Permission-based Risk Signals for App Behaviour Characterization in Android Apps
Oluwafemi Olukoya, Lewis Mackenzie, Inah Omoronyia
2019
Abstract
With the parallel growth of the Android operating system and mobile malware, one of the ways to stay protected from mobile malware is by observing the permissions requested. However, without careful consideration of these permissions, users run the risk of an installed app being malware, without any warning that might characterize its nature. We propose a permission-based risk signal using a taxonomy of sensitive permissions. Firstly, we analyse the risk of an app based on the permissions it requests, using a permission sensitivity index computed from a risky permission set. Secondly, we evaluate permission mismatch by checking what an app requires against what it requests. Thirdly, we evaluate security rules based on our metrics to evaluate corresponding risks. We evaluate these factors using datasets of benign and malicious apps (43580 apps) and our result demonstrates that the proposed framework can be used to improve risk signalling of Android apps with a 95% accuracy.
DownloadPaper Citation
in Harvard Style
Olukoya O., Mackenzie L. and Omoronyia I. (2019). Permission-based Risk Signals for App Behaviour Characterization in Android Apps.In Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-359-9, pages 183-192. DOI: 10.5220/0007248701830192
in Bibtex Style
@conference{icissp19,
author={Oluwafemi Olukoya and Lewis Mackenzie and Inah Omoronyia},
title={Permission-based Risk Signals for App Behaviour Characterization in Android Apps},
booktitle={Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2019},
pages={183-192},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007248701830192},
isbn={978-989-758-359-9},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Permission-based Risk Signals for App Behaviour Characterization in Android Apps
SN - 978-989-758-359-9
AU - Olukoya O.
AU - Mackenzie L.
AU - Omoronyia I.
PY - 2019
SP - 183
EP - 192
DO - 10.5220/0007248701830192