Abstract
System permissions play a crucial role in the Android security architecture. They are used to restrict app operations only to resources (e.g., file system, network) that the user has agreed to share. In this paper, we present ACCUSE (Android Confidentiality Concern User Support Environment),an approach aimed at helping Android users and developers to compare and contrast the risk level of a set of Android apps. First, ACCUSE assigns to each app risk factors based on the Android classification of permissions. Then, such factors are combined with the app rating and downloading information to produce a new, overall risk factor. ACCUSE has been evaluated on a realworld dataset of 11,576 android apps as well as on a baseline of around 1000 known malware apps. Our results show that ACCUSE always assigns high risk to known malware apps, and outperforms the state-of-the-art.