Permission-based security models provide controlled access to various system resources. The expressiveness of the permission set plays an important role in providing the right level of granularity in access control. In this work, we present a methodology for the empirical analysis of permission-based security models which makes novel use of the Self-Organizing Map (SOM) algorithm of Kohonen (2001). While the proposed methodology may be applicable to a wide range of architectures, we analyze 1,100 Android applications as a case study.
- access control
- permission-based security
- self-organizing maps
- smartphone operating systems
Barrera, D., Kayacik, H. G., Van Oorschot, P., & Somayaji, A. (2010). A methodology for empirical analysis of permission-based security models and its application to android. In Proceedings of the 17th ACM conference on Computer and Communications Security (CCS'10) (pp. 73-84). ACM, Inc.. https://doi.org/10.1145/1866307.1866317