Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Published in:
Design of an Adaptive Support Vector Regressor Controller for a Spherical Tank System Read chapter Read first chapter

2015 | OriginalPaper | Chapter

Fine-Grained Risk Level Quantication Schemes Based on APK Metadata

Authors : Takeshi Takahashi, Tao Ban, Takao Mimura, Koji Nakao

Published in: Neural Information Processing

Publisher: Springer International Publishing

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

The number of security incidents faced by Android users is growing, along with a surge in malware targeting Android terminals. Such malware arrives at the Android terminals in the form of Android Packages (APKs). Various techniques for protecting Android users from such malware have been reported, but most of them have focused on the APK files themselves. Unlike these approaches, we use Web information obtained from online APK markets to improve the accuracy of malware detection. In this paper, we propose category/cluster-based APK analysis schemes that quantify the risk of an APK. The category-based scheme uses category information available on the Web, whereas the cluster-based method uses APK descriptions to generate clusters of APK files. In this paper, the performance of the proposed schemes is verified by comparing their area under the curve values with that of a conventional scheme; moreover, the usability of Web information for the purpose of better quantifying the risks of APK files is confirmed.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter Real-Time Simulation of Aero-optical Distortions Due to Air Density Fluctuations at Supersonic Speed
next chapter Opinion Formation Dynamics Under the Combined Influences of Majority and Experts
Footnotes
3
We believe that better quantification results are achieved if we consider the difference between the requested permissions and those actually used, i.e., permission gaps [1], because this removes noises added to the characteristics of the APK files. Nevertheless, this is beyond the scope of this paper.
 
5
We measure the AUC values by setting I(np) to 1.0 and increasing the value of I(dp) from 1.0 to 3.0 in increments of 0.1, and then choose the value that provides the highest AUC as the optimal value. Note that dangerous permissions are certainly more harmful than normal permissions.
 
6
The evaluation following this procedure should be iterated to gain the average values of the studied values. Moreover, cross validation should be applied to the learning process. Our future work will cope with this.
 
7
The values for I and \(I_c\) were determined empirically, as with Sect. 2.3.
 
Literature
1.
Bartel, A., Klein, J., Le Traon, Y., Monperrus, M.: Automatically securing permission-based software by reducing the attack surface: an application to android. In: Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering (2012)
2.
Blei, D.M., Ng, A.Y., Jordan, M.I.: Latent dirichlet allocation. J. Mach. Learn. Res. 3, 993–1022 (2003)MATH
3.
Brown, C.D., Davis, H.T.: Receiver operating characteristics curves and related decision measures: a tutorial. Chemometr. Intell. Lab. Syst. 80(1), 24–38 (2006)CrossRef
4.
Gorla, A., Tavecchia, I., Gross, F., Zeller, A.: Checking app behavior against app descriptions. In: Proceedings of the 36th International Conference on Software Engineering (2014)
5.
MacQueen, J.: Some methods for classification and analysis of multivariate observations. In: Proceedings of the Fifth Berkeley Symposium on Mathematical Statistics and Probability. Statistics, vol. 1, pp. 281–297 (1967)
6.
Sarma, B.P., Li, N., Gates, C., Potharaju, R., Nita-Rotaru, C., Molloy, I.: Android permissions: a perspective combining risks and benefits. In: Proceedings of the 17th ACM Symposium on Access Control Models and Technologies (2012)
7.
Takahashi, T., Nakao, K., Kanaoka, A.: Data model for android package information and its application to risk analysis system. In: Proceedings of the First ACM Workshop on Information Sharing and Collaborative Security (2014)
8.
Wang, Y., Zheng, J., Sun, C., Mukkamala, S.: Quantitative security risk assessment of android permissions and applications. In: Wang, L., Shafiq, B. (eds.) DBSec 2013. LNCS, vol. 7964, pp. 226–241. Springer, Heidelberg (2013) CrossRef
Metadata
Title
Fine-Grained Risk Level Quantication Schemes Based on APK Metadata
Authors
Takeshi Takahashi
Tao Ban
Takao Mimura
Koji Nakao
Copyright Year
2015
Book
Neural Information Processing

Print ISBN: 978-3-319-26554-4

Electronic ISBN: 978-3-319-26555-1

Copyright Year: 2015

DOI
https://doi.org/10.1007/978-3-319-26555-1_75

Premium Partner

    Image Credits