{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,20]],"date-time":"2026-04-20T22:53:51Z","timestamp":1776725631001,"version":"3.51.2"},"reference-count":48,"publisher":"MDPI AG","issue":"20","license":[{"start":{"date-parts":[[2022,10,18]],"date-time":"2022-10-18T00:00:00Z","timestamp":1666051200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Molde University College\u2014Specialized University in Logistics, Norway"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>Smartphone adaptation in society has been progressing at a very high speed. Having the ability to run on a vast variety of devices, much of the user base possesses an Android phone. Its popularity and flexibility have played a major role in making it a target of different attacks via malware, causing loss to users, both financially and from a privacy perspective. Different malware and their variants are emerging every day, making it a huge challenge to come up with detection and preventive methodologies and tools. Research has spawned in various directions to yield effective malware detection mechanisms. Since malware can adopt different ways to attack and hide, accurate analysis is the key to detecting them. Like any usual mobile app, malware requires permission to take action and use device resources. There are 235 total permissions that the Android app can request on a device. Malware takes advantage of this to request unnecessary permissions, which would enable those to take malicious actions. Since permissions are critical, it is important and challenging to identify if an app is exploiting permissions and causing damage. The focus of this article is to analyze the identified studies that have been conducted with a focus on permission analysis for malware detection. With this perspective, a systematic literature review (SLR) has been produced. Several papers have been retrieved and selected for detailed analysis. Current challenges and different analyses were presented using the identified articles.<\/jats:p>","DOI":"10.3390\/s22207928","type":"journal-article","created":{"date-parts":[[2022,10,19]],"date-time":"2022-10-19T00:58:51Z","timestamp":1666141131000},"page":"7928","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":7,"title":["Detecting Malware by Analyzing App Permissions on Android Platform: A Systematic Literature Review"],"prefix":"10.3390","volume":"22","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-0416-657X","authenticated-orcid":false,"given":"Adeel","family":"Ehsan","sequence":"first","affiliation":[{"name":"Department of Computer Science & Engineering, Qatar University, Doha 2713, Qatar"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0959-2930","authenticated-orcid":false,"given":"Cagatay","family":"Catal","sequence":"additional","affiliation":[{"name":"Department of Computer Science & Engineering, Qatar University, Doha 2713, Qatar"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1275-2050","authenticated-orcid":false,"given":"Alok","family":"Mishra","sequence":"additional","affiliation":[{"name":"Informatics and Digitalization Group, Faculty of Logistics, Molde University College-Specialized University in Logistics, 6410 Molde, Norway"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1968","published-online":{"date-parts":[[2022,10,18]]},"reference":[{"key":"ref_1","unstructured":"(2022, June 14). Statista: Number of Smartphone Users Worldwide from 2016 to 2021. Available online: https:\/\/www.statista.com\/statistics\/330695\/number-of-smartphone-users-worldwide."},{"key":"ref_2","unstructured":"(2022, June 14). Statista, Mobile Operating Systems\u2019 Market Share Worldwide from January 2012 to June 2021. Available online: https:\/\/www.statista.com\/statistics\/272698\/global-marketshare-held-by-mobile-operating-systems-since-2009."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"998","DOI":"10.1109\/COMST.2014.2386139","article-title":"Android security: A survey of issues, malware penetration, and defenses","volume":"17","author":"Faruki","year":"2014","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"891","DOI":"10.1007\/s11219-017-9368-4","article-title":"A survey on dynamic mobile malware detection","volume":"26","author":"Yan","year":"2018","journal-title":"Softw. Qual. J."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"59","DOI":"10.9734\/ajrcos\/2021\/v7i430189","article-title":"Efficiency of malware detection in android system: A survey","volume":"2","author":"Omer","year":"2021","journal-title":"Asian J. Res. Comput. Sci."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"918","DOI":"10.1109\/TNSM.2019.2952462","article-title":"An extended framework of privacy-preserving computation with flexible access control","volume":"17","author":"Ding","year":"2019","journal-title":"IEEE Trans. Netw. Serv. Manag."},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"363","DOI":"10.1109\/TDSC.2017.2786247","article-title":"Privacy-preserving data processing with flexible access control","volume":"17","author":"Ding","year":"2017","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"ref_8","unstructured":"(2022, June 14). Android Malware Dataset for Machine Learning. Available online: https:\/\/www.kaggle.com\/datasets\/shashwatwork\/android-malware-dataset-for-machine-learning."},{"key":"ref_9","unstructured":"(2022, June 14). CICMalDroid 2020. Available online: https:\/\/www.unb.ca\/cic\/datasets\/maldroid-2020.html."},{"key":"ref_10","unstructured":"(2022, September 01). Glossary|NIST, Available online: https:\/\/www.nist.gov\/itl\/smallbusinesscyber\/cybersecurity-basics\/glossary."},{"key":"ref_11","unstructured":"(2022, September 01). What Is Adware. Available online: https:\/\/www.kaspersky.com\/resource-center\/threats\/adware."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"116363","DOI":"10.1109\/ACCESS.2020.3002842","article-title":"A systematic literature review of android malware detection using static analysis","volume":"8","author":"Pan","year":"2020","journal-title":"IEEE Access"},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Jogsan, S. (2020). A Survey on Permission Based Malware Detection in Android Applications. Int. J. Eng. Res., 9, Available online: https:\/\/www.ijert.org\/volume-09-issue-04-april-2020.","DOI":"10.17577\/IJERTV9IS040774"},{"key":"ref_14","first-page":"3","article-title":"Survey on Permission Based Android Malware Detection Techniques","volume":"7","author":"Mohana","year":"2019","journal-title":"IJEDR"},{"key":"ref_15","unstructured":"Kitchenham, B. (2004). Procedures for Performing Systematic Reviews, Keele University."},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Aswini, M., and Vinod, P. (2014, January 17\u201319). Droid permission miner: Mining prominent permissions for Android malware analysis. Proceedings of the Fifth International Conference on the Applications of Digital Information and Web Technologies (ICADIWT 2014), Chennai, India.","DOI":"10.1109\/ICADIWT.2014.6814679"},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1109\/CC.2014.6911083","article-title":"Android malware detection with contrasting permission patterns","volume":"11","author":"Xiong","year":"2014","journal-title":"China Commun."},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Morales-Ortega, S., Escamilla-Ambrosio, P.J., Rodriguez-Mota, A., and Coronado-De-Alba, L.D. (2016, January 18\u201321). Native malware detection in smartphones with android OS using static analysis, feature selection and ensemble classifiers. Proceedings of the 2016 11th International Conference on Malicious and Unwanted Software (MALWARE), Fajardo, PR, USA.","DOI":"10.1109\/MALWARE.2016.7888731"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Sun, L., Li, Z., Yan, Q., Srisa-an, W., and Pan, Y. (2016, January 18\u201321). SigPID: Significant permission identification for android malware detection. Proceedings of the 2016 11th International Conference on Malicious and Unwanted Software (MALWARE), Fajardo, PR, USA.","DOI":"10.1109\/MALWARE.2016.7888730"},{"key":"ref_20","first-page":"1","article-title":"Android malware detection using permission analysis","volume":"2017","author":"Shahriar","year":"2017","journal-title":"SoutheastCon"},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Lu, T., and Hou, S. (2018, January 18\u201320). A Two-Layered Malware Detection Model Based on Permission for Android. Proceedings of the 2018 IEEE International Conference on Computer and Communication Engineering Technology (CCET), Beijing, China.","DOI":"10.1109\/CCET.2018.8542215"},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Park, J., Chun, H., and Jung, S. (2018, January 1\u201312). API and permission-based classification system for Android malware analysis. Proceedings of the 2018 International Conference on Information Networking (ICOIN), Chiang Mai, Thailand.","DOI":"10.1109\/ICOIN.2018.8343260"},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Ilham, S., Abderrahim, G., and Abdelhakim, B.A. (2018, January 10\u201311). Permission Based Malware Detection in Android Devices. Proceedings of the 3rd International Conference on Smart City Applications, Tetouan, Morocco.","DOI":"10.1145\/3286606.3286860"},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"1968","DOI":"10.1109\/TIFS.2019.2950134","article-title":"PermPair: Android Malware Detection Using Permission Pairs","volume":"15","author":"Arora","year":"2020","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Turnip, T.N., Situmorang, A., Lumbantobing, A., Marpaung, J., and Situmeang, S.I.G. (2020, January 16\u201317). Android Malware Classification Based on Permission Categories Using Extreme Gradient Boosting. Proceedings of the 5th International Conference on Sustainable Information Engineering and Technology, Malang, Indonesia.","DOI":"10.1145\/3427423.3427427"},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Khariwal, K., Singh, J., and Arora, A. (2020, January 27\u201328). IPDroid: Android Malware Detection using Intents and Permissions. Proceedings of the 2020 Fourth World Conference on Smart Trends in Systems, Security and Sustainability (WorldS4), London, UK.","DOI":"10.1109\/WorldS450073.2020.9210414"},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Alsoghyer, S., and Almomani, I. (2020, January 4\u20135). On the Effectiveness of Application Permissions for Android Ransomware Detection. Proceedings of the 2020 6th Conference on Data Science and Machine Learning Applications (CDMA), Riyadh, Saudi Arabia.","DOI":"10.1109\/CDMA47397.2020.00022"},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Amer, E. (2021, January 26\u201327). Permission-Based Approach for Android Malware Analysis Through Ensemble-Based Voting Model. Proceedings of the 2021 International Mobile, Intelligent, and Ubiquitous Computing Conference (MIUCC), Cairo, Egypt.","DOI":"10.1109\/MIUCC52538.2021.9447675"},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Arif, J.M., Razak, M.F.A., Awang, S., Mat, S.R.T., Ismail, N.S.N., and Firdaus, A. (2021). A static analysis approach for Android permission-based malware detection systems. PLoS ONE, 16.","DOI":"10.1371\/journal.pone.0257968"},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Manzil, H.H.R., and Naik, M.S. (2022, January 21\u201322). COVID-Themed Android Malware Analysis and Detection Framework Based on Permissions. Proceedings of the 2022 International Conference for Advancement in Technology (ICONAT), Goa, India.","DOI":"10.1109\/ICONAT53423.2022.9726024"},{"key":"ref_31","first-page":"103159","article-title":"You are what the permissions told me! Android malware detection based on hybrid tactics","volume":"66","author":"Wang","year":"2022","journal-title":"J. Inf. Secur. Appl."},{"key":"ref_32","unstructured":"(2022, September 01). Provide Information for Google Play\u2019s Data Safety Section-Play Console Help. Available online: https:\/\/support.google.com\/googleplay\/android-developer\/answer\/10787469?hl=en."},{"key":"ref_33","unstructured":"(2022, September 01). Apple\u2019s App Store Has Many Scams\u2014The Washington Post. Available online: https:\/\/www.washingtonpost.com\/technology\/2021\/06\/06\/apple-app-store-scams-fraud\/."},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Cui, H., Zhou, Y., Wang, C., Li, Q., and Ren, K. (2018, January 11\u201313). Towards Privacy-Preserving Malware Detection Systems for Android. Proceedings of the 2018 IEEE 24th International Conference on Parallel and Distributed Systems (ICPADS), Singapore.","DOI":"10.1109\/PADSW.2018.8644924"},{"key":"ref_35","doi-asserted-by":"crossref","unstructured":"Kucuk, Y., Patil, N., Shu, Z., and Yan, G. (2018, January 26\u201328). BigBing: Privacy-Preserving Cloud-Based Malware Classification Service. Proceedings of the 2018 IEEE Symposium on Privacy-Aware Computing (PAC), Washington, DC, USA.","DOI":"10.1109\/PAC.2018.00011"},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"Hsu, R.-H. (2020, January 20\u201321). A Privacy-Preserving Federated Learning System for Android Malware Detection Based on Edge Computing. Proceedings of the 2020 15th Asia Joint Conference on Information Security (AsiaJCIS), Taipei, Taiwan.","DOI":"10.1109\/AsiaJCIS50894.2020.00031"},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"43","DOI":"10.1016\/j.inffus.2021.12.006","article-title":"EPMDroid: Efficient and Privacy-Preserving Malware Detection Based on SGX through Data Fusion. Information Fusion","volume":"82","author":"Wei","year":"2022","journal-title":"Inf. Fusion"},{"key":"ref_38","unstructured":"(2022, September 02). Android Releases|Android Developers. Available online: https:\/\/developer.android.com\/about\/versions."},{"key":"ref_39","doi-asserted-by":"crossref","unstructured":"Mohamed, S.E., Ashaf, M., Ehab, A., Shereef, O., Metwaie, H., and Amer, E. (2021, January 26\u201327). Detecting Malicious Android Applications Based on API calls and Permissions Using Machine learning Algorithms. Proceedings of the 2021 International Mobile, Intelligent, and Ubiquitous Computing Conference (MIUCC), Cairo, Egypt.","DOI":"10.1109\/MIUCC52538.2021.9447594"},{"key":"ref_40","unstructured":"(2022, September 02). Android Open Source Project. Available online: https:\/\/source.android.com\/."},{"key":"ref_41","doi-asserted-by":"crossref","unstructured":"Zhou, Y., and Jiang, X. (2012, January 24\u201325). Dissecting Android Malware: Characterization and Evolution. Proceedings of the 2012 IEEE Symposium on Security and Privacy, San Francisco, CA, USA.","DOI":"10.1109\/SP.2012.16"},{"key":"ref_42","doi-asserted-by":"crossref","unstructured":"Lin, K.Y., and Huang, W.R. (2020, January 16\u201319). Using federated learning on malware classification. Proceedings of the 2020 22nd International Conference on Advanced Communication Technology (ICACT), Pyeongchang, Korea.","DOI":"10.23919\/ICACT48636.2020.9061261"},{"key":"ref_43","doi-asserted-by":"crossref","first-page":"3501","DOI":"10.1109\/TII.2021.3119038","article-title":"Federated Learning for Cybersecurity: Concepts, Challenges, and Future Directions","volume":"18","author":"Alazab","year":"2021","journal-title":"IEEE Trans. Ind. Inform."},{"key":"ref_44","doi-asserted-by":"crossref","unstructured":"McDole, A., Abdelsalam, M., Gupta, M., and Mittal, S. (2020). Analyzing CNN based behavioural malware detection techniques on cloud IaaS. International Conference on Cloud Computing, Springer.","DOI":"10.1007\/978-3-030-59635-4_5"},{"key":"ref_45","doi-asserted-by":"crossref","unstructured":"Gera, T., Singh, J., Thakur, D., and Faruki, P. (2020). A semi-automated approach for identification of trends in android ransomware literature. International Conference on Machine Learning for Networking, Springer.","DOI":"10.1007\/978-3-030-70866-5_18"},{"key":"ref_46","first-page":"377","article-title":"A hybrid deep learning image-based analysis for effective malware detection","volume":"47","author":"Venkatraman","year":"2019","journal-title":"J. Inf. Secur. Appl."},{"key":"ref_47","doi-asserted-by":"crossref","first-page":"157","DOI":"10.1007\/s11416-019-00346-7","article-title":"Deep learning for image-based mobile malware detection","volume":"16","author":"Mercaldo","year":"2020","journal-title":"J. Comput. Virol. Hacking Tech."},{"key":"ref_48","doi-asserted-by":"crossref","first-page":"102400","DOI":"10.1016\/j.cose.2021.102400","article-title":"A novel framework for image-based malware detection with a deep neural network","volume":"109","author":"Jian","year":"2021","journal-title":"Comput. Secur."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/22\/20\/7928\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T00:56:35Z","timestamp":1760144195000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/22\/20\/7928"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,10,18]]},"references-count":48,"journal-issue":{"issue":"20","published-online":{"date-parts":[[2022,10]]}},"alternative-id":["s22207928"],"URL":"https:\/\/doi.org\/10.3390\/s22207928","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,10,18]]}}}