Abstract
The security risk assessment of Android applications is an uncertain problem. It is difficult to determine whether the application authority is reasonable from a single application point of view, and whether some privacy rights overstep the functional scope of the application itself. To solve this problem, a group based method for feature analysis and risk assessment of large-scale Android applications is proposed. The permission that app applies is an important object for security analysis and evaluation. The same type of application has similar functions, so the required system privileges are similar. By comparing the application class of the same functional type to the population, the two layers model of group feature analysis and mass population clustering is used to evaluate the relative malicious program in the population, which shows the effectiveness and adaptability of the method.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
The development of the China Mobile Internet and its security report (2017) [EB/OL]. http://www.isc.org.cn/zxzx/xhdt/listinfo-35398.html. Accessed 08 Mar 2018
Google Play [EB/OL], 14 December 2017. https://play.google.com/store
Peng, H., Gates, C., Sarma, B., et al.: Using probabilistic generative models for ranking risks of Android apps. In: ACM Conference on Computer and Communications Security, pp. 241–252. ACM (2012)
Zhou, Y., Jiang, X.: Dissecting Android malware: characterization and evolution. In: IEEE Symposium on Security and Privacy, pp. 95–109. IEEE (2012)
Jiawei, Z.H.U., Liangwen, Y.U., Zhi, G.U.A.N., et al.: A review of the security research of Android authority mechanism. Appl. Res. Comput. 32(10), 2881–2885 (2015)
Sihan, Q.: Progress in research on Android security. J. Softw. 27(1), 45–71 (2016)
Barrera, D., Oorschot, P.C.V., Somayaji, A.: A methodology for empirical analysis of permission-based security models and its application to Android. In: ACM Conference on Computer and Communications Security, pp. 73–84. ACM (2010)
Felt, A.P., Greenwood, K., Wagner, D.: The effectiveness of install-time permission systems for third-party applications (2010)
Felt, A.P., Ha, E., Egelman, S., et al.: Android permissions: user attention, comprehension, and behavior. In: Proceedings of the Eighth Symposium on Usable Privacy and Security, pp. 1–14. ACM (2012)
Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for Android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 15–26. ACM, New York (2011)
Schmidt, A.D., Bye, R., Schmidt, H.G., et al.: Static analysis of executable for collaborative malware detection on Android. In: Proceedings of the 2009 IEEE International Conference on Communications, Piscataway, pp. 631–635. IEEE Press (2009)
Shuke, Z., Yang, Z., Liang, C., et al.: A Android system for privacy protection effectiveness evaluation method. J. Univ. Sci. Technol. China 44(10), 853–861 (2014)
Sibei, J.I.A.O., Lingyun, Y.I.N.G., Yi, Y.A.N.G., et al.: An anti obfuscation method of similarity detection for large scale Android applications. J. Comput. Res. Dev. 51(7), 1446–1457 (2014)
Zhang, T., Li, T., Wang, H., Xiao, Z.: AndroidProtect: Android apps security analysis system. In: Wang, S., Zhou, A. (eds.) CollaborateCom 2016. LNICST, vol. 201, pp. 583–594. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-59288-6_58
Wang, H., Li, T., Zhang, T., Wang, J.: Android apps security evaluation system in the cloud. In: Guo, S., Liao, X., Liu, F., Zhu, Y. (eds.) CollaborateCom 2015. LNICST, vol. 163, pp. 151–160. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-28910-6_14
Acknowledgement
Authors are partially supported by Major projects of the Hubei Provincial Education Department (No. 17ZD014) and Hubei college students’ innovation and entrepreneur-ship training program project (No. 201610488020).
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Xiao, Z., Li, T., Wang, Y. (2018). Feature Analysis and Risk Assessment of Android Group Based on Clustering. In: Huang, DS., Jo, KH., Zhang, XL. (eds) Intelligent Computing Theories and Application. ICIC 2018. Lecture Notes in Computer Science(), vol 10955. Springer, Cham. https://doi.org/10.1007/978-3-319-95933-7_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-95933-7_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-95932-0
Online ISBN: 978-3-319-95933-7
eBook Packages: Computer ScienceComputer Science (R0)