APP Vetting Based on the Consistency of Description and APK

  • Weili HanEmail author
  • Wei Wang
  • Xinyi Zhang
  • Weiwei Peng
  • Zheran Fang
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9473)


Android has witnessed a substantial growth over the years, in the market share as well as in the number of malwares. In this paper, we proposed a novel approach to detect potentially malicious applications, based on the semantic relatedness between the applications’ descriptions and the apk files. We gathered an application database of 7,570 valid applications for training and testing, finding that about 16.6 % of the tested applications exhibit a lack of relatedness between the apk files and descriptions, due to either inadequate embedded text in apk file, too short a description, unsuited description, or being a malicious application. In additions, there are 4 % of applications unjustly deemed as unrelated. Our study showed that the semantic based approach is applicable in terms of malware detection and in judging the soundness of descriptions.


Android security Malware NLP APK Description 



This paper is supported by 12th Five-Year National Development Foundation for Cryptography (MMJJ201301008), Key Lab of Information Network Security, Ministry of Public Security (C13612), Natural Science Foundation of Shanghai (12ZR1402600). We thanks anonymous reviewers for their comments.


  1. 1.
    Number of android applications. Technical report, AppBrain (2014)Google Scholar
  2. 2.
    Research also shows steady and significant drop in number of malicious apps being removed in past three years. Technical report, RiskIQ (2014)Google Scholar
  3. 3.
    An open-source api for the android market. Accessed 2014
  4. 4.
    Au, K.W.Y., Zhou, Y.F., Huang, Z., Lie, D.: Pscout: Analyzing the android permission specification. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS 2012, pp. 217–228. ACM, New York (2012)Google Scholar
  5. 5.
    Chau, M., Reith, R., Ubrani, J.: Worldwide quarterly mobile phone tracker. Technical report, International Data Corporation (2014)Google Scholar
  6. 6.
    Enck, W., Ongtang, M., Mcdaniel, P.D.: On lightweight mobile phone application certification. In: ACM Conference on Computer and Communications Security, pp. 235–245 (2009)Google Scholar
  7. 7.
    Fang, Z., Han, W., Li, Y.: Permission based android security: issues and countermeasures. Comput. Secur. (COSE) 43, 205–218 (2014)CrossRefGoogle Scholar
  8. 8.
    Fellbaum, C.: WordNet An Electronic Lexical Database (1998)Google Scholar
  9. 9.
    Gabrilovich, E., Markovitch, S.: Computing semantic relatedness using wikipedia-based explicit semantic analysis. In: International Joint Conference on Artificial Intelligence, pp. 1606–1611 (2007)Google Scholar
  10. 10.
    Google. android-apktool. Accessed 2014
  11. 11.
    Han, W., Fang, Z., Yang, L.T., Pan, G., Wu, Z.: Collaborative policy administration. IEEE Trans. Parallel Distrib. Syst. (TPDS) 25(2), 498–507 (2014)CrossRefGoogle Scholar
  12. 12.
    Jordan, M.I., Jacobs, R.A.: Hierarchical mixtures of experts and the EM algorithm. In: International Symposium on Neural Networks (1993)Google Scholar
  13. 13.
    Knoth, P., Zilka, L., Zdrahal, Z.: Cross-lingual link discovery in wikipedia using explicit semantic analysis. In: The 9th NTCIR Workshop Meeting, pp. 6–9, Tokyo, Japan, December 2011. Knowledge Media InstituteGoogle Scholar
  14. 14.
    Porter, M.: An algorithm for suffix stripping. Program-electron. Libr. Inf. Syst. 14, 130–137 (1980)CrossRefGoogle Scholar
  15. 15.
    Pregibon, D.: Logistic regression diagnostics. Ann. Stat. 9, 705–724 (1981)zbMATHMathSciNetCrossRefGoogle Scholar
  16. 16.
    Qu, Z., Rastogi, V., Zhang, X., Chen, Y., Zhu, T., Chen, Z.: AutoCog: measuring the description-to-permission fidelity in android applications. In: ACM Conference on Computer and Communications Security (2014)Google Scholar
  17. 17.
    Zhang, X., Han, W., Fang, Z., Yin, Y., Mustafa, H.: Role mining algorithm evaluation and improvement in large volume android applications. In: Proceedings of the First International Workshop on Security in embedded systems and smartphones (SESP 2013), conjunction with ASIACCS 2013 (2013)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Weili Han
    • 1
    • 2
    • 3
    Email author
  • Wei Wang
    • 1
  • Xinyi Zhang
    • 1
  • Weiwei Peng
    • 1
  • Zheran Fang
    • 1
  1. 1.Software SchoolFudan UniversityShanghaiChina
  2. 2.Key Lab of Information Network SecurityMinistry of Public SecurityShanghaiChina
  3. 3.Shanghai Key Laboratory of Data ScienceFudan UniversityShanghaiChina

Personalised recommendations