Abstract
With the continuous innovation of artificial intelligence technology, more and more smart devices are being applied to emerging industrial Internet and IOT (Internet of Things) platforms. Most of these smart devices are designed based on the Android framework, and the security of Android applications is particularly important for these smart devices. To facilitate communication between applications, ICC (Inter-Component Communication) is widely used in Android. While bringing convenience to users, it also brings the risk of privacy leakage and privilege escalation. In this way, two or more applications can collude and thereby evade detection by tools that analyze the security of a single application. To defend against this attack, we propose a machine learning-based static analysis method and design and implement ACDroid. ACDroid uses static analysis to obtain inter-application collaboration characteristics, including inter-application ICCs and dangerous permission group combinations. The deep learning algorithm is then used for efficient classification to detect collusion attacks. ACDroid improves the detection performance of existing research focusing on single permission features via constructing synergistic components. We validate our tool by conducting experiments on over 10,000 real-world applications. Compared with state-of-the-art approaches, our method expresses superior performance in collusion attack detection.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Bagheri, H., Sadeghi, A., Garcia, J., Malek, S.: COVERT: compositional analysis of android inter-app permission leakage. IEEE Trans. Software Eng. 41(9), 866–886 (2015)
Bhandari, S., Laxmi, V., Zemmari, A., Gaur, M.S.: Intersection automata based model for android application collusion. In: 2016 IEEE 30th International Conference on Advanced Information Networking and Applications (AINA), pp. 901–908. IEEE (2016)
Blasco, J., Chen, T.M.: Automated generation of colluding apps for experimental research. J. Comput. Virol. Hacking Tech. 14(2), 127–138 (2018)
Bosu, A., Liu, F., Yao, D., Wang, G.: Collusive data leak and more: large-scale threat analysis of inter-app communications. In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, pp. 71–85 (2017)
Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A.R.: XmanDroid: a new android evolution to mitigate privilege escalation attacks. Technische Universität Darmstadt, Technical Report TR-2011-04 (2011)
Casolare, R., Martinelli, F., Mercaldo, F., Santone, A.: Malicious collusion detection in mobile environment by means of model checking. In: 2020 International Joint Conference on Neural Networks (IJCNN), pp. 1–6. IEEE (2020)
Chen, L., Hou, S., Ye, Y.: SecureDroid: enhancing security of machine learning-based detection against adversarial android malware attacks. In: Proceedings of the 33rd Annual Computer Security Applications Conference, pp. 362–372 (2017)
Chin, E., Felt, A.P., Greenwood, K., Wagner, D.: Analyzing inter-application communication in android. In: Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services, pp. 239–252 (2011)
Elish, K.O., Cai, H., Barton, D., Yao, D., Ryder, B.G.: Identifying mobile inter-app communication risks. IEEE Trans. Mob. Comput. 19(1), 90–102 (2018)
He, Y., Li, Q.: Detecting and defending against inter-app permission leaks in android apps. In: 2016 IEEE 35th International Performance Computing and Communications Conference (IPCCC), pp. 1–7. IEEE (2016)
Kim, Y.: Convolutional neural networks for sentence classification (2014). https://doi.org/10.48550/ARXIV.1408.5882. https://arxiv.org/abs/1408.5882
Li, L., et al.: IccTA: detecting inter-component privacy leaks in android apps. In: 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering, vol. 1, pp. 280–291. IEEE (2015)
Liu, P., Qiu, X., Huang, X.: Recurrent neural network for text classification with multi-task learning. arXiv preprint arXiv:1605.05101 (2016)
Mahindru, A., Sangal, A.: MLDroid-framework for android malware detection using machine learning techniques. Neural Comput. Appl. 33(10), 5183–5240 (2021)
Ruff, L., et al.: Deep one-class classification. In: International Conference on Machine Learning, pp. 4393–4402. PMLR (2018)
Sbîrlea, D., Burke, M.G., Guarnieri, S., Pistoia, M., Sarkar, V.: Automatic detection of inter-application permission leaks in android applications. IBM J. Res. Dev. 57(6), 10–1 (2013)
Xu, K., Li, Y., Deng, R.H.: ICCDetector: ICC-based malware detection on android. IEEE Trans. Inf. Forensics Secur. 11(6), 1252–1264 (2016)
Zhu, D., Jin, H., Yang, Y., Wu, D., Chen, W.: DeepFlow: deep learning-based malware detection by mining android application for abnormal usage of sensitive data. In: 2017 IEEE Symposium on Computers and Communications (ISCC), pp. 438–443. IEEE (2017)
Acknowledgements
This work was supported by the Major Research plan of the National Natural Science Foundation of China (Grant No. 92267204, 92167203), Natural Science Basis Research Plan in Shaanxi Province of China (Grant No. 2022JM-338).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
8 Appendix
8 Appendix
Comparison of different algorithms
Performance for LSTM as a function of four hyperparameters: epoch(a), hidden layers (b), hidden size (c) and batch size (d).
Comparison of the classification effects of using feature permission groups combination (Color figure online)
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Xi, N., He, Y., Zhang, Y., Wang, Z., Feng, P. (2023). ACDroid: Detecting Collusion Applications on Smart Devices. In: Yung, M., Chen, C., Meng, W. (eds) Science of Cyber Security . SciSec 2023. Lecture Notes in Computer Science, vol 14299. Springer, Cham. https://doi.org/10.1007/978-3-031-45933-7_1
Download citation
DOI: https://doi.org/10.1007/978-3-031-45933-7_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-45932-0
Online ISBN: 978-3-031-45933-7
eBook Packages: Computer ScienceComputer Science (R0)