Skip to main content
SpringerLink
Log in

A novel method to find important apps base on the analysis of components relationship

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

With the mobile Internet rapidly developing and the number of mobile applications increasing sharply, the security of the mobile apps has been paid more and more attention in recent years. Many analysis methods for single app have been used in detecting the vulnerability and malicious code. Since mobile apps always related to each other by invoking components, some researchers began to focus on the analysis for multi-applications. But facing with millions of mobile applications, with limited resources, how to improve the ability of security analysis and protection is a difficult problem. For this purpose, we introduce a novel method to mine the correlation among a large number of applications, and finding the nodes that are in the critical position in the process of invoking components. In the proposed method, we first extract the important information from apps and build a database of components. Then, we try to analysis the potential relationship of apps based on the process of invoking components. Moreover, we proposed a novel metric of importance, which can help to find the apps which play important roles in the app-network. We did some experiments to evaluate the proposed method, the experiments show that, we can assess the influence of apps, and figure out the priority of targets during massive application analysis, whether for purpose of detection or protection.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

References

  1. AppBrain: Android statistics: number of android applications (2016)

  2. Baidu: Bdsuite android market. https://www.baidu.com/ (2017)

  3. Tencent: Myapp market. https://android.myapp.com/ (2017)

  4. Malhotra, R.: an empirical framework for defect prediction using machine learning techniques with Android software. Appl. Soft Comput. 40(10), 993–1006 (2016)

    Google Scholar 

  5. Li, L., Bartel, A., Bissyand’e, T. F., Klein, J., Le Traon, Y.: ApkCombiner: combining multiple android apps to support inter-app analysis. In: Proceedings of the 30th IFIP International Conference on ICT Systems Security and Privacy Protection (SEC 2015) (2015)

    Chapter  Google Scholar 

  6. Lu, L., Li, Z., Wu, Z., Lee, W., Jiang, G.: Chex: statically vetting android apps for component hijacking vulnerabilities. In: Proceedings of the 2012 ACM conference on Computer and communications security. ACM, pp. 229–240 (2012)

  7. Hoog, A.: The incident response playbook for android and ios. In: RSA Conference 2016 (2016)

  8. Wooyun.: Wormhole analysis report. Technical Report (2015)

  9. Sbirlea, D., Burke, M.G., Guarnieri, S., Pistoia, M., Sarkar, V.: Automatic detection of inter-application permission leaks in android applications. IBM J. Res. Dev. 57(6), 10-1 (2013)

    Article  Google Scholar 

  10. Du, Y., Wang, X., Wang, J.: A static android malicious code detection method based on multi-source fusion. Secur. Commun. Netw. 8(17), 3238–3246 (2015)

    Article  Google Scholar 

  11. Zhao, Z., Wang, J., Wang, C.: An unknown malware detection scheme based on the features of graph. Secur. Commun. Netw. 6(2), 239–246 (2013)

    Article  Google Scholar 

  12. Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A.-R., Shastry, B.: Towards taming privilege-escalation attacks on android. In: NDSS, vol. 17, p. 19 (2012)

  13. Li, L.: Boosting static security analysis of android apps through code instrumentation. Ph.D. dissertation, University of Luxembourg, Luxembourg (2016)

  14. Jacomy, M., Venturini, T., Heymann, S., Bastian, M.: Forceatlas2, a continuous graph layout algorithm for handy network visualization designed for the gephi software. PloS ONE 9(6), e98679 (2014)

    Article  Google Scholar 

  15. Marforio, C., Francillon, A., Capkun, S., Capkun, S., Capkun, S.: Application collusion attack on the permission-based security model and its implications for modern smartphone systems. Department of Computer Science, ETH Zurich, Zurich (2011)

    Google Scholar 

  16. Octeau, D., McDaniel, P., Jha, S., Bartel, A., Bodden, E., Klein, J., Yves, L.: Effective inter-component communication mapping in android with EPICC: an essential step towards holistic security analysis. In: USENIX Security 2013 (2013)

  17. Arzt, S., Rasthofer, S., Fritz, C., Bodden, E., Bartel, A., Klein, J., Yves, L., Octeau, D., McDaniel, P.: Flowdroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. vol. 49, no. 6, pp. 259–269 (2014)

    Article  Google Scholar 

  18. Klieber, W., Flynn, L., Bhosale, A., Jia, L., Bauer, L.: Android taint flow analysis for app sets, pp. 1–6 (2014)

  19. Octeau, D., Luchaup, D., Dering, M., Jha, S., McDaniel, P.: “Composite constant propagation: application to android inter-component communication analysis. In: Proceedings of the 37th International Conference on Software Engineering, IEEE Press, vol. 1, pp. 77–88 (2015)

  20. Octeau, D., Jha, S., Dering, M., McDaniel, P., Bartel, A., Li, L., Klein, J., Yves, L.: Combining static analysis with probabilistic models to enable market-scale android inter-component analysis. In: Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. ACM, pp. 469–484 (2016)

  21. Zhao, Y., Song, W.: Survey on social-aware data dissemination over mobile wireless networks. IEEE Access 5, 6049–6059 (2017)

    Article  Google Scholar 

  22. Zhou, J., Wang, Q., Tsai, S., Xue, Y., Dong, W.: How to evaluate the job satisfaction of development personnel. IEEE Trans. Syst. Man Cybern. 47(11), 2809–2816 (2017)

    Article  Google Scholar 

  23. Baldinelli, G., Bonafoni, S., Rotili, A.: Albedo retrieval from multispectral Landsat 8 observation in Urban environment: algorithm validation by in situ measurements. IEEE J. Sel. Topics Appl. Earth Obs. Remote Sens. 10(10), 4504–4511 (2017)

    Article  Google Scholar 

  24. Bai, X., Lee, I., Ning, Z., Tolba, A., Xia, F.: The role of positive and negative citations in scientific evaluation. IEEE Access 5, 17607–17617 (2017)

    Article  Google Scholar 

  25. Guo, J., Guo, H.L., Wang, Z.Y.: An activation force based affinity measure for analyzing complex networks. Sci. Rep. 1, 113 (2011)

    Article  Google Scholar 

  26. Page, L., Brin, S., Motwani, R., Winograd, T.: The pagerank citation ranking: bringing order to the web. Tech. Rep. (1999)

Download references

Acknowledgements

This work is supported by National Natural Science Foundation of China (CN) Project (U153610079, 61401038).

Author information

Authors and Affiliations

  1. Beijing University of Posts and Telecommunications, Beijing, 100876, China

    Qi Li, Chengze Li & Yanyi Huang

  2. Beijing Institute of Technology, Beijing, 100876, China

    Guangyu Gao

Authors
  1. Qi Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Chengze Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Guangyu Gao
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yanyi Huang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Qi Li.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Li, Q., Li, C., Gao, G. et al. A novel method to find important apps base on the analysis of components relationship. Cluster Comput 22 (Suppl 3), 5479–5489 (2019). https://doi.org/10.1007/s10586-017-1308-3

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-017-1308-3

Keywords

Search

Navigation