Android Apps:Static Analysis Based on Permission Classification

被引:3
|
作者
Zhenjiang Dong [1 ]
Hui Ye [2 ]
Yan Wu [1 ]
Shaoyin Cheng [2 ]
Fan Jiang [2 ]
机构
[1] ZTE Corporation
[2] Information Technology Security Evaluation Center,University of Science and Technology of China
来源
ZTECommunications | 2013年 / 11卷 / 01期
基金
中央高校基本科研业务费专项资金资助; 高等学校博士学科点专项科研基金;
关键词
malware; software analysis; static analysis; Android;
D O I
暂无
中图分类号
TN929.5 [移动通信]; TP309 [安全保密];
学科分类号
081201 ; 0839 ; 1402 ;
摘要
Android has a strict permission management mechanism. Any applications that try to run on the Android system need to obtain permission. In this paper, we propose an efficient method of detecting malicious applications in the Android system. First, hundreds of permissions are classified into different groups. The application programming interfaces (APIs) associated with permissions that can interact with the outside environment are called sink functions. The APIs associated with other permissions are called taint functions. e construct association tables for block variables and function variables of each application. Malicious applications can then be detected by using the static taint-propagation method to analyze these tables.
引用
收藏
页码:62 / 66
页数:5
相关论文
共 50 条
  • [21] Static Code Analysis of Permission-based Features for Android Malware Classification Using Apriori Algorithm with Particle Swarm Optimization
    Adebayo, Olawale Surajudeen
    Aziz, Normaziah Abdul
    JOURNAL OF INFORMATION ASSURANCE AND SECURITY, 2015, 10 (04): : 152 - 163
  • [22] revDroid: Code Analysis of the Side Effects after Dynamic Permission Revocation of Android Apps
    Fang, Zheran
    Han, Weili
    Li, Dong
    Guo, Zeqing
    Guo, Danhao
    Wang, Xiaoyang Sean
    Qian, Zhiyun
    Chen, Hao
    ASIA CCS'16: PROCEEDINGS OF THE 11TH ACM ASIA CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2016, : 747 - 758
  • [23] The Analysis of Feature Selection Methods and Classification Algorithms in Permission Based Android Malware Detection
    Pehlivan, Ugur
    Baltaci, Nuray
    Acarturk, Cengiz
    Baykal, Nazife
    2014 IEEE SYMPOSIUM ON COMPUTATIONAL INTELLIGENCE IN CYBER SECURITY (CICS), 2014, : 81 - 88
  • [24] Detection of malicious behavior in android apps through API calls and permission uses analysis
    Yang, Ming
    Wang, Shan
    Ling, Zhen
    Liu, Yaowen
    Ni, Zhenyu
    CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE, 2017, 29 (19):
  • [25] PGFIT: Static permission analysis of health and fitness apps in IoT programming frameworks
    Nobakht, Mehdi
    Sui, Yulei
    Seneviratne, Aruna
    Hu, Wen
    JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2020, 152
  • [26] Android Multitasking Mechanism: Formal Semantics and Static Analysis of Apps
    He, Jinlong
    Chen, Taolue
    Wang, Ping
    Wu, Zhilin
    Yan, Jun
    PROGRAMMING LANGUAGES AND SYSTEMS, APLAS 2019, 2019, 11893 : 291 - 312
  • [27] Detecting Energy Bugs in Android Apps Using Static Analysis
    Jiang, Hao
    Yang, Hongli
    Qin, Shengchao
    Su, Zhendong
    Zhang, Jian
    Yan, Jun
    FORMAL METHODS AND SOFTWARE ENGINEERING, ICFEM 2017, 2017, 10610 : 192 - 208
  • [28] Obfuscating Code Vulnerabilities Against Static Analysis in Android Apps
    Pagano, Francesco
    Verderame, Luca
    Merlo, Alessio
    ICT SYSTEMS SECURITY AND PRIVACY PROTECTION, SEC 2024, 2024, 710 : 381 - 395
  • [29] Boosting Static Analysis of Android Apps through Code Instrumentation
    Li, Li
    2016 IEEE/ACM 38TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING COMPANION (ICSE-C), 2016, : 819 - 822
  • [30] OASIS: Prioritizing Static Analysis Warnings for Android Apps Based on App User Reviews
    Wei, Lili
    Liu, Yepang
    Cheung, Shing-Chi
    ESEC/FSE 2017: PROCEEDINGS OF THE 2017 11TH JOINT MEETING ON FOUNDATIONS OF SOFTWARE ENGINEERING, 2017, : 672 - 682
12345