Applications are created by programmers to fulfill specific tasks on a user device. For example, applications may provide utility, entertainment, and/or productivity functionalities to a user of the user device. Applications may be built into a user device (e.g., telecommunication, text message, clock, camera, etc.) or may be customized (e.g., games, news, transportation schedules, online shopping, etc.). An application is installed on a user device prior to fulfilling a specific task associated with the application. When users seek to install an application on to a user device, the users are prompted to grant certain permissions for an installation to occur. A permission is a restriction limiting or granting access to a functionality and/or to data on a user device. For example, a user may be prompted to allow the application to modify or delete stored content, receive text messages (SMS), manage other applications, record audio, pinpoint geographical location, access network services, determine user device status, or identity, modify, and read contact information, etc.
Often times, applications on user devices are configured by default to request that users grant the applications permission to access the functionalities and/or data stored on the user devices, even though an application may not use such access to execute the primary functions of the applications. Accordingly, by allowing applications to access a variety of excessive and unnecessary user device functionalities and/or data, users potentially expose themselves to privacy risks. For example, excessive permissions may be used by rogue applications to maliciously and unintentionally perform actions that steal sensitive user information or increase the likelihood of loss of confidentiality, integrity, or availability of sensitive information or critical services without a user's awareness.