Identification of Privacy Risks for Android Users and Effective Protection Mechanisms

During the last few years, smartphones have seen a marked increase in popularity, due to its many attractive features such as GPS functionality and apps such as e-mail clients, address book, and many more. The world’s most popular mobile Operating System is Android, consequently Android devices are at the center of much research which discuss their points of strengths and weaknesses. An important tool of Android smartphones is Application Programming Interface (API); it is a combination of benefits, meaning they allow to create user services, and risks, especially for user privacy. Taking advantage of the API, it is possible to make data travel from our device and third parties via network and vice versa. This thesis analyzes the data flow on smartphones with Android Operating System. We present, through the APIs and the network, how the user's information leaves the mobile device, putting the user's privacy at risk and how the information invades the device influencing user behavior. We deal with various techniques to create useful services for citizens through user profiling and how similar procedures can be used to create attack scenarios to steal personal data, highlighting users misunderstandings about the use of their data by applications. Moreover advanced tools were presented to guide the user in using the mobile device and understanding the behavior of apps installed on the device, protecting their security and avoiding the loss of sensitive information. Each proposed solution has been tested with multiple real datasets containing data taken from mobile devices, demonstrating the potential of methods proposed.