Automatically Detecting Malicious Sensitive Data Usage in Android Applications

Android devices have increased rapidly in recent years. Because sensitive data of users can bring huge profits, there are so many malicious Android applications (apps) which aim at users' sensitive data in Android markets. Malicious apps may collect sensitive data of users, such as phone number, location, contact information, and send them to advertisers or attackers. To prevent malicious apps from stealing user information, a simple solution is not to grant corresponding permissions to apps. But if we don't give corresponding permissions, the apps may exit directly. This affects the normal use of apps. In order to solve the above problems, we design a system which uses machine-learning technology to detect malicious behaviours. Our system is based on the observation that apps in the same category usually use sensitive data in the same or similar way. The system implements automatic detection of malicious behaviours. The true positive rate of our system can be over 90% and the false positive rate can be below 8%.