Abstract— Today, people can do most of their daily work using their smartphones due to the significant improvement in smartphones technology. Therefore, there are a massive number of applications in the market that carry a large amount of sensitive personal data. In Android mobile, there are many malicious applications that aim to collect users’ sensitive data without user awareness. Users can agree on a list of permissions that are required by an application during the installation process without understanding how these permissions could lead to privacy leaks or attacks. Most of the applications in Android market require permissions to access the device information such as IMEI, IMSI, phone number and Android ID. In our project, we will study each element of system information and present some attack scenarios using these permissions to make the Android community aware of the risks they take by granting the permissions that access or use the device information.
Risks BEHINd granting access to system information in Android os