An Effective Approach to Measuring and Assessing the Risk of Android Application

作者: Huikang Hao , Zhoujun Li , Haibo Yu

DOI: 10.1109/TASE.2015.16

关键词:

摘要: As the most popular platform, Android dominates mobile device market. In order to enrich functions of phone and facilitate utilization users, more applications have been developed. Unfortunately, a greatly increasing amount malware targeting platform mingle with numerous benign hide in almost every market, even official market Google Play. Therefore, it is pressing concern about how measure assess risk such apps. this paper, we propose novel approach deal problem. First all, through empirical analysis market-scale dataset, verify following fact: for set same category, type number permissions they request are similar consistent general. Hence, each can construct standard permission vector model, which be used as baseline category. For downloaded app, extract its requested form vector, whose deviation from calculated by employing Euclidean distance weighted distance. The metric app. Finally, an experiment on real-world consisting 7737 apps 1260 samples, conducted evaluate our method. result validates effectiveness help users understand when decide install

参考文章(20)
Borja Sanz, Igor Santos, Carlos Laorden, Xabier Ugarte-Pedrero, Pablo Garcia Bringas, Gonzalo Álvarez, PUMA: Permission Usage to Detect Malware in Android CISIS/ICEUTE/SOCO Special Sessions. pp. 289- 298 ,(2013) , 10.1007/978-3-642-33018-6_30
Yousra Aafer, Wenliang Du, Heng Yin, DroidAPIMiner: Mining API-Level Features for Robust Malware Detection in Android Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering. pp. 86- 103 ,(2013) , 10.1007/978-3-319-04283-1_6
Suleiman Y. Yerima, Gavin McWilliams, Sakir Sezer, Analysis of Bayesian classification-based approaches for Android malware detection Iet Information Security. ,vol. 8, pp. 25- 36 ,(2014) , 10.1049/IET-IFS.2013.0095
Iker Burguera, Urko Zurutuza, Simin Nadjm-Tehrani, Crowdroid Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices - SPSM '11. pp. 15- 26 ,(2011) , 10.1145/2046614.2046619
Thomas Bläsing, Leonid Batyuk, Aubrey-Derrick Schmidt, Seyit Ahmet Camtepe, Sahin Albayrak, An Android Application Sandbox system for suspicious software detection international conference on malicious and unwanted software. pp. 55- 62 ,(2010) , 10.1109/MALWARE.2010.5665792
Naser Peiravian, Xingquan Zhu, Machine Learning for Android Malware Detection Using Permission and API Calls international conference on tools with artificial intelligence. pp. 300- 305 ,(2013) , 10.1109/ICTAI.2013.53
William Enck, Machigar Ongtang, Patrick McDaniel, On lightweight mobile phone application certification computer and communications security. pp. 235- 245 ,(2009) , 10.1145/1653662.1653691
Dong-Jie Wu, Ching-Hao Mao, Te-En Wei, Hahn-Ming Lee, Kuo-Ping Wu, DroidMat: Android Malware Detection through Manifest and API Calls Tracing information security. pp. 62- 69 ,(2012) , 10.1109/ASIAJCIS.2012.18
Kevin Allix, Quentin Jerome, Tegawende F. Bissyande, Jacques Klein, Radu State, Yves Le Traon, A Forensic Analysis of Android Malware -- How is Malware Written and How it Could Be Detected? 2014 IEEE 38th Annual Computer Software and Applications Conference. pp. 384- 393 ,(2014) , 10.1109/COMPSAC.2014.61
Michael Grace, Yajin Zhou, Qiang Zhang, Shihong Zou, Xuxian Jiang, RiskRanker Proceedings of the 10th international conference on Mobile systems, applications, and services - MobiSys '12. pp. 281- 294 ,(2012) , 10.1145/2307636.2307663