Huan Zeng, Yan Ren, Qing-xian Wang, Neng-Qiang He, Xu-Yang Ding
{"title":"Detecting malware and evaluating risk of app using Android permission-API system","authors":"Huan Zeng, Yan Ren, Qing-xian Wang, Neng-Qiang He, Xu-Yang Ding","doi":"10.1109/ICCWAMTIP.2014.7073445","DOIUrl":null,"url":null,"abstract":"The popularity and widely use of cellphone have greatly stimulated the spread of the apps. Meanwhile, security issues are increasing quickly, particularly for Android based devices. In this paper, through analyzing the android permissions system and android API system, we want to find out the relationship between permissions and APIs. Furthermore, we propose an approach to detect message intercepting malware. The contribution of this paper is threefold: first, we perform static analysis on the app to extract permissions and system APIs. In order to avoid permissions and APIs over declaration, we build java function call graph and find the system APIs been used; secondly, we proposed a light weight method to dynamic find out and update the relationship between permissions and APIs; third, we proposed a dynamic controlled method to detect android malwares. This proposed method is verified by extensive experiments.","PeriodicalId":211273,"journal":{"name":"2014 11th International Computer Conference on Wavelet Actiev Media Technology and Information Processing(ICCWAMTIP)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 11th International Computer Conference on Wavelet Actiev Media Technology and Information Processing(ICCWAMTIP)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCWAMTIP.2014.7073445","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4
Abstract
The popularity and widely use of cellphone have greatly stimulated the spread of the apps. Meanwhile, security issues are increasing quickly, particularly for Android based devices. In this paper, through analyzing the android permissions system and android API system, we want to find out the relationship between permissions and APIs. Furthermore, we propose an approach to detect message intercepting malware. The contribution of this paper is threefold: first, we perform static analysis on the app to extract permissions and system APIs. In order to avoid permissions and APIs over declaration, we build java function call graph and find the system APIs been used; secondly, we proposed a light weight method to dynamic find out and update the relationship between permissions and APIs; third, we proposed a dynamic controlled method to detect android malwares. This proposed method is verified by extensive experiments.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
