DescriptionAndroid OS enforces security and privacy by means of sandboxing to isolate the execution of one application from another and by means of system permissions to restrict access to sensitive information. Android system permissions are designed to let users decide which permissions are allowed for an app. In this thesis, we show attacks to retrieve user information from Android devices by exploiting the Android framework. We also built a classifier for inferring the everyday activities of the users. This classifier has on average an accuracy of 97.9%, precision of 89.09%, specificity of 98.85%, sensitivity of 88.9%, and an F-score of 88.42%.