Skip to main content
SpringerLink
Log in

Performance Evaluation on Permission-Based Detection for Android Malware

  • Conference paper
Advances in Intelligent Systems and Applications - Volume 2

Part of the book series: Smart Innovation, Systems and Technologies ((SIST,volume 21))

Abstract

It is a straightforward idea to detect a harmful mobile application based on the permissions it requests. This study attempts to explore the possibility of detecting malicious applications in Android operating system based on permissions. Compare against previous researches, we collect a relative large number of benign and malicious applications (124,769 and 480, respectively) and conduct experiments based on the collected samples. In addition to the requested and the required permissions, we also extract several easy-to-retrieve features from application packages to help the detection of malicious applications. Four commonly used machine learning algorithms including AdaBoost, Naïve Bayes, Decision Tree (C4.5), and Support Vector Machine are used to evaluate the performance. Experimental results show that a permission-based detector can detect more than 81% of malicious samples. However, due to its precision, we conclude that a permission-based mechanism can be used as a quick filter to identify malicious applications. It still requires a second pass to make complete analysis to a reported malicious application.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 259.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 329.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 329.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Lockheimer, H.: Android and security. Official Google Mobile Blog (February 2012), http://googlemobile.blogspot.tw/2012/02/android-and-security.html

  2. <permission>. Android Developer - API Guides - Android Manifest, http://developer.android.com/guide/topics/manifest/permission-element.html

  3. Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D.: Android permissions demystified. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 627–638 (2011)

    Google Scholar 

  4. Johnson, R., Wang, Z., Gagnon, C., Stavrou, A.: Analysis android applications’ permissions. In: Proceedings of the 6th International Conference on Software Security and Reliability (2012)

    Google Scholar 

  5. Enck, W., Ongtang, M., McDaniel, P.: Understanding android security. IEEE Security and Privacy 7(1), 50–57 (2009)

    Article  Google Scholar 

  6. Barrera, D., Kayacik, H.G., van Oorschot, P.C., Somayaji, A.: A methodology for empirical analysis of permission-based security models and its application to android. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 73–84 (2010)

    Google Scholar 

  7. Zhou, Y., Jiang, X.: Dissecting android malware: Characterization and evolution. In: Proceedings of the 33rd IEEE Symposium on Security and Privacy, pp. 95–109 (2012)

    Google Scholar 

  8. Desnos, A.: androguard - reverse engineering, malware and goodware analysis of android applications ... and more (ninja !). Googld Project Hosting, http://code.google.com/p/androguard/

  9. Cesare, S., Xiang, Y.: Classification of malware using structured control flow. In: Proceedings of the 8th Australasian Symposium on Parallel and Distributed Computing (2010)

    Google Scholar 

  10. Pouik, G0rfi3ld: Similarities for fun & profit. Phrack #68 (April 2012), http://www.phrack.org/issues.html?issue=68&id=15#article

  11. Schmidt, A.D., Bye, R., Schmidt, H.G., Clausen, J., Kiraz, O., Yuksel, K.A., Camtepe, S.A., Albayrak, S.: Static analysis of executables for collaborative malware detection on android. In: Proceedings of IEEE International Conference on Communications (2009)

    Google Scholar 

  12. Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (2011)

    Google Scholar 

  13. Freke, J.: smali - an assembler/disassembler for android’s dex format. Google Project Hosting, http://code.google.com/p/smali/

  14. Hall, M., Frank, E., Holmes, G., Pfahringer, B., Reutemann, P., Witten, I.H.: The WEKA data mining software: an update. SIGKDD Explorations Newsletter 11(1), 10–18 (2009)

    Article  Google Scholar 

  15. Hsu, C.W., Chang, C.C., Lin, C.J.: A practical guide to support vector classification. Technical report, Department of Computer Science and Information Engineering, National Taiwan University (2009), http://www.csie.ntu.edu.tw/%7ecjlin/libsvm/

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, National Taiwan Ocean University, Keelung, Taiwan, 20224

    Chun-Ying Huang, Yi-Ting Tsai & Chung-Han Hsu

Authors
  1. Chun-Ying Huang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yi-Ting Tsai
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Chung-Han Hsu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Chun-Ying Huang .

Editor information

Editors and Affiliations

  1. of Applied Sciences, Department of Electronic Engineering, National Kaohsiung University, Jiàngōng Road, Kaohsiung, 807, Taiwan R.O.C.

    Jeng-Shyang Pan

  2. , Department of Computer Science and, National Dong Hwa University, #1, Sec. 2, Da Hsueh Rd., Hualien, Taiwan R.O.C.

    Ching-Nung Yang

  3. , Department of Computer Science and, Providence University, #200, Chung-shi Rd., Taichung, Taiwan R.O.C.

    Chia-Chen Lin

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Huang, CY., Tsai, YT., Hsu, CH. (2013). Performance Evaluation on Permission-Based Detection for Android Malware. In: Pan, JS., Yang, CN., Lin, CC. (eds) Advances in Intelligent Systems and Applications - Volume 2. Smart Innovation, Systems and Technologies, vol 21. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35473-1_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-35473-1_12

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-35472-4

  • Online ISBN: 978-3-642-35473-1

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation