Top

Cluster Computing

Published in:

10-11-2017

A novel method to find important apps base on the analysis of components relationship

Authors: Qi Li, Chengze Li, Guangyu Gao, Yanyi Huang

Published in: Cluster Computing | Special Issue 3/2019

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

With the mobile Internet rapidly developing and the number of mobile applications increasing sharply, the security of the mobile apps has been paid more and more attention in recent years. Many analysis methods for single app have been used in detecting the vulnerability and malicious code. Since mobile apps always related to each other by invoking components, some researchers began to focus on the analysis for multi-applications. But facing with millions of mobile applications, with limited resources, how to improve the ability of security analysis and protection is a difficult problem. For this purpose, we introduce a novel method to mine the correlation among a large number of applications, and finding the nodes that are in the critical position in the process of invoking components. In the proposed method, we first extract the important information from apps and build a database of components. Then, we try to analysis the potential relationship of apps based on the process of invoking components. Moreover, we proposed a novel metric of importance, which can help to find the apps which play important roles in the app-network. We did some experiments to evaluate the proposed method, the experiments show that, we can assess the influence of apps, and figure out the priority of targets during massive application analysis, whether for purpose of detection or protection.

previous article Personalized information recommendation based on synonymy tag optimization

next article A novel intelligent assessment method for SCADA information security risk based on causality analysis

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

AppBrain: Android statistics: number of android applications (2016)

Baidu: Bdsuite android market. https://www.baidu.com/ (2017)

Tencent: Myapp market. https://android.myapp.com/ (2017)

Malhotra, R.: an empirical framework for defect prediction using machine learning techniques with Android software. Appl. Soft Comput. 40(10), 993–1006 (2016)

Li, L., Bartel, A., Bissyand’e, T. F., Klein, J., Le Traon, Y.: ApkCombiner: combining multiple android apps to support inter-app analysis. In: Proceedings of the 30th IFIP International Conference on ICT Systems Security and Privacy Protection (SEC 2015) (2015)CrossRef

Lu, L., Li, Z., Wu, Z., Lee, W., Jiang, G.: Chex: statically vetting android apps for component hijacking vulnerabilities. In: Proceedings of the 2012 ACM conference on Computer and communications security. ACM, pp. 229–240 (2012)

Hoog, A.: The incident response playbook for android and ios. In: RSA Conference 2016 (2016)

Wooyun.: Wormhole analysis report. Technical Report (2015)

Sbirlea, D., Burke, M.G., Guarnieri, S., Pistoia, M., Sarkar, V.: Automatic detection of inter-application permission leaks in android applications. IBM J. Res. Dev. 57(6), 10-1 (2013)CrossRef

10.

Du, Y., Wang, X., Wang, J.: A static android malicious code detection method based on multi-source fusion. Secur. Commun. Netw. 8(17), 3238–3246 (2015)CrossRef

11.

Zhao, Z., Wang, J., Wang, C.: An unknown malware detection scheme based on the features of graph. Secur. Commun. Netw. 6(2), 239–246 (2013)CrossRef

12.

Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A.-R., Shastry, B.: Towards taming privilege-escalation attacks on android. In: NDSS, vol. 17, p. 19 (2012)

13.

Li, L.: Boosting static security analysis of android apps through code instrumentation. Ph.D. dissertation, University of Luxembourg, Luxembourg (2016)

14.

Jacomy, M., Venturini, T., Heymann, S., Bastian, M.: Forceatlas2, a continuous graph layout algorithm for handy network visualization designed for the gephi software. PloS ONE 9(6), e98679 (2014)CrossRef

15.

Marforio, C., Francillon, A., Capkun, S., Capkun, S., Capkun, S.: Application collusion attack on the permission-based security model and its implications for modern smartphone systems. Department of Computer Science, ETH Zurich, Zurich (2011)

16.

Octeau, D., McDaniel, P., Jha, S., Bartel, A., Bodden, E., Klein, J., Yves, L.: Effective inter-component communication mapping in android with EPICC: an essential step towards holistic security analysis. In: USENIX Security 2013 (2013)

17.

Arzt, S., Rasthofer, S., Fritz, C., Bodden, E., Bartel, A., Klein, J., Yves, L., Octeau, D., McDaniel, P.: Flowdroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. vol. 49, no. 6, pp. 259–269 (2014)CrossRef

18.

Klieber, W., Flynn, L., Bhosale, A., Jia, L., Bauer, L.: Android taint flow analysis for app sets, pp. 1–6 (2014)

19.

Octeau, D., Luchaup, D., Dering, M., Jha, S., McDaniel, P.: “Composite constant propagation: application to android inter-component communication analysis. In: Proceedings of the 37th International Conference on Software Engineering, IEEE Press, vol. 1, pp. 77–88 (2015)

20.

Octeau, D., Jha, S., Dering, M., McDaniel, P., Bartel, A., Li, L., Klein, J., Yves, L.: Combining static analysis with probabilistic models to enable market-scale android inter-component analysis. In: Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. ACM, pp. 469–484 (2016)

21.

Zhao, Y., Song, W.: Survey on social-aware data dissemination over mobile wireless networks. IEEE Access 5, 6049–6059 (2017)CrossRef

22.

Zhou, J., Wang, Q., Tsai, S., Xue, Y., Dong, W.: How to evaluate the job satisfaction of development personnel. IEEE Trans. Syst. Man Cybern. 47(11), 2809–2816 (2017)CrossRef

23.

Baldinelli, G., Bonafoni, S., Rotili, A.: Albedo retrieval from multispectral Landsat 8 observation in Urban environment: algorithm validation by in situ measurements. IEEE J. Sel. Topics Appl. Earth Obs. Remote Sens. 10(10), 4504–4511 (2017)CrossRef

24.

Bai, X., Lee, I., Ning, Z., Tolba, A., Xia, F.: The role of positive and negative citations in scientific evaluation. IEEE Access 5, 17607–17617 (2017)CrossRef

25.

Guo, J., Guo, H.L., Wang, Z.Y.: An activation force based affinity measure for analyzing complex networks. Sci. Rep. 1, 113 (2011)CrossRef

26.

Page, L., Brin, S., Motwani, R., Winograd, T.: The pagerank citation ranking: bringing order to the web. Tech. Rep. (1999)

Title: A novel method to find important apps base on the analysis of components relationship
Authors: Qi Li
Chengze Li
Guangyu Gao
Yanyi Huang
Publication date: 10-11-2017
Publisher: Springer US
Published in: Cluster Computing / Issue Special Issue 3/2019
Print ISSN: 1386-7857
Electronic ISSN: 1573-7543
DOI: https://doi.org/10.1007/s10586-017-1308-3

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Other articles of this Special Issue 3/2019

Synchronization between different hyper chaotic systems and dimensions of cellular neural network and its design in audio encryption

An integrated data analysis of configurations of supply chain integration

Structure Characteristics Analysis of Diesel Sales in Complex Network Method

A matching model for plant growth environment based on weighted multi-dimensional tree designed for big data

Research on duplicate combined forecasting method based on supply chain coordination

Efficient computation of the transitive closure size

Premium Partner