<p>In Android applications (apps), users are exposed to a variety of risks, such as the potential to compromise privacy and system integrity. Detection of harmful apps is currently problematic due to flaws in current security countermeasures. As a result, users would benefit from a simple yet effective method for deciding if an app is safe to install or not. Moreover, due to the increasing volume and usage of Android apps, it is necessary to build techniques to automatically calculate the threat or damage posed by them. In this paper, we introduce a technique to calculate the threat score of an Android app based on static attributes i.e. API calls and permissions. Using this assessment, early warnings can be provided about a specific Android app so that immediate resources can be assigned for a more in-depth investigation. The proposed approach is evaluated on a dataset containing 1800 benign and 1747 malicious Android apps. To identify the risk factors of each sample in the data, the static permissions and API calls are statistically analyzed. To test the hypothesis, analysis of variance (ANOVA) technique is used. Using 5% statistical significance, the computed value of F is 5987.439, a significant greater value than the tabulated value F<sub>crit</sub>, 2.606. Different risk factors have significant mean values according to the ANOVA. The generated intelligence can be shared with Computer Emergency Response Teams (CERTs) and security agencies, enabling them to issue advisories and implement preventive measures against future malware threats. </p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Quantitative Threat Assessment of Android Applications Using Static Permissions and API Calls

  • Meghna Dhalaria,
  • Ekta Gandotra

摘要

In Android applications (apps), users are exposed to a variety of risks, such as the potential to compromise privacy and system integrity. Detection of harmful apps is currently problematic due to flaws in current security countermeasures. As a result, users would benefit from a simple yet effective method for deciding if an app is safe to install or not. Moreover, due to the increasing volume and usage of Android apps, it is necessary to build techniques to automatically calculate the threat or damage posed by them. In this paper, we introduce a technique to calculate the threat score of an Android app based on static attributes i.e. API calls and permissions. Using this assessment, early warnings can be provided about a specific Android app so that immediate resources can be assigned for a more in-depth investigation. The proposed approach is evaluated on a dataset containing 1800 benign and 1747 malicious Android apps. To identify the risk factors of each sample in the data, the static permissions and API calls are statistically analyzed. To test the hypothesis, analysis of variance (ANOVA) technique is used. Using 5% statistical significance, the computed value of F is 5987.439, a significant greater value than the tabulated value Fcrit, 2.606. Different risk factors have significant mean values according to the ANOVA. The generated intelligence can be shared with Computer Emergency Response Teams (CERTs) and security agencies, enabling them to issue advisories and implement preventive measures against future malware threats.