Skip to main content
SpringerLink
Log in

Fine-Grained Risk Level Quantication Schemes Based on APK Metadata

  • Conference paper
  • First Online:
Neural Information Processing (ICONIP 2015)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 9491))

Included in the following conference series:

Abstract

The number of security incidents faced by Android users is growing, along with a surge in malware targeting Android terminals. Such malware arrives at the Android terminals in the form of Android Packages (APKs). Various techniques for protecting Android users from such malware have been reported, but most of them have focused on the APK files themselves. Unlike these approaches, we use Web information obtained from online APK markets to improve the accuracy of malware detection. In this paper, we propose category/cluster-based APK analysis schemes that quantify the risk of an APK. The category-based scheme uses category information available on the Web, whereas the cluster-based method uses APK descriptions to generate clusters of APK files. In this paper, the performance of the proposed schemes is verified by comparing their area under the curve values with that of a conventional scheme; moreover, the usability of Web information for the purpose of better quantifying the risks of APK files is confirmed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    http://apps.opera.com/.

  2. 2.

    http://www.virustotal.com/ja.

  3. 3.

    We believe that better quantification results are achieved if we consider the difference between the requested permissions and those actually used, i.e., permission gaps [1], because this removes noises added to the characteristics of the APK files. Nevertheless, this is beyond the scope of this paper.

  4. 4.

    http://developer.android.com/reference/android/content/pm/PermissionInfo.html.

  5. 5.

    We measure the AUC values by setting I(np) to 1.0 and increasing the value of I(dp) from 1.0 to 3.0 in increments of 0.1, and then choose the value that provides the highest AUC as the optimal value. Note that dangerous permissions are certainly more harmful than normal permissions.

  6. 6.

    The evaluation following this procedure should be iterated to gain the average values of the studied values. Moreover, cross validation should be applied to the learning process. Our future work will cope with this.

  7. 7.

    The values for I and \(I_c\) were determined empirically, as with Sect. 2.3.

References

  1. Bartel, A., Klein, J., Le Traon, Y., Monperrus, M.: Automatically securing permission-based software by reducing the attack surface: an application to android. In: Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering (2012)

    Google Scholar 

  2. Blei, D.M., Ng, A.Y., Jordan, M.I.: Latent dirichlet allocation. J. Mach. Learn. Res. 3, 993–1022 (2003)

    MATH  Google Scholar 

  3. Brown, C.D., Davis, H.T.: Receiver operating characteristics curves and related decision measures: a tutorial. Chemometr. Intell. Lab. Syst. 80(1), 24–38 (2006)

    Article  Google Scholar 

  4. Gorla, A., Tavecchia, I., Gross, F., Zeller, A.: Checking app behavior against app descriptions. In: Proceedings of the 36th International Conference on Software Engineering (2014)

    Google Scholar 

  5. MacQueen, J.: Some methods for classification and analysis of multivariate observations. In: Proceedings of the Fifth Berkeley Symposium on Mathematical Statistics and Probability. Statistics, vol. 1, pp. 281–297 (1967)

    Google Scholar 

  6. Sarma, B.P., Li, N., Gates, C., Potharaju, R., Nita-Rotaru, C., Molloy, I.: Android permissions: a perspective combining risks and benefits. In: Proceedings of the 17th ACM Symposium on Access Control Models and Technologies (2012)

    Google Scholar 

  7. Takahashi, T., Nakao, K., Kanaoka, A.: Data model for android package information and its application to risk analysis system. In: Proceedings of the First ACM Workshop on Information Sharing and Collaborative Security (2014)

    Google Scholar 

  8. Wang, Y., Zheng, J., Sun, C., Mukkamala, S.: Quantitative security risk assessment of android permissions and applications. In: Wang, L., Shafiq, B. (eds.) DBSec 2013. LNCS, vol. 7964, pp. 226–241. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. National Institute of Information and Communications Technology, Tokyo, Japan

    Takeshi Takahashi, Tao Ban & Koji Nakao

  2. Secure Brain Corporation, Tokyo, Japan

    Takao Mimura

Authors
  1. Takeshi Takahashi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tao Ban
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Takao Mimura
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Koji Nakao
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Takeshi Takahashi .

Editor information

Editors and Affiliations

  1. University of Istanbul, Istanbul, Turkey

    Sabri Arik

  2. University at Qatar, Doha, Qatar

    Tingwen Huang

  3. Tunku Abdul Rahman University College, Kuala Lumpur, Malaysia

    Weng Kin Lai

  4. University of Science Technology, Wuhan, China

    Qingshan Liu

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Takahashi, T., Ban, T., Mimura, T., Nakao, K. (2015). Fine-Grained Risk Level Quantication Schemes Based on APK Metadata. In: Arik, S., Huang, T., Lai, W., Liu, Q. (eds) Neural Information Processing. ICONIP 2015. Lecture Notes in Computer Science(), vol 9491. Springer, Cham. https://doi.org/10.1007/978-3-319-26555-1_75

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-26555-1_75

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-26554-4

  • Online ISBN: 978-3-319-26555-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation