Android Apps:Static Analysis Based on Permission Classification

被引:3
|
作者
Zhenjiang Dong [1 ]
Hui Ye [2 ]
Yan Wu [1 ]
Shaoyin Cheng [2 ]
Fan Jiang [2 ]
机构
[1] ZTE Corporation
[2] Information Technology Security Evaluation Center,University of Science and Technology of China
来源
ZTECommunications | 2013年 / 11卷 / 01期
基金
中央高校基本科研业务费专项资金资助; 高等学校博士学科点专项科研基金;
关键词
malware; software analysis; static analysis; Android;
D O I
暂无
中图分类号
TN929.5 [移动通信]; TP309 [安全保密];
学科分类号
080402 ; 080904 ; 0810 ; 081001 ; 081201 ; 0839 ; 1402 ;
摘要
Android has a strict permission management mechanism. Any applications that try to run on the Android system need to obtain permission. In this paper, we propose an efficient method of detecting malicious applications in the Android system. First, hundreds of permissions are classified into different groups. The application programming interfaces (APIs) associated with permissions that can interact with the outside environment are called sink functions. The APIs associated with other permissions are called taint functions. e construct association tables for block variables and function variables of each application. Malicious applications can then be detected by using the static taint-propagation method to analyze these tables.
引用
收藏
页码:62 / 66
页数:5
相关论文
共 50 条
  • [1] Method-level Permission Analysis based on Static Call Graph of Android Apps
    Hu, Yan
    Kong, Weiqiang
    Ding, Feng
    Yan, Jun
    2018 5TH INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND THEIR APPLICATIONS (DSA), 2018, : 8 - 14
  • [2] Kunai: A static analysis framework for Android apps
    Blazquez, Eduardo
    Tapiador, Juan
    SOFTWAREX, 2023, 22
  • [3] Reevaluating Android Permission Gaps with Static and Dynamic Analysis
    Wang, Haoyu
    Guo, Yao
    Tang, Zihao
    Bai, Guangdong
    Chen, Xiangqun
    2015 IEEE GLOBAL COMMUNICATIONS CONFERENCE (GLOBECOM), 2015,
  • [4] New Results on Permission Based Static Analysis for Android Malware
    Sahin, Durmus Ozkan
    Kural, Oguz Emre
    Akleylek, Sedat
    Kilic, Erdal
    2018 6TH INTERNATIONAL SYMPOSIUM ON DIGITAL FORENSIC AND SECURITY (ISDFS), 2018, : 340 - 343
  • [5] API and Permission-based Classification System for Android Malware Analysis
    Park, Jungsoo
    Chun, Hojin
    Jung, Souhwan
    2018 32ND INTERNATIONAL CONFERENCE ON INFORMATION NETWORKING (ICOIN), 2018, : 930 - 935
  • [6] Reflection-Aware Static Analysis of Android Apps
    Li, Li
    Bissyande, Tegawende F.
    Octeauo, Damien
    Klein, Jacques
    2016 31ST IEEE/ACM INTERNATIONAL CONFERENCE ON AUTOMATED SOFTWARE ENGINEERING (ASE), 2016, : 756 - 761
  • [7] On Understanding Permission Usage Contextuality in Android Apps
    Hossen, Md Zakir
    Mannan, Mohammad
    DATA AND APPLICATIONS SECURITY AND PRIVACY XXXII, DBSEC 2018, 2018, 10980 : 232 - 242
  • [8] Security analysis of permission re-delegation vulnerabilities in Android apps
    Biniam Fisseha Demissie
    Mariano Ceccato
    Lwin Khin Shar
    Empirical Software Engineering, 2020, 25 : 5084 - 5136
  • [9] Security analysis of permission re-delegation vulnerabilities in Android apps
    Demissie, Biniam Fisseha
    Ceccato, Mariano
    Shar, Lwin Khin
    EMPIRICAL SOFTWARE ENGINEERING, 2020, 25 (06) : 5084 - 5136
  • [10] Practical Static Analysis of Detecting Intent-based Permission Leakage in Android Application
    Wu, Songyang
    Zhang, Yong
    Jin, Bo
    Cao, Wei
    2017 17TH IEEE INTERNATIONAL CONFERENCE ON COMMUNICATION TECHNOLOGY (ICCT 2017), 2017, : 1953 - 1957
12345