Feature Analysis and Risk Assessment of Android Group Based on Clustering
The security risk assessment of Android applications is an uncertain problem. It is difficult to determine whether the application authority is reasonable from a single application point of view, and whether some privacy rights overstep the functional scope of the application itself. To solve this problem, a group based method for feature analysis and risk assessment of large-scale Android applications is proposed. The permission that app applies is an important object for security analysis and evaluation. The same type of application has similar functions, so the required system privileges are similar. By comparing the application class of the same functional type to the population, the two layers model of group feature analysis and mass population clustering is used to evaluate the relative malicious program in the population, which shows the effectiveness and adaptability of the method.
KeywordsAndroid permission Clustering Assessment Feature analysis
Authors are partially supported by Major projects of the Hubei Provincial Education Department (No. 17ZD014) and Hubei college students’ innovation and entrepreneur-ship training program project (No. 201610488020).
- 1.The development of the China Mobile Internet and its security report (2017) [EB/OL]. http://www.isc.org.cn/zxzx/xhdt/listinfo-35398.html. Accessed 08 Mar 2018
- 2.Google Play [EB/OL], 14 December 2017. https://play.google.com/store
- 3.Peng, H., Gates, C., Sarma, B., et al.: Using probabilistic generative models for ranking risks of Android apps. In: ACM Conference on Computer and Communications Security, pp. 241–252. ACM (2012)Google Scholar
- 4.Zhou, Y., Jiang, X.: Dissecting Android malware: characterization and evolution. In: IEEE Symposium on Security and Privacy, pp. 95–109. IEEE (2012)Google Scholar
- 5.Jiawei, Z.H.U., Liangwen, Y.U., Zhi, G.U.A.N., et al.: A review of the security research of Android authority mechanism. Appl. Res. Comput. 32(10), 2881–2885 (2015)Google Scholar
- 7.Barrera, D., Oorschot, P.C.V., Somayaji, A.: A methodology for empirical analysis of permission-based security models and its application to Android. In: ACM Conference on Computer and Communications Security, pp. 73–84. ACM (2010)Google Scholar
- 8.Felt, A.P., Greenwood, K., Wagner, D.: The effectiveness of install-time permission systems for third-party applications (2010)Google Scholar
- 9.Felt, A.P., Ha, E., Egelman, S., et al.: Android permissions: user attention, comprehension, and behavior. In: Proceedings of the Eighth Symposium on Usable Privacy and Security, pp. 1–14. ACM (2012)Google Scholar
- 10.Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for Android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 15–26. ACM, New York (2011)Google Scholar
- 11.Schmidt, A.D., Bye, R., Schmidt, H.G., et al.: Static analysis of executable for collaborative malware detection on Android. In: Proceedings of the 2009 IEEE International Conference on Communications, Piscataway, pp. 631–635. IEEE Press (2009)Google Scholar
- 12.Shuke, Z., Yang, Z., Liang, C., et al.: A Android system for privacy protection effectiveness evaluation method. J. Univ. Sci. Technol. China 44(10), 853–861 (2014)Google Scholar
- 13.Sibei, J.I.A.O., Lingyun, Y.I.N.G., Yi, Y.A.N.G., et al.: An anti obfuscation method of similarity detection for large scale Android applications. J. Comput. Res. Dev. 51(7), 1446–1457 (2014)Google Scholar