Abstract
The Android platform uses a permission system model to allow users and developers to regulate access to private information and system resources required by applications. Permissions have been proved to be useful for inferring behaviors and characteristics of an application. In this paper, a novel method to extract contrasting permission patterns for clean and malicious applications is proposed. Contrary to existing work, both required and used permissions were considered when discovering the patterns. We evaluated our methodology on a clean and a malware dataset, each comprising of 1227 applications. Our empirical results suggest that our permission patterns can capture key differences between clean and malicious applications, which can assist in characterizing these two types of applications.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Orozco, A.: Is Google Acknowledging Android is not Secure? Malwarebytes (June 2013), http://blog.malwarebytes.org/intelligence/2013/06/is-google-acknowledging-android-is-not-secure-hmm/
Gilbert, P., Byung-Gon, C., Landon, P.C., Jaeyeon, J.: Vision: automated security validation of mobile apps at app markets. In: Proceedings of the 2nd International Workshop on Mobile Cloud Computing and Services (MCS 2011), Washington, USA, pp. 21–26 (June 2011)
Frank, M., Dong, B., Felt, A.P., Song, D.: Mining permission request patterns from Android and Facebook applications. In: Proceedings of the IEEE International Conference on Data Mining, Brussels, Belgium (ICDM 2012), pp. 1–16 (December 2012), http://arxiv.org/abs/1210.2429
Felt, A.P., Ha, E., Egelman, S., Haney, A., Chin, E., Wagner, D.: Android permissions: User attention, comprehension and behavior. In: Proceedings of the Symposium on Usable Privacy and Security (SOUPS 2012), Washington, D.C, vol. 3, pp. 1–14 (July 2012)
Zhou, Y., Jiang, X.: Dissecting Android malware: Characterization and evolution. In: Proceedings of the IEEE Symposium on Security and Privacy (SP 2012), San Francisco, CA, pp. 95–109 (May 2012)
Felt, A.P., Greenwood, K., Wagner, D.: The effectiveness of application permissions. In: Proceedings of the USENIX Conference on Web Application Development (WebApps 2011), Portland, Oregon, pp. 1–12 (June 2011)
Chia, P.H., Yamamoto, Y., Asokan, N.: Is this app safe? a large scale study on application permissions and risk signals. In: Proceedings of the 21st International Conference on World Wide Web (WWW 2012), Lyon, France, pp. 311–320 (April 2012)
International Secure Systems Lab. Andrubis: Analyzing Android binaries, http://anubis.iseclab.org (accessed in May 2012)
Open Handset Alliance. Android, http://www.openhandsetalliance.com/android_overview.html (accessed in November 2007)
Ableson, F.: Introduction to Android development, http://www.ibm.com/developerworks/library/os-android-devel (accessed in May 2009)
Google. Google play, https://play.google.com (accessed in December 2012)
Google. Android permissions, http://developer.android.com/guide/topics/manifest/permission-element.html (accessed in December 2012)
Bartel, A., Klein, J., Monperrus, M., Traon, Y.L.: Automatically securing permission-based software by reducing theattack surface - an application to Android. In: Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering (ASE 2012), Essen, Germany, pp. 274–277 (September 2012)
Sanz, B., Santos, I., Laorden, C., Ugarte-Pedrero, X., Bringas, P.G., Álvarez, G.: PUMA: Permission usage to detect malware in android. In: Herrero, Á., et al. (eds.) Int. Joint Conf. CISIS’12-ICEUTE’12-SOCO’12. AISC, vol. 189, pp. 289–298. Springer, Heidelberg (2013)
Sahs, J., Khan, L.: A machine learning approach to Android malware detection. In: Proceedings of the European Intelligence and Security Informatics Conference (EISIC 2012), Odense, Denmark, pp. 141–147 (August 2012)
Wu, D.J., Mao, C.H., Wei, T.E., Lee, H.M., Wu, K.P.: DroidMat: Android malware detection through manifest and API calls tracing. In: Proceedings of the 2012 Seventh Asia Joint Conference on InformationSecurity (Asia JCIS 2012), Tokyo, Japan, pp. 62–69 (August 2012)
Zhou, Y., Wang, Z., Zhou, W., Jiang, X.: Hey, You, Get Off of My Market: Detecting Malicious Appsin Official and Alternative Android Markets. In: Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS 2012), San Diego, California, pp. 1–13 (February 2012)
Agrawal, R., Imieinski, T., Swami, A.: Mining association rules between sets of items in large databases. In: Buneman, P., Jajodia, S. (eds.) Proceedings of the ACM SIGMOD International Conference on the Managementof Data, Washington, DC, pp. 207–216. ACM Press (1993)
Liu, S., Law, R., Rong, J., Li, G., Hall, J.: Analyzing changes in hotel customers’ expectations by trip mode. International Journal of Hospitality Management (2012) (in press)
Rong, J., Vu, H.Q., Law, R., Li, G.: A behavioral analysis of web sharers and browsers inhong kong using targeted association rule mining. Tourism Management 33(4), 731–740 (2012), http://dx.doi.org/10.1016/j.tourman.2011.08.006
Law, R., Rong, R., Vu, H.Q., Li, G., Lee, H.A.: Identifying changes and trends in hong kong outbound tourism. Tourism Management 32(5), 1106–1114 (2011)
Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D.: Android permissions demystified. In: Proceedings of the ACM Conference and Communications Security (CCS 2011), Chicago, USA, pp. 627–638 (October 2011)
F-Secure. Trojan:android/droidkungfu.c, http://www.f-secure.com/v-descs/trojan_android_droidkungfu_c.shtml (accessed in January 2013)
Android Developer. Location strategies, http://developer.android.com/guide/topics/location/strategies.html (accessed in January 2013)
Chin, E., Felt, A.P., Greenwood, K., Wagner, D.: Analyzing inter-application communication in Android. In: Proceedings of the 9th Annual International Conference on Mobile Systems, Applications, and Services (MobiSys 2011), Washington, USA, pp. 239–252 (June 2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Moonsamy, V., Rong, J., Liu, S., Li, G., Batten, L. (2013). Contrasting Permission Patterns between Clean and Malicious Android Applications. In: Zia, T., Zomaya, A., Varadharajan, V., Mao, M. (eds) Security and Privacy in Communication Networks. SecureComm 2013. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 127. Springer, Cham. https://doi.org/10.1007/978-3-319-04283-1_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-04283-1_5
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-04282-4
Online ISBN: 978-3-319-04283-1
eBook Packages: Computer ScienceComputer Science (R0)