Android Application Collusion Demystified

  • Fauzia Idrees AbroEmail author
  • Muttukrishnan Rajarajan
  • Thomas M. Chen
  • Yogachandran Rahulamathavan
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 759)


Application collusion is an emerging threat to Android based devices. In app collusion, two or more apps collude in some manner to perform a malicious action that they are unable to do independently. Detection of colluding apps is a challenging task. Existing commercial malware detection systems analyse each app separately, hence fail to detect any joint malicious action performed by multiple apps through collusion. In this paper, we discuss the current state of research on app collusion and open challenges to the detection of colluding apps. We compare existing approaches and present an integrated approach to effectively detect app collusion.


  1. 1.
    Elish, K.O., Yao, D., Ryder, B.G.: On the need of precise inter-app: ICC classification for detecting android malware collusions. In: Proceedings of IEEE Mobile Security Technologies (2015)Google Scholar
  2. 2.
    Marforio, C., Ritzdorf, H., Francillon, A., Capkun, S: Analysis of the communication between colluding applications on modern smartphones. In: Proceedings of the 28th Annual Computer Security Applications Conference, pp. 51–60 (2012)Google Scholar
  3. 3.
    Chin, E., Felt, A.P., Greenwood, K., Wagner, D.: Analyzing inter-application communication in Android. In: Proceedings of the 9th ACM Conference on Mobile Systems, Applications and Services, pp. 239–252 (2011)Google Scholar
  4. 4.
    Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A.-R., Shastry, B.: Towards taming privilege-escalation attacks on android. In: NDSS (2012)Google Scholar
  5. 5.
    Idrees, F., Rajarajan, M.: Investigating the android intents and permissions for malware detection. In: Proceedings of IEEE Wireless and Mobile Computing, Networking and Communications, pp. 354–358 (2014)Google Scholar
  6. 6.
    Felt, A.P., Wang, H.J., Moshchuk, A., Hanna, S., Chin, E.: Attacks and defenses. In: USENIX Security Symposium (2011)Google Scholar
  7. 7.
    Idrees, F., Rajarajantitle, M., Conti, M., Chen, T.M., Yogachandran, R.: A novel Android malware detection system using ensemble learning methods. Comput. Secur. 68, 36–46 (2017). ElsevierCrossRefGoogle Scholar
  8. 8.
    Bagheri, H., Sadeghi, A., Garcia, J., Malek, S.: Covert: compositional analysis of android inter-app permission leakage. IEEE Trans. Softw. Eng. 9, 866–886 (2015)CrossRefGoogle Scholar
  9. 9.
    Gasior, W., Yang, L.: Network covert channels on the Android platform. In: Proceedings of the Seventh Annual ACM Workshop on Cyber Security and Information Intelligence Research, pp. 61–67 (2011)Google Scholar
  10. 10.
    Davi, L., Dmitrienko, A., Sadeghi, A.-R., Winandy, M.: Privilege escalation attacks on android. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 346–360. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-18178-8_30 CrossRefGoogle Scholar
  11. 11.
    Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A.-R.: Xmandroid: a new android evolution to mitigate privilege escalation attacks. Technische Universität Darmstadt, Technical report (2011)Google Scholar
  12. 12.
    Memon, A.M., Anwar, A.: Colluding apps: tomorrow’s mobile malware threat. IEEE Secur. Priv. 6, 77–81 (2015)CrossRefGoogle Scholar
  13. 13.
    Bhandari, S., Laxmi, V., Zemmari, A., Gaur, M.S: Gaur Intersection automata based model for Android application collusion. In: Advanced Information Networking and Applications, pp. 901–908 (2016)Google Scholar
  14. 14.
    Asavoaeca, I., Jorge, B., Chen, T., Kumara, H., Muttik, I., Nguyen, H.N., Roggenbach, M., Shaikh, S.: Towards automated android app collusion detection (2016). arXiv preprint arXiv:1603.02308
  15. 15.
    Tristan, R., Rogan, C.E., Aaron, T., Adam, F., Trevor, E., Ledah, C.: Statically detecting android app. collusion. In: Proceedings of the 4th Program Protection and Reverse Engineering Workshop, p. 4 (2014)Google Scholar
  16. 16.
    Gilbert, W.P., Chun, B.-G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: TaintDroid: an information flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation (OSDI 2010), pp. 1–6 (2010)Google Scholar
  17. 17.
    Enck, W., Ongtang, M., McDaniel, P.: Understanding android security. IEEE Secur. Priv. 7, 50–57 (2009)CrossRefGoogle Scholar
  18. 18.
    Kantola, D., Chin, E., He, W., Wagner, D.: Reducing attack surfaces for intra-application communication in Android. In: Proceedings of Second ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 69–80 (2012)Google Scholar
  19. 19.
    Maji, A., Arshad, F., Bagchi, S., Rellermeyer, J.: An empirical study of the robustness of inter-component communication in Android. In: International Conference on Dependable Systems and Networks, pp. 1–12 (2012)Google Scholar
  20. 20.
    Long, L., Li, Z., Zhenyu, W., Lee, W., Jiang, G.: Chex: statically vetting Android apps for component hijacking vulnerabilities. In: Proceedings of Conference on Computer and Communications Security, pp. 229–240 (2012)Google Scholar
  21. 21.
    Avancini, A., Ceccato, M.: Security testing of the communication among Android applications. In: Proceedings of 8th IEEE International Workshop on Automation of Software Test, pp. 57–63 (2013)Google Scholar
  22. 22.
    Gordon, M.I., Kim, D., Perkins, J.H., Gilham, L., Nguyen, N., Rinard, M.C.: Information flow analysis of android applications in DroidSafe. In: NDSS, pp. 1–16 (2015)Google Scholar
  23. 23.
    Gallingani, D., Gjomemo, R., Venkatakrishnan, V.N., Zanero, S.: Practical exploit generation for intent message vulnerabilities in Android. In: Proceedings of the 5th ACM Conference on Data and Application Security, pp. 155–157 (2015)Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Fauzia Idrees Abro
    • 1
    Email author
  • Muttukrishnan Rajarajan
    • 1
  • Thomas M. Chen
    • 1
  • Yogachandran Rahulamathavan
    • 2
  1. 1.City University LondonLondonUK
  2. 2.Loughborough University LondonLondonUK

Personalised recommendations