Advertisement

Permission-Based Abnormal Application Detection for Android

  • Jiawei Zhu
  • Zhi Guan
  • Yang Yang
  • Liangwen Yu
  • Huiping Sun
  • Zhong Chen
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7618)

Abstract

Android has become one of the most popular mobile operating system because of numerous applications it provides. Android Market is the official application store which allows users to search and install applications to their Android devices. However, with the increasingly number of applications, malware is also beginning to turn up in app stores. To mitigate the security problem brought by malware, we put forward a novel permission-based abnormal application detection framework which identifies potentially dangerous apps by the reliability of their permission lists. To judge the reliability of app’s permissions, we make use of the relation between app’s description text and its permission list. In detail, we use Naive Bayes with Multinomial Event Model algorithm to build the relation between the description and the permission list of an application. We evaluate this framework with 5,685 applications in Android Market and find it effective in identifying abnormal application in Android Market.

Keywords

Android Abnormal Application Permission Reliability 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
  2. 2.
  3. 3.
    Enck, W., Gilbert, P., Chun, B., Cox, L., Jung, J., McDaniel, P., Sheth, A.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, pp. 1–6. USENIX Association (2010)Google Scholar
  4. 4.
    Enck, W., Octeau, D., McDaniel, P., Chaudhuri, S.: A study of android application security. In: Proceedings of the 20th USENIX Security Symposium (August 2011)Google Scholar
  5. 5.
    Enck, W., Ongtang, M., McDaniel, P.: On lightweight mobile phone application certification. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 235–245. ACM (2009)Google Scholar
  6. 6.
    Portokalidis, G., Homburg, P., Anagnostakis, K., Bos, H.: Paranoid android: versatile protection for smartphones. In: Proc. 26th Annual Computer Security Applications Conference (2010)Google Scholar
  7. 7.
    Zhou, Y., Wang, Z., Zhou, W., Jiang, X.: Hey, you, get off of my market: Detecting malicious apps in official and alternative android markets. In: Proceedings of the 19th Annual Network and Distributed System Security Symposium (2012)Google Scholar
  8. 8.
    Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 15–26. ACM (2011)Google Scholar
  9. 9.
    Lewis, D., Gale, W.: A sequential algorithm for training text classifiers. In: Proceedings of the 17th Annual International ACM SIGIR Conference on Research and Development in Information Retrieval, pp. 3–12. Springer-Verlag New York, Inc. (1994)Google Scholar
  10. 10.
    McCallum, A., Nigam, K.: A comparison of event models for naive bayes text classification. In: AAAI 1998 Workshop on Learning for Text Categorization, vol. 752, pp. 41–48 (1998)Google Scholar
  11. 11.
  12. 12.
    Barrera, D., Kayacik, H., van Oorschot, P., Somayaji, A.: A methodology for empirical analysis of permission-based security models and its application to android. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 73–84. ACM (2010)Google Scholar
  13. 13.
    Bradley, A.: The use of the area under the roc curve in the evaluation of machine learning algorithms. Pattern Recognition 30(7), 1145–1159 (1997)CrossRefGoogle Scholar
  14. 14.

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Jiawei Zhu
    • 1
    • 2
    • 3
  • Zhi Guan
    • 1
    • 2
    • 3
  • Yang Yang
    • 1
    • 2
    • 3
  • Liangwen Yu
    • 1
    • 2
    • 3
  • Huiping Sun
    • 1
    • 2
    • 3
  • Zhong Chen
    • 1
    • 2
    • 3
  1. 1.Institute of Software, School of EECSPeking UniversityChina
  2. 2.MoE Key Lab of High Confidence Software Technologies (PKU)China
  3. 3.MoE Key Lab of Network and Software Security Assurance (PKU)China

Personalised recommendations