Papilio: Visualizing Android Application Permissions

We introduce Papilio, a new visualization technique for visualizing permissions of real-world Android applications. We explore the development of layouts that exploit the directed acyclic nature of Android application permission data to develop a new explicit layout technique that incorporates aspects of set membership, node-link diagrams and matrix layouts. By grouping applications based on sets of requested permissions, a structure can be formed with partially ordered relations. The Papilio layout shows sets of applications centrally, the relations among applications on one side and application permissions, as the reason behind the existence of the partial order, on the other side. Using Papilio to explore a set of Android applications as a case study has led to new security findings regarding permission usage by Android applications.