Permission-based Malware Detection Mechanisms on Android: Analysis and Perspectives
DOI:
关键词:
摘要: Android security has been built upon a permission-based mechanism which restricts accesses of third-party applications to critical resources on an device. The user must accept the set permissions application requires, before proceeding installation. This process aims inform users risk installing and using their device; but most often, even when permission system is well understood, are not aware enough threat endangered, trust either store or popularity application, installation without trying analyse intentions developer. Increasingly, one develops approaches aiming characterise malware with permissions, individually associatively, machine learning classifiers. objective in this paper investigate literature mechanisms for characterisation detection based previous aspects. For that, we illustrate describe limitations existing works promising considerations future research.
researchgate.net 参考文章(55)
Devdatta Akhawe, Matthew Finifter, Adrienne Porter Felt, David Wagner, Serge Egelman, How to ask for permission usenix conference on hot topics in security. pp. 7- 7 ,(2012)
Kevin Allix, Yves Le Traon, Tegawendé François D Assise Bissyande, Jacques Klein, Machine Learning-Based Malware Detection for Android Applications: History Matters! University of Luxembourg, SnT. ,(2014)
Borja Sanz, Igor Santos, Carlos Laorden, Xabier Ugarte-Pedrero, Pablo Garcia Bringas, Gonzalo Álvarez, PUMA: Permission Usage to Detect Malware in Android CISIS/ICEUTE/SOCO Special Sessions. pp. 289- 298 ,(2013) , 10.1007/978-3-642-33018-6_30
Eric Struse, Julian Seifert, Sebastian Üllenbeck, Enrico Rukzio, Christopher Wolf, PermissionWatcher: Creating User Awareness of Application Permissions in Mobile Systems Lecture Notes in Computer Science. pp. 65- 80 ,(2012) , 10.1007/978-3-642-34898-3_5
Gianluca Dini, Fabio Martinelli, Ilaria Matteucci, Marinella Petrocchi, Andrea Saracino, Daniele Sgandurra, A Multi-criteria-Based Evaluation of Android Applications international conference on trusted systems. pp. 67- 82 ,(2012) , 10.1007/978-3-642-35371-0_7
William Enck, Defending users against smartphone apps: techniques and future directions international conference on information systems security. pp. 49- 70 ,(2011) , 10.1007/978-3-642-25560-1_3
Todd Millstein, Kristopher K. Micinski, Jinseong Jeon, Nikhilesh Reddy, Jeffrey S. Foster, Yixin Zhu, Jeffrey A. Vaughan, Dr. Android and Mr. Hide: Fine-grained security policies on unmodified Android ,(2011)
Clemens Orthacker, Peter Teufl, Stefan Kraxberger, Günther Lackner, Michael Gissing, Alexander Marsalek, Johannes Leibetseder, Oliver Prevenhueber, Android Security Permissions – Can We Trust Them? security and privacy in mobile information and communication systems. pp. 40- 51 ,(2011) , 10.1007/978-3-642-30244-2_4
Min Zheng, Patrick P. C. Lee, John C. S. Lui, ADAM: an automatic and extensible platform to stress test android anti-virus systems international conference on detection of intrusions and malware and vulnerability assessment. pp. 82- 101 ,(2012) , 10.1007/978-3-642-37300-8_5
Dawn Song, Avrim Blum, Shobha Venkataraman, Limits of Learning-based Signature Generation with Adversaries. network and distributed system security symposium. ,(2008)