FAIR: Fuzzy alarming index rule for privacy analysis in smartphone apps

Abstract

In this paper, we introduce an approach that aims at increasing individuals’ privacy awareness. We perform a privacy risk assessment of the smartphone applications (apps) installed on a user’s device. We implemented an app behaviour monitoring tool that collects information about access to sensitive resources by each installed app. We then calculate a privacy risk score using a fuzzy logic based approach that considers type, number and frequency of access on resources. The combination of these two concepts provides the user with information about the privacy invasiveness level of the monitored apps. Our approach enables users to make informed privacy decisions, i.e. restrict permissions or report an app based on resource access events. We evaluate our approach by analysing the behaviour of selected apps and calculating their associated privacy score. Initial results demonstrate the applicability of our approach, which allows the comparison of apps by reporting to the user the detected events and the resulting privacy risk score.