth, J., Dietrich, S., Camp, L.J. (eds.) FC 2012. LNCS, vol. 7398, pp. 68\u201379. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-34638-5_6"},{"doi-asserted-by":"crossref","unstructured":"Kywe, S.M., Li, Y., Petal, K., Grace, M.: Attacking Android smartphone systems without permissions. In: 2016 14th Annual Conference on Privacy, Security and Trust (PST), pp. 147\u2013156. IEEE (2016)","key":"4_CR28","DOI":"10.1109\/PST.2016.7906949"},{"key":"4_CR29","series-title":"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1007\/978-3-642-30244-2_4","volume-title":"Security and Privacy in Mobile Information and Communication Systems","author":"C Orthacker","year":"2012","unstructured":"Orthacker, C., Teufl, P., Kraxberger, S., Lackner, G., Gissing, M., Marsalek, A., Leibetseder, J., Prevenhueber, O.: Android security permissions \u2013 can we trust them? In: Prasad, R., Farkas, K., Schmidt, A.U., Lioy, A., Russello, G., Luccio, F.L. (eds.) MobiSec 2011. LNICSSITE, vol. 94, pp. 40\u201351. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-30244-2_4"},{"unstructured":"Peles, O., Hay, R.: One class to rule them all: 0-day deserialization vulnerabilities in Android. In: 9th USENIX Workshop on Offensive Technologies (WOOT 2015) (2015)","key":"4_CR30"},{"doi-asserted-by":"crossref","unstructured":"Poeplau, S., Fratantonio, Y., Bianchi, A., Kruegel, C., Vigna, G.: Execute this! analyzing unsafe and malicious dynamic code loading in Android applications. In: 21st Annual Network and Distributed System Security Symposium, NDSS 2014, San Diego, California, USA, 23\u201326 February 2014. The Internet Society (2014)","key":"4_CR31","DOI":"10.14722\/ndss.2014.23328"},{"unstructured":"SnoopWall: Flashlight apps threat assessment report (2014). http:\/\/www.snoopwall.com\/wp-content\/uploads\/2015\/02\/Flashlight-Spyware-Report-2014.pdf","key":"4_CR32"},{"key":"4_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"183","DOI":"10.1007\/978-3-319-50463-6_15","volume-title":"Mobile, Secure, and Programmable Networking","author":"V Tsiakos","year":"2016","unstructured":"Tsiakos, V., Patsakis, C.: AndroPatchApp: taming rogue ads in Android. In: Boumerdassi, S., Renault, \u00c9., Bouzefrane, S. (eds.) MSPN 2016. LNCS, vol. 10026, pp. 183\u2013196. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-50463-6_15"},{"doi-asserted-by":"crossref","unstructured":"Wei, X., Gomez, L., Neamtiu, I., Faloutsos, M.: Permission evolution in the Android ecosystem. In: Proceedings of the 28th Annual Computer Security Applications Conference, pp. 31\u201340. ACM (2012)","key":"4_CR34","DOI":"10.1145\/2420950.2420956"},{"doi-asserted-by":"crossref","unstructured":"Yang, L., Boushehrinejadmoradi, N., Roy, P., Ganapathy, V., Iftode, L.: Short paper: enhancing users\u2019 comprehension of Android permissions. In: Proceedings of the Second ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 21\u201326. ACM (2012)","key":"4_CR35","DOI":"10.1145\/2381934.2381940"},{"key":"4_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"72","DOI":"10.1007\/978-3-319-08509-8_5","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"X Zhang","year":"2014","unstructured":"Zhang, X., Du, W.: Attacks on Android clipboard. In: Dietrich, S. (ed.) DIMVA 2014. LNCS, vol. 8550, pp. 72\u201391. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-08509-8_5"}],"container-title":["Lecture Notes in Computer Science","Security, Privacy, and Applied Cryptography Engineering"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-71501-8_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,27]],"date-time":"2025-06-27T05:46:49Z","timestamp":1751003209000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-71501-8_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319715001","9783319715018"],"references-count":36,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-71501-8_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2017]]},"assertion":[{"value":"22 November 2017","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SPACE","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Security, Privacy, and Applied Cryptography Engineering","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Goa","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"India","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2017","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 December 2017","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17 December 2017","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"7","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"space2017","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.space.dbcegoa.ac.in\/index.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}