Identifying Malicious Android Apps Using Permissions and System Events
With the popularity of the Android platform,more and more hackers take the Android platform as the profitable target.Android provides a risk communication defense mechanism against malicious applications,which has been demonstrated to be ineffective.It is common to quickly identify malicious applications by permission-based analysis methods.Recently,those permision-based methods are becoming useless when more and more applications request much dangerous per-missions.Through analyzing Android permission model and message mechanism,we find that most malwares not only request more dangerous permissions to gain access to sensitive resources,but also register broadcast receivers to obtain system event messages,which can be used to launch malicious actions.The existing permission-based Android malware check methods can identify nearly 81% malware samples,but they are also identified many normal applications as malware.In additional,the existed approaches are susceptible by the number of permissions.In this paper,we extend permission-based approach and add broadcast Intent as the feature vectors.We employ machine learning approaches to identify the malicious applications.We use the datasets of the Market 2011,Market 2012,Market 2013 and Malware to evaluate the proposed methods.The experimental results illustrate the effectiveness of our proposal.
Android Malware Risk Application
国内会议
湖北恩施
英文
1-12
2014-09-13(万方平台首次上网日期,不代表论文的发表时间)