DroidProtector: Preventing Capability Leak of Android Applications

Bolh benign and malicious developers arc attracted to Android platform because anyone is allowed to publish applications on the Android market. Such capability leak vulnerability on the Android platform may lead to permission elevation and privacy disclosure by making malware bypass Android security mechanism. This paper presents a code scanner tool Droidprotcctor which is applied to help developers search bugs and focus on the business of applications rather than the security problems. Firstly, Markov blanket is used for feature selection. Secondly, source code is analyzed by a machine-leaning method. Finally, malicious intents and capability leaks are detected. By collecting 3482 applications and 59 source files to learn Markov blanket as the feature set and testing this code scanner tool, the experimental results show that DroidProtector can detect the vulnerability of Android source code effectively by using Markov blanket to select features correctly.