Advertisement

Multimedia Tools and Applications

, Volume 78, Issue 24, pp 35713–35731 | Cite as

SensDroid: Analysis for Malicious Activity Risk of Android Application

  • Gulshan ShrivastavaEmail author
  • Prabhat Kumar
Article
  • 58 Downloads

Abstract

In Android, the inter-communication structure is governed by a late runtime binding message called Intent. Intents are having rich features which can detect the true nature of malware when compared to another known trait such as permissions. In this work, a framework called SensDroid is formulated that evaluates the efficiency of android intents and permissions as a differentiating trait to spot malicious apps through sensitive analysis technique. Efficiency escalation has been achieved by integrating these traits with other well-known malware detection attributes. The proposed work also uses sufficient number of samples collected from official and third-party Android app market. Multiple parameters are evaluated and compared with the existing techniques. Successful categorization of clean and malware app with high identification rate has been achieved. As a background discussion, we also give a comprehensive review of ancient android application analysis techniques, risk identification techniques, and intent analysis techniques for contemporary malicious activity.

Keywords

Android analysis Data leak assessment Intent analysis Permission analysis Android application clustering Security and privacy 

Notes

Acknowledgements

The authors would like to thank their colleagues for many useful comments. In particular, they are grateful to Dr. Jim Lemon from Bitwrit Software, Australia for many discussions on the R programming code.

Compliance with ethical standards

Conflict of interest

The authors declare that they have no conflict of interest.

References

  1. 1.
    Allix, K., Bissyandé, T. F., Klein, J., & Le Traon, Y. (2016, May). Androzoo: Collecting millions of android apps for the research community. In Mining Software Repositories (MSR), 2016 IEEE/ACM 13th Working Conference on (pp. 468-471). IEEEGoogle Scholar
  2. 2.
    Arp D, Spreitzenbarth M, Hubner M, Gascon H, Rieck K, Siemens CERT (2014) DREBIN: effective and explainable detection of android malware in your pocket. NDSS 14:23–26Google Scholar
  3. 3.
    Bagheri H, Sadeghi A, Garcia J, Malek S (2015) Covert: compositional analysis of android inter-app permission leakage. IEEE Trans Softw Eng 41(9):866–886CrossRefGoogle Scholar
  4. 4.
    Bhat P, Dutta K (2019) A survey on various threats and current state of security in android platform. ACM Comput Surv (CSUR) 52(1):21CrossRefGoogle Scholar
  5. 5.
    Faruki P, Bharmal A, Laxmi V, Ganmoor V, Gaur MS, Conti M, Rajarajan M (2015) Android security: a survey of issues, malware penetration, and defenses. IEEE Commun Surveys Tutor 17(2):998–1022CrossRefGoogle Scholar
  6. 6.
    Feizollah A, Anuar NB, Salleh R, Suarez-Tangil G, Furnell S (2017) Androdialysis: analysis of android intent effectiveness in malware detection. Comput Sec 65:121–134CrossRefGoogle Scholar
  7. 7.
    Gao Z, Wang DY, Wan SH, Zhang H, Wang YL (2019) Cognitive-inspired class-statistic matching with triple-constrain for camera free 3D object retrieval. Futur Gener Comput Syst 94:641–653CrossRefGoogle Scholar
  8. 8.
    Idrees F, Rajarajan M, Conti M, Chen TM, Rahulamathavan Y (2017) PIndroid: a novel android malware detection system using ensemble learning methods. Comput Sec 68:36–46CrossRefGoogle Scholar
  9. 9.
    Jing Y, Ahn GJ, Doupé A, Yi JH (2016) Checking intent-based communication in android with intent space analysis. In Proc of the 11th ACM on Asia conference on computer and communications security (pp. 735-746). ACMGoogle Scholar
  10. 10.
    Kim H, Cho T, Ahn GJ, Yi JH (2018) Risk assessment of mobile applications based on machine learned malware dataset. Multimed Tools Appl 77(4):5027–5042CrossRefGoogle Scholar
  11. 11.
    Kim T, Kang B, Rho M, Sezer S, Im EG (2019) A multimodal deep learning method for android malware detection using various features. IEEE Trans Inform Forens Sec 14(3):773–788CrossRefGoogle Scholar
  12. 12.
    Liu X, Liu J, Zhu S, Wang W, Zhang X (2019) Privacy risk analysis and mitigation of analytics libraries in the android ecosystem. IEEE Trans Mob Comput.  https://doi.org/10.1109/TMC.2019.2903186
  13. 13.
    Martín I, Hernández JA, de los Santos S (2019) Machine-learning based analysis and classification of android malware signatures. Futur Gener Comput Syst.  https://doi.org/10.1016/j.future.2019.03.006 CrossRefGoogle Scholar
  14. 14.
    Nirumand A, Zamani B, Tork Ladani B (2019) VAnDroid: a framework for vulnerability analysis of android applications using a model-driven reverse engineering technique. Software: Prac Exp 49(1):70–99Google Scholar
  15. 15.
    Onwuzurike L, Mariconti E, Andriotis P, Cristofaro ED, Ross G, Stringhini G (2019) MaMaDroid: detecting android malware by building Markov chains of behavioral models (extended version). ACM Trans Privacy Sec (TOPS) 22(2):14Google Scholar
  16. 16.
    Qamar A, Karim A, Chang V (2019) Mobile malware attacks: review, taxonomy & future directions. Futur Gener Comput Syst.  https://doi.org/10.1016/j.future.2019.03.007 CrossRefGoogle Scholar
  17. 17.
    Shabtai A, Tenenboim-Chekina L, Mimran D, Rokach L, Shapira B, Elovici Y (2014) Mobile malware detection through analysis of deviations in application network behavior. Comput Sec 43:1–18CrossRefGoogle Scholar
  18. 18.
    Sharma K, Gupta BB (2018) Mitigation and risk factor analysis of android applications. Comput Electr Eng 71:416–430CrossRefGoogle Scholar
  19. 19.
    Sharma K, Gupta BB (2019) Towards privacy risk analysis in android applications using machine learning approaches. Int J E-Serv Mob Appl (IJESMA) 11(2):1–21CrossRefGoogle Scholar
  20. 20.
    Shrivastava G, Kumar P (2017) Privacy analysis of android applications: state-of-art and literary assessment. Scalable Comput: Prac Exp 18(3):243–252Google Scholar
  21. 21.
    Silverman BW (2018) Density estimation for statistics and data analysis. RoutledgeGoogle Scholar
  22. 22.
    Suarez-Tangil G, Dash SK, Ahmadi M, Kinder J, Giacinto G, Cavallaro L (2017) DroidSieve: fast and accurate classification of obfuscated android malware. In: Proceedings of the seventh ACM on conference on data and application security and privacy. ACM, pp 309–320Google Scholar
  23. 23.
    Thoresen HM (2017) Automated triage of samples for malware analysis (Master's thesis, NTNU).Google Scholar
  24. 24.
    Virustotal (2019). Retrieved from https://www.virustotal.com/ Seen on April 2019
  25. 25.
    Wan S, Zhao Y, Wang T, Z G, Abbasi QH, Choo KKR (2019) Multi-dimensional data indexing and range query processing via Voronoi diagram for internet of things. Futur Gener Comput Syst 91:382–391CrossRefGoogle Scholar
  26. 26.
    Wang C, Xu Q, Lin X, Liu S (2018) Research on data mining of permissions mode for android malware detection. Clust Comput:1–14Google Scholar
  27. 27.
    Xu K, Li Y, Deng RH (2016) ICCDetector: ICC-based malware detection on android. IEEE Trans Inform Forens Sec 11(6):1252–1264CrossRefGoogle Scholar
  28. 28.
    Zhang LL, Liang CJM, Li ZL, Liu Y, Zhao F, Chen E (2018) Characterizing privacy risks of mobile apps with sensitivity analysis. IEEE Trans Mob Comput 17(2):279–292CrossRefGoogle Scholar
  29. 29.
    Zhou Q, Feng F, Shen Z, Zhou R, Hsieh MY, Li KC (2019) A novel approach for mobile malware classification and detection in android systems. Multimed Tools Appl 78(3):3529–3552CrossRefGoogle Scholar
  30. 30.
    Zhu HJ, You ZH, Zhu ZX, Shi WL, Chen X, Cheng L (2018) DroidDet: effective and robust detection of android malware using static analysis along with rotation forest model. Neurocomputing 272:638–646CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2019

Authors and Affiliations

  1. 1.Department of Computer Science & EngineeringNational Institute of Technology PatnaBiharIndia

Personalised recommendations