Android Apps:Static Analysis Based on Permission Classification

被引:3
|
作者
Zhenjiang Dong [1 ]
Hui Ye [2 ]
Yan Wu [1 ]
Shaoyin Cheng [2 ]
Fan Jiang [2 ]
机构
[1] ZTE Corporation
[2] Information Technology Security Evaluation Center,University of Science and Technology of China
来源
ZTECommunications | 2013年 / 11卷 / 01期
基金
中央高校基本科研业务费专项资金资助; 高等学校博士学科点专项科研基金;
关键词
malware; software analysis; static analysis; Android;
D O I
暂无
中图分类号
TN929.5 [移动通信]; TP309 [安全保密];
学科分类号
080402 ; 080904 ; 0810 ; 081001 ; 081201 ; 0839 ; 1402 ;
摘要
Android has a strict permission management mechanism. Any applications that try to run on the Android system need to obtain permission. In this paper, we propose an efficient method of detecting malicious applications in the Android system. First, hundreds of permissions are classified into different groups. The application programming interfaces (APIs) associated with permissions that can interact with the outside environment are called sink functions. The APIs associated with other permissions are called taint functions. e construct association tables for block variables and function variables of each application. Malicious applications can then be detected by using the static taint-propagation method to analyze these tables.
引用
收藏
页码:62 / 66
页数:5
相关论文
共 50 条
  • [21] Permission Issues in Open-source Android Apps: An Exploratory Study
    Scoccia, Gian Luca
    Peruma, Anthony
    Pujols, Virginia
    Malavolta, Ivano
    Krutz, Daniel E.
    2019 19TH IEEE INTERNATIONAL WORKING CONFERENCE ON SOURCE CODE ANALYSIS AND MANIPULATION (SCAM), 2019, : 238 - 249
  • [22] Malware detection using static analysis in Android: a review of FeCO (features, classification, and obfuscation)
    Jusoh, Rosmalissa
    Firdaus, Ahmad
    Anwar, Shahid
    Osman, Mohd Zamri
    Darmawan, Mohd Faaizie
    Ab Razak, Mohd Faizal
    PEERJ COMPUTER SCIENCE, 2021, 7 : 1 - 54
  • [23] APK Auditor: Permission-based Android malware detection system
    Kabakus, Abdullah Talha
    Alper, Dogru Ibrahim
    Aydin, Cetin
    DIGITAL INVESTIGATION, 2015, 13 : 1 - 14
  • [24] Static and Dynamic Analysis of Android Malware
    Kapratwar, Ankita
    Di Troia, Fabio
    Stamp, Mark
    ICISSP: PROCEEDINGS OF THE 3RD INTERNATIONAL CONFERENCE ON INFORMATION SYSTEMS SECURITY AND PRIVACY, 2017, : 653 - 662
  • [25] NativeSummary: Summarizing Native Binary Code for Inter-language Static Analysis of Android Apps
    Wang, Jikai
    Wang, Haoyu
    PROCEEDINGS OF THE 33RD ACM SIGSOFT INTERNATIONAL SYMPOSIUM ON SOFTWARE TESTING AND ANALYSIS, ISSTA 2024, 2024, : 971 - 982
  • [26] Detecting Permission Over-claim of Android Applications with Static and Semantic Analysis Approach
    Tang, Junwei
    Li, Ruixuan
    Han, Hongmu
    Zhang, Heng
    Gu, Xiwu
    2017 16TH IEEE INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS / 11TH IEEE INTERNATIONAL CONFERENCE ON BIG DATA SCIENCE AND ENGINEERING / 14TH IEEE INTERNATIONAL CONFERENCE ON EMBEDDED SOFTWARE AND SYSTEMS, 2017, : 706 - 713
  • [27] Static analysis framework for permission-based dataset generation and android malware detection using machine learning
    Pathak, Amarjyoti
    Kumar, Th. Shanta
    Barman, Utpal
    EURASIP JOURNAL ON INFORMATION SECURITY, 2024, 2024 (01):
  • [28] Android App Classification and Permission Usage Risk Assessment
    Shen, Yidong
    Xu, Ming
    Zheng, Ning
    Xu, Jian
    Xia, Wenjing
    Wu, Yiming
    Qiao, Tong
    Yang, Tao
    COLLABORATIVE COMPUTING: NETWORKING, APPLICATIONS AND WORKSHARING, COLLABORATECOM 2017, 2018, 252 : 567 - 577
  • [29] Permission Based Android Malware Detection With Multilayer Perceptron
    Utku, Anil
    Muhendisligi, Bilgisayar
    Akcayol, M. Ali
    2018 26TH SIGNAL PROCESSING AND COMMUNICATIONS APPLICATIONS CONFERENCE (SIU), 2018,
  • [30] Detecting and Defending against Inter-App Permission Leaks in Android Apps
    He, Yi
    Li, Qi
    2016 IEEE 35TH INTERNATIONAL PERFORMANCE COMPUTING AND COMMUNICATIONS CONFERENCE (IPCCC), 2016,
12345