Top

Soft Computing

Published in:

04-08-2018 | Methodologies and Application

Entropy-based security risk measurement for Android mobile applications

Author: Mahmood Deypir

Published in: Soft Computing | Issue 16/2019

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Android as a widest used operating system for smartphones and mobile devices uses permissions to restrict malicious applications (apps). However, malware developers use various social engineering methods to entice users for installing malwares after granting critical permissions by users. Therefore, it is essential to estimate security risks of untrusted Android apps to help users for making better decisions regarding app selection and installation. In this paper, the concept of criticality for Android permissions is precisely defined according to the abuse of permissions by known malwares and their legal usage by useful apps. Based on this definition and analyzing requested permissions of large numbers of malwares and benign apps, a new criterion is proposed to measure the security risks of the apps. This measure benefits from the concepts of entropy and information gain of permissions regarding separating malwares from benign apps. In this criterion, more informative permissions have higher impacts on the computed risk values. In order to evaluate the proposed criterion, two new datasets of recent malicious and non-malicious Android apps have been constructed and analyzed against existing ones. This analysis shows that permission usage patterns of Android apps are changed over the time. Empirical evaluations on recent and previous malwares and benign apps reveal the superiority of the proposed criterion with respect to previously proposed ones in terms of assigning larger risk values to malwares.

previous article A framework based on evolutionary algorithm for strategy optimization in robot soccer

next article Uncertainty quantification with hybrid -cut

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

https://github.com/hao-peng/AppRiskPred.

Aafer Y, Du W, Yin H (2013) DroidAPIMiner: mining API-level features for robust malware detection in Android. In: Zhou J (ed) Security and privacy in communication networks. Springer, Berlin, pp 86–103CrossRef

Arp D, Spreitzenbarth M, Hubner M, Gascon H, Rieck K (2014) DREBIN: effective and explainable detection of Android malware in your pocket. In: NDSS. https://doi.org/10.14722/ndss.2014.23247

Au KWY, Zhou YF, Huang Z, Lie D (2012) Pscout: analyzing the Android permission specification. In: Proceedings of the 2012 ACM conference on Computer and communications security. ACM, pp 217–228

Barrera D, Kayacik HG, van Oorschot PC, Somayaji A (2010) A methodology for empirical analysis of permission-based security models and its application to Android. In: Proceedings of the 17th ACM conference on Computer and communications security. ACM, pp 73–84

Burguera I, Zurutuza U, Nadjm-Tehrani S (2011).Crowdroid: behavior-based malware detection system for Android. In: Proceedings of the 1st ACM workshop on security and privacy in smartphones and mobile devices. ACM, pp 15–26

Cen L, Gates C, Si L, Li N (2015) A probabilistic discriminative model for Android malware detection with decompiled source code. IEEE Trans Dependable Secure Comput 12(4):400–412CrossRef

Chakradeo S, Reaves B, Traynor P, Enck W (2013) Mast: triage for market-scale mobile malware analysis. In: Proceedings of the sixth ACM conference on security and privacy in wireless and mobile networks. ACM, pp 13–24

Christodorescu M, Jha S, Kruegel C (2008) Mining specifications of malicious behavior. In: Proceedings of the 1st India software engineering conference. ACM, pp 5–14

Desnos A (2012) Android: static analysis using similarity distance. In: 2012 45th Hawaii international conference on system science (HICSS). IEEE, pp 5394–5403

Deypir M, Horri A (2018) Instance based security risk value estimation for Android applications. J Inf Secur Appl 40:20–30

Enck W, Ongtang M, McDaniel P (2009) On lightweight mobile phone application certification. In: Proceedings of the 16th ACM conference on Computer and communications security. ACM, pp 235–245

Fang Z, Han W, Li Y (2014) Permission based Android security: issues and countermeasures. Comput Secur 43:205–218CrossRef

Felt AP, Ha E, Egelman S, Haney A, Chin E, Wagner D (2012) Android permissions: user attention, comprehension, and behavior. Technical report of UCB/EECS-2012-26, UC Berkeley

Gates CS, Chen J, Li N, Proctor RW (2014a) Effective risk communication for Android apps. IEEE Trans Dependable Secure Comput 11(3):252–265CrossRef

Gates CS, Li N, Peng H, Sarma B, Qi Y, Potharaju R, Molloy I (2014b) Generating summary risk scores for mobile applications. IEEE Trans Dependable Secure Comput 11(3):238–251CrossRef

Geneiatakis D, Fovino IN, Kounelis I, Stirparo P (2015) A permission verification approach for Android mobile applications. Comput Secur 49:192–205CrossRef

Ham HS, Choi MJ (2013) Analysis of Android malware detection performance using machine learning classifiers. In: 2013 international conference on ICT Convergence (ICTC). IEEE, pp 490–495

Jha AK, Lee WJ (2018) An empirical study of collaborative model and its security risk in Android. J Syst Softw 137:550–562CrossRef

Kelley PG, Consolvo S, Cranor LF, Jung J, Sadeh N, Wetherall D (2012) A conundrum of permissions: installing applications on an Android smartphone. In: Blyth J, Dietrich S, Camp LJ (eds) Financial cryptography and data security. Springer, Berlin, pp 68–79CrossRef

Kelley PG, Cranor LF, Sadeh N (2013) Privacy as part of the app decision-making process. In: Proceedings of the SIGCHI conference on human factors in computing systems. ACM, pp 3393–3402

Martín A, Menéndez HD, Camacho D (2017) MOCDroid: multi-objective evolutionary classifier for Android malware detection. Soft comput 21(24):7405–7415CrossRef

Peng H, Gates C, Sarma B, Li N, Qi Y, Potharaju R, Molloy I (2012) Using probabilistic generative models for ranking risks of Android apps. In: Proceedings of the 2012 ACM conference on Computer and communications security. ACM, pp 241–252

Quinlan R (1983) Learning efficient classification procedures. In: Michalski, Carbonell & Mitchell (eds.) Machine Learning: an artificial intelligence approach. Morgan Kaufmann, pp 463–482

Rieck K, Holz T, Willems C, Düssel P, Laskov P (2008) Learning and classification of malware behavior. In: Zamboni D (ed) Detection of intrusions and malware, and vulnerability assessment. Springer, Berlin, pp 108–125CrossRef

Sarma BP, Li N, Gates C, Potharaju R, Nita-Rotaru C, Molloy I (2012) Android permissions: a perspective combining risks and benefits. In: Proceedings of the 17th ACM symposium on access control models and technologies. ACM, pp 13–22

Schmidt AD, Bye R, Schmidt HG, Clausen J, Kiraz O, Yüksel K, Albayrak S (2009) Static analysis of executables for collaborative malware detection on Android. In: IEEE international conference on communications, 2009. ICC’09. IEEE, pp 1–5

Shabtai A, Elovici Y (2010) Applying behavioral detection on Android-based devices. In: Cai Y, Magedanz T, Li M, Xia J, Giannelli C (eds) Mobile wireless middleware, operating systems, and applications. Springer, Berlin, pp 235–249CrossRef

Talha KA, Alper DI, Aydin C (2015) APK Auditor: permission-based Android malware detection system. Digit Investig 13:1–14CrossRef

Wang W, Li Y, Wang X, Liu J, Zhang X (2018) Detecting Android malicious apps and categorizing benign apps with ensemble of classifiers. Future Gener Comput Syst 78(3):987–994CrossRef

Zhou Y, Jiang X (2012) Dissecting Android malware: characterization and evolution. In: 2012 IEEE symposium on security and privacy (SP). IEEE, pp 95–109

Zhou Y, Wang Z, Zhou W, Jiang X (2012) Hey, you, get off of my market: detecting malicious apps in official and alternative android markets. In: NDSS. Proceedings of the 19th Network and Distributed System Security Symposium (NDSS 2012) San Diego, CA

Title: Entropy-based security risk measurement for Android mobile applications
Author: Mahmood Deypir
Publication date: 04-08-2018
Publisher: Springer Berlin Heidelberg
Published in: Soft Computing / Issue 16/2019
Print ISSN: 1432-7643
Electronic ISSN: 1433-7479
DOI: https://doi.org/10.1007/s00500-018-3377-5

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Other articles of this Issue 16/2019

Solving interval linear programming problems with equality constraints using extended interval enclosure solutions

Online non-affine nonlinear system identification based on state-space neuro-fuzzy models

A model towards global demographics: an application—a universal bank branch geolocator based on branch size

A multi-recombinative active matrix adaptation evolution strategy for constrained optimization

Fireworks-inspired biogeography-based optimization

The structures and the connections on four types of covering rough sets

Premium Partner