Mining permission patterns for contrasting clean and malicious android applications

Abstract An Android application uses a permission system to regulate the access to system resources and users’ privacy-relevant information. Existing works have demonstrated several techniques to study the required permissions declared by the developers, but little attention has been paid towards used permissions. Besides, no specific permission combination is identified to be effective for malware detection. To fill these gaps, we have proposed a novel pattern mining algorithm to identify a set of contrast permission patterns that aim to detect the difference between clean and malicious applications. A benchmark malware dataset and a dataset of 1227 clean applications has been collected by us to evaluate the performance of the proposed algorithm. Valuable findings are obtained by analyzing the returned contrast permission patterns.

[1]  Paul C. van Oorschot,et al.  A methodology for empirical analysis of permission-based security models and its application to android , 2010, CCS '10.

[2]  J. H. Ward Hierarchical Grouping to Optimize an Objective Function , 1963 .

[3]  David A. Wagner,et al.  The Effectiveness of Application Permissions , 2011, WebApps.

[4]  L. Cranor,et al.  Curbing Android Permission Creep , 2011 .

[5]  Byung-Gon Chun,et al.  Vision: automated security validation of mobile apps at app markets , 2011, MCS '11.

[6]  Arlindo L. Oliveira,et al.  Biclustering algorithms for biological data analysis: a survey , 2004, IEEE/ACM Transactions on Computational Biology and Bioinformatics.

[7]  Lauren Darcey,et al.  Introduction to Android Application Development: Android Essentials , 2013 .

[8]  Hahn-Ming Lee,et al.  DroidMat: Android Malware Detection through Manifest and API Calls Tracing , 2012, 2012 Seventh Asia Joint Conference on Information Security.

[9]  Yuzuru Tanahashi,et al.  Various approaches in analyzing Android applications with its permission-based security models , 2011, 2011 IEEE INTERNATIONAL CONFERENCE ON ELECTRO/INFORMATION TECHNOLOGY.

[10]  Steve Hanna,et al.  Android permissions demystified , 2011, CCS '11.

[11]  David A. Wagner,et al.  Android permissions: user attention, comprehension, and behavior , 2012, SOUPS.

[12]  Gábor J. Székely,et al.  Hierarchical Clustering via Joint Between-Within Distances: Extending Ward's Minimum Variance Method , 2005, J. Classif..

[13]  Sergio Gómez,et al.  Solving Non-Uniqueness in Agglomerative Hierarchical Clustering Using Multidendrograms , 2006, J. Classif..

[14]  R. Law,et al.  Analyzing changes in hotel customers’ expectations by trip mode , 2013 .

[15]  Yajin Zhou,et al.  Detecting repackaged smartphone applications in third-party android marketplaces , 2012, CODASPY '12.

[16]  Rob Law,et al.  Identifying changes and trends in Hong Kong outbound tourism , 2011 .

[17]  Gonzalo Álvarez,et al.  PUMA: Permission Usage to Detect Malware in Android , 2012, CISIS/ICEUTE/SOCO Special Sessions.

[18]  Veelasha Moonsamy,et al.  Towards an understanding of the impact of advertising on data leaks , 2012, Int. J. Secur. Networks.

[19]  David A. Wagner,et al.  Analyzing inter-application communication in Android , 2011, MobiSys '11.

[20]  Pern Hui Chia,et al.  Is this app safe?: a large scale study on application permissions and risk signals , 2012, WWW.

[21]  Yves Le Traon,et al.  Automatically securing permission-based software by reducing the attack surface: an application to Android , 2012, 2012 Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering.

[22]  R. Law,et al.  A behavioral analysis of web sharers and browsers in Hong Kong using targeted association rule mining , 2012 .

[23]  Dawn Xiaodong Song,et al.  Mining Permission Request Patterns from Android and Facebook Applications , 2012, 2012 IEEE 12th International Conference on Data Mining.

[24]  Yajin Zhou,et al.  Dissecting Android Malware: Characterization and Evolution , 2012, 2012 IEEE Symposium on Security and Privacy.

[25]  Steve Hanna,et al.  A survey of mobile malware in the wild , 2011, SPSM '11.

[26]  Das Amrita,et al.  Mining Association Rules between Sets of Items in Large Databases , 2013 .

[27]  Latifur Khan,et al.  A Machine Learning Approach to Android Malware Detection , 2012, 2012 European Intelligence and Security Informatics Conference.

[28]  Yajin Zhou,et al.  Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets , 2012, NDSS.