Android Apps:Static Analysis Based on Permission Classification

被引:3
|
作者
Zhenjiang Dong [1 ]
Hui Ye [2 ]
Yan Wu [1 ]
Shaoyin Cheng [2 ]
Fan Jiang [2 ]
机构
[1] ZTE Corporation
[2] Information Technology Security Evaluation Center,University of Science and Technology of China
来源
ZTECommunications | 2013年 / 11卷 / 01期
基金
中央高校基本科研业务费专项资金资助; 高等学校博士学科点专项科研基金;
关键词
malware; software analysis; static analysis; Android;
D O I
暂无
中图分类号
TN929.5 [移动通信]; TP309 [安全保密];
学科分类号
081201 ; 0839 ; 1402 ;
摘要
Android has a strict permission management mechanism. Any applications that try to run on the Android system need to obtain permission. In this paper, we propose an efficient method of detecting malicious applications in the Android system. First, hundreds of permissions are classified into different groups. The application programming interfaces (APIs) associated with permissions that can interact with the outside environment are called sink functions. The APIs associated with other permissions are called taint functions. e construct association tables for block variables and function variables of each application. Malicious applications can then be detected by using the static taint-propagation method to analyze these tables.
引用
收藏
页码:62 / 66
页数:5
相关论文
共 50 条
  • [31] A Component-Sensitive Static Analysis Based Approach for Modeling Intents in Android Apps
    Abolhassani, Negarsadat
    Halfond, William G. J.
    2023 IEEE INTERNATIONAL CONFERENCE ON SOFTWARE MAINTENANCE AND EVOLUTION, ICSME, 2023, : 97 - 109
  • [32] Static Detection of Event-based Races in Android Apps
    Hu, Yongjian
    Neamtiu, Iulian
    ACM SIGPLAN NOTICES, 2018, 53 (02) : 257 - 270
  • [33] PGFIT: Static permission analysis of health and fitness apps in IoT programming frameworks
    Nobakht, Mehdi
    Sui, Yulei
    Seneviratne, Aruna
    Hu, Wen
    Journal of Network and Computer Applications, 2021, 152
  • [34] Explainable Classification Model for Android Malware Analysis Using API and Permission-Based Features
    Aslam, Nida
    Khan, Irfan Ullah
    Bader, Salma Abdulrahman
    Alansari, Aisha
    Alaqeel, Lama Abdullah
    Khormy, Razan Mohammed
    Alkubaish, Zahra Abdultawab
    Hussain, Tariq
    CMC-COMPUTERS MATERIALS & CONTINUA, 2023, 76 (03): : 3167 - 3188
  • [35] Android Users Security via Permission Based Analysis
    Tiwari, Pradeep Kumar
    Singh, Upasna
    SECURITY IN COMPUTING AND COMMUNICATIONS (SSCC 2015), 2015, 536 : 496 - 505
  • [36] SmartPI: Understanding Permission Implications of Android Apps from User Reviews
    Wang, Run
    Wang, Zhibo
    Tang, Benxiao
    Zhao, Lei
    Wang, Lina
    IEEE TRANSACTIONS ON MOBILE COMPUTING, 2020, 19 (12) : 2933 - 2945
  • [37] DEMO: Starving Permission-Hungry Android Apps Using SecuRank
    Taylor, Vincent F.
    Martinovic, Ivan
    CCS'16: PROCEEDINGS OF THE 2016 ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2016, : 1850 - 1852
  • [38] Permission Issues in Open-source Android Apps: An Exploratory Study
    Scoccia, Gian Luca
    Peruma, Anthony
    Pujols, Virginia
    Malavolta, Ivano
    Krutz, Daniel E.
    2019 19TH IEEE INTERNATIONAL WORKING CONFERENCE ON SOURCE CODE ANALYSIS AND MANIPULATION (SCAM), 2019, : 238 - 249
  • [39] Detecting Sensitive Behavior on Android with Static Taint Analysis Based on Classification
    Chen, Yayun
    Zhang, Hua
    PROCEEDINGS OF THE 4TH INTERNATIONAL CONFERENCE ON MECHATRONICS, MATERIALS, CHEMISTRY AND COMPUTER ENGINEERING 2015 (ICMMCCE 2015), 2015, 39 : 3002 - 3006
  • [40] Runtime Permission Issues in Android Apps: Taxonomy, Practices, and Ways Forward
    Wang, Ying
    Wang, Yibo
    Wang, Sinan
    Liu, Yepang
    Xu, Chang
    Cheung, Shing-Chi
    Yu, Hai
    Zhu, Zhiliang
    IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 2023, 49 (01) : 185 - 210
12345