Detection and Prevention of Mobile Malware Based on the Analysis of Permissions

doi:10.3969/j.issn.1671-1122.2015.10.010

Abstract

Abstract:

In recent years, Android smart phones have developed rapidly, along with increasing developed software on the android platform. However, due to Android's open source property, the malware is growing in android platform. Currently, a large number of malicious software has been rapidly spread. Therefore, it is a must to protect Android smart phones. The main work of this paper are as follows: first, extract a large number of permissions from normal applications as well as malicious applications through static analysis. Secondly, draw histograms based on the permissions to show what permissions are most important. We pay much attention to finding out which permission is most frequent between benign application and malware. The statistical results reflect that there are many different priorities between benign application and malware. Lastly, depending on the information gain concept to estimate the risk which a application is a malware. We rank permissions based on information gain. In this way to form a effective and safe assessment mechanism. This paper provides a method for detecting malware. Through experimental results, the method has the opportunity to become malware detection and prevention mechanisms to better protect Android phone.

Key words: Android, malware detection, permission extraction, static analysis

CLC Number:

TP309

ZHANG Fan, ZHONG Zhang-dui. Detection and Prevention of Mobile Malware Based on the Analysis of Permissions[J]. Netinfo Security, 2015, 15(10): 66-73.

Figures/Tables 10

References 17

[1]	猎豹移动实验室. 2015上半年全球移动安全报告[EB/OL]., 2015-7-9.
[2]	朱佳伟,喻梁文,关志,等. Android权限机制安全研究综述[J].计算机应用研究,2015,4(10):2880-2885
[3]	杨晶,金伟信,吴作顺. 基于Android系统的权限管理优化方案研究[J]. 电子质量,2015,(3):4-10
[4]	文伟平,梅瑞,宁戈,等. 恶意软件检测技术分析和应用研究[J]. 通信学报,2014(8):78-86
[5]	张一. 基于Android平台的智能手机权限安全研究[D].上海: 上海交通大学,2012.
[6]	张金鑫,杨晓辉. 基于权限分析的Android应用程序检测系统[J]. 信息网络安全,2014,(7):30-35
[7]	张怡婷,张扬,张涛,等. 基于朴素贝叶斯的Android软件恶意行为智能识别[J]. 东南大学学报,2015,(2):224-231.
[8]	DiCerboFrancesco,GirardelloAndrea, MichahellesFlorian,VoronkovaSvetlana. Detection of malicious applications on Android OS[C]//IEEE Computer Society.2010, (11): 138-149.
[9]	BlasingThomas,BatyukLeonid,SchmidtAubrey-Derrick,CamtepeSeyitAhmet,AlbayrakSahin. An Android application sandbox system for suspicious software detection[C]//IEEE Conference Publications.2010:55-62.
[10]	OngtangM,McLaughlinS,EnckW,McDanielP.Application-Centric Security in Android.Proceedings of the Annual Computer Security.Applications Conference[C]//2009: 340-349
[11]	ZeminLiu,Choon-Sung, NamDong-Ryeol,A User Authority Manager Model for the Android Platform[C]//ICACT2011.Feb.13~16, 2011 (1) : 146-1150.
[12]	WeiWang,XingWang, DaweiFeng, Jiqiang Liu, Zhen Han,Xiangliang Zhang.Exploring Permission-induced Risk in Android Applications for Malicious Application Detection[C]//IEEE Transactions on Information Forensics and Security .2014:1869-1882.
[13]	宋杰,党李成,郭振朝,等.Android OS手机平台的安全机制分析和应用研究[J]. 计算机技术与发展. 2010,(6):152-155.
[14]	高岳,胡爱群. 基于权限分析的Android隐私数据泄露动态检测方法[J]. 信息网络安全,2014,(2):27-31.
[15]	彭钊. 一种增强的Android应用权限管理模型的研究与实现[D].南京: 江苏大学,2012.
[16]	赵洋,胡龙,熊虎,等. 基于沙盒的Android恶意软件动态分析方案[J]. 信息网络安全,2014,(12):21-26.
[17]	刘泽衡. 基于Android智能手机的安全监测系统的研究与实现[D]. 哈尔滨: 哈尔滨工业大学,2011.