App-Collusion Detection Using a Two-Stage Classifier

  • Md. Faiz Iqbal FaizEmail author
  • Md. Anwar Hussain
  • Ningrinla Marchang
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 927)


Various single app analysis tools are developed for checking Android malwares in the smartphones. All of them are unable to detect threats caused by more than one app. Android app-collusion is one such threat. App-collusion is a scenario where two or more apps collaborate with each other to achieve a malicious goal. This paper presents an approach for detecting collusive app-pairs using machine learning. The proposed approach works in two stages. In the fist stage, we train a base classifier using a set of benign and malicious applications. In the second stage, we use the parameter vector from the first stage and a different classifier to detect collusive app-pairs. We achieve detection rates of 90% and 87.5% on two sets of colluding app-pairs.



This work was funded by grant from the Visvesvaraya Fellowship Scheme (Govt. of India).


  1. 1.
    Bartel, A., Bissyande, T., Klein, J., Traon, Y.L., Azert, S., Li, L.: IccTA: detecting inter-component privacy leaks in android apps. In: Proceedings of 37th International Conference on Software Engineering, Florence, IEEE, pp. 280–291 (2015)Google Scholar
  2. 2.
    Blasco, J., Chen T.M.: Automated generation of colluding apps for experimental research. J. Comput. Virol. Hack. Tech. 14, 127 (2018).
  3. 3.
    Bosu, A., Liu, F., Yao, D., Wang, G.: Collusive data leak and more: large-scale threat analysis of inter-app communications. In: Proceedings of Asia Conference on Computer and Communications Security, pp. 71–85. ACM (2017)Google Scholar
  4. 4.
    Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A.R.: XManDroid: a new android evolution to mitigate privilege escalation attacks. Technical report TR -2011-04, Technische Universitat Darmstadt (2011)Google Scholar
  5. 5.
    Bishop, C.: Pattern Recognition and Machine Learning, pp. 1–758. Springer, New York (2006)zbMATHGoogle Scholar
  6. 6.
    Chin, E., Porter, A.F., Greenwood, K., Wagner, D.: Analyzing inter-application communication in Android. In: Proceedings of the 9th International Conference on Mobile systems, Applications, and Services, pp. 239–252. ACM (2011)Google Scholar
  7. 7.
    Faiz, M.F.I., Hussain, A.M., Marchang, N.: Detection of collusive app-pairs using machine learning. In: Proceedings of 3rd International Conference on Consumer Electronics ASIA, pp. 206–212. IEEE (2018)Google Scholar
  8. 8.
    Felt, A.P., Wang, H.J., Moshchuk, A., Hanna, S., Chin, E.: Permission re-delegation: attacks and defences. In: Proceedings of the 20th USENIX Security Symposium. USENIX Association (2011)Google Scholar
  9. 9.
    Kalutarage, H.K., Nguyen, H.N., Shaikh, S.A.: Towards a threat assessment framework for apps collusion. Telecommun. Syst. 66, 417–430 (2017)CrossRefGoogle Scholar
  10. 10.
    Marforio, C., Ritzdorf, H., Francillon, A., Capkun, S.: Analysis of the communication between colluding applications on modern smartphones. In: Proceedings of the 28th Annual Computer Security Applications Conference, pp. 51–60. ACM (2012)Google Scholar
  11. 11.
    Octeau, D., Jha, S., Derring, M., McDaniel, P., Bartel, A., Li, L., Klein, J., Traon, Y.L.: Combining static analysis with probabilistic models to enable market-scale android inter-component analysis. In: Proceedings of 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 469–484. ACM (2016)Google Scholar
  12. 12.
    Porter, A.F., Ha, E., Egelman, S., Haney, A., Chin, E., Wagner, D.: Android permissions: user attention, comprehension, and behaviour. In: Proceedings of the 8th Symposium on Usable Privacy and Security, Article 3, pp. 1–14. ACM (2012)Google Scholar
  13. 13.
    Wang, W., Wang, X., Feng, D., Liu, J., Han, Z., Zhang, X.: Exploring permission-induced risk in android applications for malicious application detection. IEEE Trans. Inf. Forensics Secur. 9(11), 1869–1882 (2014). Scholar
  14. 14.
    Xie, Z., Zhu, S.: GroupTie: toward hidden collusion group discovery in app stores. In: Proceedings of Conference on Security and Privacy in Wireless & Mobile Networks, pp. 153–164. ACM (2014)Google Scholar
  15. 15.

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Md. Faiz Iqbal Faiz
    • 1
    Email author
  • Md. Anwar Hussain
    • 1
  • Ningrinla Marchang
    • 1
  1. 1.North Eastern Regional Institute of Science and TechnologyItanagarIndia

Personalised recommendations