Abstract
The booming of the Android platform in recent years has attracted the attention of malware developers. However, the permissions-based model used in Android system to prevent the spread of malware, has shown to be ineffective. In this paper, we propose DroidRisk, a framework for quantitative security risk assessment of both Android permissions and applications (apps) based on permission request patterns from benign apps and malware, which aims to improve the efficiency of Android permission system. Two data sets with 27,274 benign apps from Google Play and 1,260 Android malware samples were used to evaluate the effectiveness of DroidRisk. The results demonstrate that DroidRisk can generate more reliable risk signal for warning the potential malicious activities compared with existing methods. We show that DroidRisk can also be used to alleviate the overprivilege problem and improve the user attention to the risks of Android permissions and apps. © 2013 IFIP International Federation for Information Processing.
Author supplied keywords
Cite
CITATION STYLE
Wang, Y., Zheng, J., Sun, C., & Mukkamala, S. (2013). Quantitative security risk assessment of Android permissions and applications. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7964 LNCS, pp. 226–241). https://doi.org/10.1007/978-3-642-39256-6_15
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
