Least Squares Support Vector Machine Classifiers
Neural Processing Letters
The Art of Computer Virus Research and Defense
The Art of Computer Virus Research and Defense
On lightweight mobile phone application certification
Proceedings of the 16th ACM conference on Computer and communications security
Semantically Rich Application-Centric Security in Android
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Apex: extending Android permission model and enforcement with user-defined runtime constraints
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Proceedings of the Sixth Symposium on Usable Privacy and Security
Proceedings of the 17th ACM conference on Computer and communications security
Paranoid Android: versatile protection for smartphones
Proceedings of the 26th Annual Computer Security Applications Conference
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
LIBSVM: A library for support vector machines
ACM Transactions on Intelligent Systems and Technology (TIST)
The effectiveness of application permissions
WebApps'11 Proceedings of the 2nd USENIX conference on Web application development
A study of android application security
SEC'11 Proceedings of the 20th USENIX conference on Security
A survey of mobile malware in the wild
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Short paper: a look at smartphone permission models
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Android permissions demystified
Proceedings of the 18th ACM conference on Computer and communications security
Using probabilistic generative models for ranking risks of Android apps
Proceedings of the 2012 ACM conference on Computer and communications security
MAST: triage for market-scale mobile malware analysis
Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks
Role mining algorithm evaluation and improvement in large volume android applications
Proceedings of the first international workshop on Security in embedded systems and smartphones
The impact of vendor customizations on android security
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Structural detection of android malware using embedded call graphs
Proceedings of the 2013 ACM workshop on Artificial intelligence and security
Quantitative security risk assessment of android permissions and applications
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
RiskMon: continuous and automated risk assessment of mobile applications
Proceedings of the 4th ACM conference on Data and application security and privacy
PREC: practical root exploit containment for android devices
Proceedings of the 4th ACM conference on Data and application security and privacy
Hi-index | 0.00 |
The phenomenal growth of the Android platform in the past few years has made it a lucrative target of malicious application (app) developers. There are numerous instances of malware apps that send premium rate SMS messages, track users' private data, or apps that, even if not characterized as malware, conduct questionable actions affecting the user's privacy or costing them money. In this paper, we investigate the feasibility of using both the permissions an app requests, the category of the app, and what permissions are requested by other apps in the same category to better inform users whether the risks of installing an app is commensurate with its expected benefit. Existing approaches consider only the risks of the permissions requested by an app and ignore both the benefits and what permissions are requested by other apps, thus having a limited effect. We propose several risk signals that and evaluate them using two datasets, one consists of 158,062 Android apps from the Android Market, and another consists of 121 malicious apps. We demonstrate the effectiveness of our proposal through extensive data analysis.