Advertisement

Feature Analysis and Risk Assessment of Android Group Based on Clustering

  • Zhijie Xiao
  • Tao Li
  • Yuqiao Wang
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10955)

Abstract

The security risk assessment of Android applications is an uncertain problem. It is difficult to determine whether the application authority is reasonable from a single application point of view, and whether some privacy rights overstep the functional scope of the application itself. To solve this problem, a group based method for feature analysis and risk assessment of large-scale Android applications is proposed. The permission that app applies is an important object for security analysis and evaluation. The same type of application has similar functions, so the required system privileges are similar. By comparing the application class of the same functional type to the population, the two layers model of group feature analysis and mass population clustering is used to evaluate the relative malicious program in the population, which shows the effectiveness and adaptability of the method.

Keywords

Android permission Clustering Assessment Feature analysis 

Notes

Acknowledgement

Authors are partially supported by Major projects of the Hubei Provincial Education Department (No. 17ZD014) and Hubei college students’ innovation and entrepreneur-ship training program project (No. 201610488020).

References

  1. 1.
    The development of the China Mobile Internet and its security report (2017) [EB/OL]. http://www.isc.org.cn/zxzx/xhdt/listinfo-35398.html. Accessed 08 Mar 2018
  2. 2.
    Google Play [EB/OL], 14 December 2017. https://play.google.com/store
  3. 3.
    Peng, H., Gates, C., Sarma, B., et al.: Using probabilistic generative models for ranking risks of Android apps. In: ACM Conference on Computer and Communications Security, pp. 241–252. ACM (2012)Google Scholar
  4. 4.
    Zhou, Y., Jiang, X.: Dissecting Android malware: characterization and evolution. In: IEEE Symposium on Security and Privacy, pp. 95–109. IEEE (2012)Google Scholar
  5. 5.
    Jiawei, Z.H.U., Liangwen, Y.U., Zhi, G.U.A.N., et al.: A review of the security research of Android authority mechanism. Appl. Res. Comput. 32(10), 2881–2885 (2015)Google Scholar
  6. 6.
    Sihan, Q.: Progress in research on Android security. J. Softw. 27(1), 45–71 (2016)MathSciNetGoogle Scholar
  7. 7.
    Barrera, D., Oorschot, P.C.V., Somayaji, A.: A methodology for empirical analysis of permission-based security models and its application to Android. In: ACM Conference on Computer and Communications Security, pp. 73–84. ACM (2010)Google Scholar
  8. 8.
    Felt, A.P., Greenwood, K., Wagner, D.: The effectiveness of install-time permission systems for third-party applications (2010)Google Scholar
  9. 9.
    Felt, A.P., Ha, E., Egelman, S., et al.: Android permissions: user attention, comprehension, and behavior. In: Proceedings of the Eighth Symposium on Usable Privacy and Security, pp. 1–14. ACM (2012)Google Scholar
  10. 10.
    Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for Android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 15–26. ACM, New York (2011)Google Scholar
  11. 11.
    Schmidt, A.D., Bye, R., Schmidt, H.G., et al.: Static analysis of executable for collaborative malware detection on Android. In: Proceedings of the 2009 IEEE International Conference on Communications, Piscataway, pp. 631–635. IEEE Press (2009)Google Scholar
  12. 12.
    Shuke, Z., Yang, Z., Liang, C., et al.: A Android system for privacy protection effectiveness evaluation method. J. Univ. Sci. Technol. China 44(10), 853–861 (2014)Google Scholar
  13. 13.
    Sibei, J.I.A.O., Lingyun, Y.I.N.G., Yi, Y.A.N.G., et al.: An anti obfuscation method of similarity detection for large scale Android applications. J. Comput. Res. Dev. 51(7), 1446–1457 (2014)Google Scholar
  14. 14.
    Zhang, T., Li, T., Wang, H., Xiao, Z.: AndroidProtect: Android apps security analysis system. In: Wang, S., Zhou, A. (eds.) CollaborateCom 2016. LNICST, vol. 201, pp. 583–594. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-59288-6_58CrossRefGoogle Scholar
  15. 15.
    Wang, H., Li, T., Zhang, T., Wang, J.: Android apps security evaluation system in the cloud. In: Guo, S., Liao, X., Liu, F., Zhu, Y. (eds.) CollaborateCom 2015. LNICST, vol. 163, pp. 151–160. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-28910-6_14CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  1. 1.College of Computer Science and TechnologyWuhan University of Science and TechnologyWuhanChina
  2. 2.Hubei Province Key Laboratory of Intelligent Information Processing and Real-Time Industrial SystemWuhanChina

Personalised recommendations