Computer Technology, Electronic Communications Technologies |
|
|
|
|
Permission-based Android application security evaluation method |
LI Xiao-dong, ZHU Yue-fei, LIU Sheng-li, XIAO Rui-qing |
State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China |
|
|
Abstract A permission-based application security evaluation method was proposed to detect Android malware and quantify applications security risk for large scale samples. A data mining algorithm was designed to discover permission itemsets as evaluation indices according to their support and divisive value. An improved precedence chart was used to determine the indices weights, which were embedded into an evaluation matrix. Android applications were evaluated based on the evaluation matrix;malwares were detected by logistic regression; security risks were evaluated by a certain value. Experiments with real sample applications show that this method performs high accuracy on malware detection up to 92.7% and lower time cost than current methods.
|
Published: 01 March 2017
|
|
|
Cite this article:
LI Xiao-dong, ZHU Yue-fei, LIU Sheng-li, XIAO Rui-qing. Permission-based Android application security evaluation method. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2017, 51(3): 590-597.
|
基于权限的Android应用程序安全审计方法
为了对安卓(Android)恶意应用程序进行检测,对其危险程度进行量化,并满足大批量样本的安全审计需求,提出一种基于权限的Android应用安全审计方法.使用数据挖掘方法分析权限信息,依据支持度和分离度构建评价指标集;基于改进的优序图法确定评价指标权重,建立权重矩阵;依据权重矩阵对安卓应用程序进行评估,通过逻辑回归方法检出恶意应用,并给出量化的评估值.使用抓取自网络的真实样本进行实验,结果表明可以有效检测恶意应用,评估值也能直观地反映应用的危险程度,对恶意应用和正常应用分类的准确度达到92.7%,与现有相关工作相比效率表现更优.
|
|
[1] International Data Corporation. Android and iOS Squeeze the Competition [EB/OL]. [2015-09-26]. http:∥www.idc.com/getdoc.jsp?containerId=prUS25450615
[2] Wikipedia contributors. Google Play [EB/OL]. [2015-09-26]. https:∥en.wikipedia.org/w/index.php?title=Google_Play&oldid=687967431.
[3] 360互联网安全中心. 2014年中国手机安全状况报告[EB/OL]. [2015-09-26]. http:∥zt.360.cn/1101061855.php?dtid=1101061451&did=1101205565.
[4] WU D, MAO C, WEI T, et al. Droidmat: Android malware detection through manifest and api calls tracing [C] ∥ Proceedings of the Asia JCIS 2012. Tokyo: IEEE, 2012: 62-69.
[5] BURGUERA I, ZURUTUZA U, NADJM-TEHRANI S. Crowdroid: behavior-based malware detection system for Android [C] ∥ Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices. Chicago: ACM, 2011: 15-26.
[6] ENCK W, GILBERT P, HAN S, et al. TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones [J]. ACM Transactions on Computer Systems (TOCS), 2014, 32(2): 5.
[7] 杨欢,张玉清,胡予璞,等. 基于多类特征的Android恶意行为监测系统[J]. 计算机学报,2014,1: 15-27.
YANG Huan, ZHANG Yu-qing, HU Yu-pu, et al. A malware behavior detection system of Android application based on multiclass features [J]. Chinese Journal of Computers, 2014, 1: 15-27.
[8] TALHA K, ALPER D, AYDIN C. APK Auditor: Permission-based Android malware detection system [J]. Digital Investigation. 2015,13: 1-14.
[9] Google. The Android manifest.xml file [EB/OL]. [2015-09-28]. https:∥developer.android.com/reference/android/Manifest.permission.html.
[10] FELT A, CHIN E, HANNA S, et al. Android permissions demystified [C] ∥ Proceedings of the 18th ACM Conference on Computer and CommunicationsSecurity. Chicago: ACM, 2011: 627-638.
[11] 符易阳,周丹平. Android安全机制分析 [C] ∥ 第26次全国计算机安全学术交流会论文集. 武夷山:[s. n.], 2011: 23-25.
FU Yi-yang, ZHOU Dan-ping. Android’s security mechanism analysis [C] ∥ Proceedings of the 26th National Conference of Computer Security. Wuyishan:[s. n.], 2011: 23-25.
[12] 文伟平,梅瑞,宁戈,等. Android恶意软件检测技术分析和应用研究 [J]. 通信学报,2014,35(8): 78-85.
WEN Wei-ping, MEI Rui, Ning Ge, et al. Malware detection technology analysis and applied research of android platform [J]. Journal on Communications, 2014, 35(8): 78-85.
[13] HAN J, KAMBER M, PEI J. Data mining concepts and techniques [M]. 3rd ed. Amsterdam: Elsevier,2011.
[14] MOODY P. Decision making: Proven methods for better decisions [M]. New York: McGrawHill Companies, 1983.
[15] 李航. 统计学习方法 [M]. 北京:清华大学出版社,2012.
[16] Google-play-crawler [CP/OL]. [2015-09-28]. https:∥github.com/Akdeniz/google-play-crawler
[17] VirusTotal [EP/OL]. [2015-09-26]. www.virustotal.com.
[18] Androguard Team. Androguard [CP/OL]. [2015-09-28]. https:∥github.com/androguard/androguard.
[19] 王少辉,王超,孙国梓. DroidDefence:细粒度的Android应用权限管理系统 [J]. 四川大学学报:工程科学版,2014, 6: 14-18.
WANG Shao-hui, WANG Chao, SUN Guo-zi. DroidDefence: an extended fine-grained Android application permission management system [J]. Journal of Sichuan University: Engineering Science Edition, 2014, 6: 14-18. |
|
Viewed |
|
|
|
Full text
|
|
|
|
|
Abstract
|
|
|
|
|
Cited |
|
|
|
|
|
Shared |
|
|
|
|
|
Discussed |
|
|
|
|