Skip to main content

Advertisement

SpringerLink
Log in
Menu
Find a journal Publish with us
Search
Cart
Book cover

International Conference on Information and Communications Security

ICICS 2012: Information and Communications Security pp 228–239Cite as

  1. Home
  2. Information and Communications Security
  3. Conference paper
Permission-Based Abnormal Application Detection for Android

Permission-Based Abnormal Application Detection for Android

  • Jiawei Zhu18,19,20,
  • Zhi Guan18,19,20,
  • Yang Yang18,19,20,
  • Liangwen Yu18,19,20,
  • Huiping Sun18,19,20 &
  • …
  • Zhong Chen18,19,20 
  • Conference paper
  • 2262 Accesses

  • 7 Citations

Part of the Lecture Notes in Computer Science book series (LNSC,volume 7618)

Abstract

Android has become one of the most popular mobile operating system because of numerous applications it provides. Android Market is the official application store which allows users to search and install applications to their Android devices. However, with the increasingly number of applications, malware is also beginning to turn up in app stores. To mitigate the security problem brought by malware, we put forward a novel permission-based abnormal application detection framework which identifies potentially dangerous apps by the reliability of their permission lists. To judge the reliability of app’s permissions, we make use of the relation between app’s description text and its permission list. In detail, we use Naive Bayes with Multinomial Event Model algorithm to build the relation between the description and the permission list of an application. We evaluate this framework with 5,685 applications in Android Market and find it effective in identifying abnormal application in Android Market.

Keywords

  • Android
  • Abnormal Application
  • Permission Reliability

Download conference paper PDF

References

  1. G. Inc., https://play.google.com/store

  2. (June 5, 2012), http://www.appbrain.com/stats/number-of-android-apps/

  3. Enck, W., Gilbert, P., Chun, B., Cox, L., Jung, J., McDaniel, P., Sheth, A.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, pp. 1–6. USENIX Association (2010)

    Google Scholar 

  4. Enck, W., Octeau, D., McDaniel, P., Chaudhuri, S.: A study of android application security. In: Proceedings of the 20th USENIX Security Symposium (August 2011)

    Google Scholar 

  5. Enck, W., Ongtang, M., McDaniel, P.: On lightweight mobile phone application certification. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 235–245. ACM (2009)

    Google Scholar 

  6. Portokalidis, G., Homburg, P., Anagnostakis, K., Bos, H.: Paranoid android: versatile protection for smartphones. In: Proc. 26th Annual Computer Security Applications Conference (2010)

    Google Scholar 

  7. Zhou, Y., Wang, Z., Zhou, W., Jiang, X.: Hey, you, get off of my market: Detecting malicious apps in official and alternative android markets. In: Proceedings of the 19th Annual Network and Distributed System Security Symposium (2012)

    Google Scholar 

  8. Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 15–26. ACM (2011)

    Google Scholar 

  9. Lewis, D., Gale, W.: A sequential algorithm for training text classifiers. In: Proceedings of the 17th Annual International ACM SIGIR Conference on Research and Development in Information Retrieval, pp. 3–12. Springer-Verlag New York, Inc. (1994)

    Google Scholar 

  10. McCallum, A., Nigam, K.: A comparison of event models for naive bayes text classification. In: AAAI 1998 Workshop on Learning for Text Categorization, vol. 752, pp. 41–48 (1998)

    Google Scholar 

  11. G. Inc., http://developer.android.com/reference/android/Manifest.permission.html

  12. Barrera, D., Kayacik, H., van Oorschot, P., Somayaji, A.: A methodology for empirical analysis of permission-based security models and its application to android. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 73–84. ACM (2010)

    Google Scholar 

  13. Bradley, A.: The use of the area under the roc curve in the evaluation of machine learning algorithms. Pattern Recognition 30(7), 1145–1159 (1997)

    CrossRef  Google Scholar 

  14. Symantec (Februbary 28, 2011), http://www.symantec.com/connect/blogs/android-threats-getting-steamy

Download references

Author information

Authors and Affiliations

  1. Institute of Software, School of EECS, Peking University, China

    Jiawei Zhu, Zhi Guan, Yang Yang, Liangwen Yu, Huiping Sun & Zhong Chen

  2. MoE Key Lab of High Confidence Software Technologies (PKU), China

    Jiawei Zhu, Zhi Guan, Yang Yang, Liangwen Yu, Huiping Sun & Zhong Chen

  3. MoE Key Lab of Network and Software Security Assurance (PKU), China

    Jiawei Zhu, Zhi Guan, Yang Yang, Liangwen Yu, Huiping Sun & Zhong Chen

Authors
  1. Jiawei Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zhi Guan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yang Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Liangwen Yu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Huiping Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Zhong Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, The University of Hong Kong, Room 519, 5/F, Haking Building, Pokfulam Road, 852, Hong Kong, China

    Tat Wing Chim

  2. Department of Computer Science, The University of Hong Kong, Room 519, 5/F, Haking Wong Building, Pokfulam Road, 852, Hong Kong, China

    Tsz Hon Yuen

Rights and permissions

Reprints and Permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Zhu, J., Guan, Z., Yang, Y., Yu, L., Sun, H., Chen, Z. (2012). Permission-Based Abnormal Application Detection for Android. In: Chim, T.W., Yuen, T.H. (eds) Information and Communications Security. ICICS 2012. Lecture Notes in Computer Science, vol 7618. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34129-8_20

Download citation

  • .RIS
  • .ENW
  • .BIB
  • DOI: https://doi.org/10.1007/978-3-642-34129-8_20

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-34128-1

  • Online ISBN: 978-3-642-34129-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Search

Navigation

  • Find a journal
  • Publish with us

Discover content

  • Journals A-Z
  • Books A-Z

Publish with us

  • Publish your research
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our imprints

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support

167.114.118.210

Not affiliated

Springer Nature

© 2023 Springer Nature