Journal
CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS
Volume 22, Issue -, Pages 13337-13350Publisher
SPRINGER
DOI: 10.1007/s10586-018-1904-x
Keywords
Android required permission; Android used permission; Malware detection; Permission pattern; Contrasting mining
Funding
- National Natural Science Foundation of China [61402185]
- Science Foundation of Guangdong Provincial Communications Department [2015-02-064]
- Natural Science Foundation of Guangdong Province [2015A030313382]
- Guangdong Provincial Public Research and Capacity Building Foundation [2015A020217011, 2016A020223012]
- STPF of University in Shandong Province of China [J17KA161]
- South China Normal University-Bluedon Information Security Technologies Co., Ltd [LD20170201]
Ask authors/readers for more resources
Android system uses a permission mechanism to allow users and developers to regulate access to private information and system resources required by Android applications (apps). Permissions can be behaviors and characteristics of an app, and widely used by Android malware detection. This paper designs a novel method to extract contrasting permission patterns for comparing the differences between Android benign apps and malware based on permissions, and use these differences to detect Android malware. Unlike existing works, this work first analyzes required and used permission. Then use support-based permission candidate method to mining unique required or used permission patterns, and use these patterns to detect Android malware. In experiment, this approach uses permission patterns from Androidmalware to detect a mixed Android app dataset. The results show that the proposed method can achieve 94% accuracy, 5% false positive, and 1% false negative.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available