Using probabilistic generative models for ranking risks of Android apps
作者: Hao Peng , Chris Gates , Bhaskar Sarma , Ninghui Li , Yuan Qi
关键词:
摘要: One of Android's main defense mechanisms against malicious apps is a risk communication mechanism which, before user installs an app, warns the about permissions app requires, trusting that will make right decision. This approach has been shown to be ineffective as it presents information each in "tand-alone" ashion and way requires too much technical knowledge time distill useful information.We introduce notion scoring ranking for Android apps, improve identify three desiderata effective scheme. We propose use probabilistic generative models schemes, several such models, ranging from simple Naive Bayes, advanced hierarchical mixture models. Experimental results conducted using real-world datasets show general significantly outperform existing approaches, Bayes give promising approach.
acm.org
core.ac.uk 
sci-hub.se 参考文章(25)
Abdallah Abbey Sebyala, Temitope Olukemi, Lionel Sacks, Active Platform Security through Intrusion Detection Using Naïve Bayesian Network for Anomaly Detection ,(2002)
Damien Octeau, William Enck, Patrick McDaniel, Swarat Chaudhuri, A study of android application security usenix security symposium. pp. 21- 21 ,(2011)
Wen-tau Yih, Joshua Goodman, Online Discriminative Spam Filter Training. conference on email and anti-spam. ,(2006)
Rahul Potharaju, Andrew Newell, Cristina Nita-Rotaru, Xiangyu Zhang, Plagiarizing smartphone applications: attack strategies and defense techniques international conference on engineering secure software and systems. pp. 106- 120 ,(2012) , 10.1007/978-3-642-28166-2_11
Adrienne Porter Felt, Kate Greenwood, David Wagner, The effectiveness of application permissions usenix conference on web application development. pp. 7- 7 ,(2011)
Christopher M. Bishop, Pattern Recognition and Machine Learning (Information Science and Statistics) Springer-Verlag New York, Inc.. ,(2006)
David M Blei, Andrew Y Ng, Michael I Jordan, None, Latent dirichlet allocation Journal of Machine Learning Research. ,vol. 3, pp. 993- 1022 ,(2003) , 10.5555/944919.944937
William Enck, Patrick McDaniel, Jaeyeon Jung, Byung-Gon Chun, Peter Gilbert, Anmol N. Sheth, Landon P. Cox, TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones operating systems design and implementation. pp. 393- 407 ,(2010) , 10.5555/1924943.1924971
Sara Motiee, Kirstie Hawkey, Konstantin Beznosov, Do windows users follow the principle of least privilege?: investigating user account control practices symposium on usable privacy and security. pp. 1- ,(2010) , 10.1145/1837110.1837112
David Barrera, H. G üne ş Kayacik, Paul C. van Oorschot, Anil Somayaji, A methodology for empirical analysis of permission-based security models and its application to android Proceedings of the 17th ACM conference on Computer and communications security - CCS '10. pp. 73- 84 ,(2010) , 10.1145/1866307.1866317