Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Design of an Adaptive Support Vector Regressor Controller for a Spherical Tank System Kapitel lesen Erstes Kapitel lesen

2015 | OriginalPaper | Buchkapitel

Fine-Grained Risk Level Quantication Schemes Based on APK Metadata

verfasst von : Takeshi Takahashi, Tao Ban, Takao Mimura, Koji Nakao

Erschienen in: Neural Information Processing

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

The number of security incidents faced by Android users is growing, along with a surge in malware targeting Android terminals. Such malware arrives at the Android terminals in the form of Android Packages (APKs). Various techniques for protecting Android users from such malware have been reported, but most of them have focused on the APK files themselves. Unlike these approaches, we use Web information obtained from online APK markets to improve the accuracy of malware detection. In this paper, we propose category/cluster-based APK analysis schemes that quantify the risk of an APK. The category-based scheme uses category information available on the Web, whereas the cluster-based method uses APK descriptions to generate clusters of APK files. In this paper, the performance of the proposed schemes is verified by comparing their area under the curve values with that of a conventional scheme; moreover, the usability of Web information for the purpose of better quantifying the risks of APK files is confirmed.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Real-Time Simulation of Aero-optical Distortions Due to Air Density Fluctuations at Supersonic Speed
Nächstes Kapitel Opinion Formation Dynamics Under the Combined Influences of Majority and Experts
Fußnoten
3
We believe that better quantification results are achieved if we consider the difference between the requested permissions and those actually used, i.e., permission gaps [1], because this removes noises added to the characteristics of the APK files. Nevertheless, this is beyond the scope of this paper.
 
5
We measure the AUC values by setting I(np) to 1.0 and increasing the value of I(dp) from 1.0 to 3.0 in increments of 0.1, and then choose the value that provides the highest AUC as the optimal value. Note that dangerous permissions are certainly more harmful than normal permissions.
 
6
The evaluation following this procedure should be iterated to gain the average values of the studied values. Moreover, cross validation should be applied to the learning process. Our future work will cope with this.
 
7
The values for I and \(I_c\) were determined empirically, as with Sect. 2.3.
 
Literatur
1.
Bartel, A., Klein, J., Le Traon, Y., Monperrus, M.: Automatically securing permission-based software by reducing the attack surface: an application to android. In: Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering (2012)
2.
Blei, D.M., Ng, A.Y., Jordan, M.I.: Latent dirichlet allocation. J. Mach. Learn. Res. 3, 993–1022 (2003)MATH
3.
Brown, C.D., Davis, H.T.: Receiver operating characteristics curves and related decision measures: a tutorial. Chemometr. Intell. Lab. Syst. 80(1), 24–38 (2006)CrossRef
4.
Gorla, A., Tavecchia, I., Gross, F., Zeller, A.: Checking app behavior against app descriptions. In: Proceedings of the 36th International Conference on Software Engineering (2014)
5.
MacQueen, J.: Some methods for classification and analysis of multivariate observations. In: Proceedings of the Fifth Berkeley Symposium on Mathematical Statistics and Probability. Statistics, vol. 1, pp. 281–297 (1967)
6.
Sarma, B.P., Li, N., Gates, C., Potharaju, R., Nita-Rotaru, C., Molloy, I.: Android permissions: a perspective combining risks and benefits. In: Proceedings of the 17th ACM Symposium on Access Control Models and Technologies (2012)
7.
Takahashi, T., Nakao, K., Kanaoka, A.: Data model for android package information and its application to risk analysis system. In: Proceedings of the First ACM Workshop on Information Sharing and Collaborative Security (2014)
8.
Wang, Y., Zheng, J., Sun, C., Mukkamala, S.: Quantitative security risk assessment of android permissions and applications. In: Wang, L., Shafiq, B. (eds.) DBSec 2013. LNCS, vol. 7964, pp. 226–241. Springer, Heidelberg (2013) CrossRef
Metadaten
Titel
Fine-Grained Risk Level Quantication Schemes Based on APK Metadata
verfasst von
Takeshi Takahashi
Tao Ban
Takao Mimura
Koji Nakao
Copyright-Jahr
2015
Buch
Neural Information Processing

Print ISBN: 978-3-319-26554-4

Electronic ISBN: 978-3-319-26555-1

Copyright-Jahr: 2015

DOI
https://doi.org/10.1007/978-3-319-26555-1_75