论文信息 - The Usability of Metadata for Android Application Analysis

The Usability of Metadata for Android Application Analysis

The number of security incidents faced by Android users is growing, along with the surge in malware targeting Android terminals. Such malware arrives at the Android terminals in the form of Android Packages (APKs). Assorted techniques for protecting Android users from such malware have been reported, but most of them focus on the APK files themselves. Different from these approaches, we use metadata, such as web information obtained from the online APK markets, to improve the accuracy of malware identification. In this paper, we introduce malware detection schemes using metadata, which includes categories and descriptions of APKs. We introduce two types of schemes: statistical scheme and support vector machine-based scheme. Finally, we analyze and discuss the performance and usability of the schemes, and confirm the usability of web information for the purpose of identifying malware.

[1] Ninghui Li,et al. Android permissions: a perspective combining risks and benefits , 2012, SACMAT '12.

[2] Alessandra Gorla,et al. Checking app behavior against app descriptions , 2014, ICSE.

[3] Yang Wang,et al. Quantitative Security Risk Assessment of Android Permissions and Applications , 2013, DBSec.

[4] Michael I. Jordan,et al. Latent Dirichlet Allocation , 2001, J. Mach. Learn. Res..

[5] Tao Ban,et al. Fine-Grained Risk Level Quantication Schemes Based on APK Metadata , 2015, ICONIP.

[6] Vladimir Vapnik,et al. Statistical learning theory , 1998 .

[7] Koji Nakao,et al. Data Model for Android Package Information and Its Application to Risk Analysis System , 2014, WISCS '14.

[8] Alexander J. Smola,et al. Learning with Kernels: support vector machines, regularization, optimization, and beyond , 2001, Adaptive computation and machine learning series.

[9] J. MacQueen. Some methods for classification and analysis of multivariate observations , 1967 .