A methodology for empirical analysis of permission-based security models and its application to android

268

163

Abstract. Each time a user installs an application on their Android phone they are presented with a full screen of information describing what access they will be granting that application. This information is intended to help them make two choices: whether or not they trust that the application will not damage the security of their device and whether or not they are willing to share their information with the application, developer, and partners in question. We performed a series of semi-structured interviews in two cities to determine whether people read and understand these permissions screens, and to better understand how people perceive the implications of these decisions. We find that the permissions displays are generally viewed and read, but not understood by Android users. Alarmingly, we find that people are unaware of the security risks associated with mobile apps and believe that app marketplaces test and reject applications. In sum, users are not currently well prepared to make informed privacy and security decisions around installing applications.

Section: Related Workmentioning

confidence: 84%

A Conundrum of Permissions: Installing Applications on an Android Smartphone

Kelley

Consolvo

Cranor

et al. 2012

268

163

“…With regards to state-of-the-art literature tackled in this work, a significant number of Machine Learning approaches for malware detection [6,29,[36][37][38][39] have been presented to the research community. The feature set that we use in this paper was evaluated in [23] and achieved better performance than those approaches.…”

Section: Related Workmentioning

confidence: 99%

Are Your Training Datasets Yet Relevant?

Allix

Bissyandé

Klein

et al. 2015

In this paper, we consider the relevance of timeline in the construction of datasets, to highlight its impact on the performance of a machine learning-based malware detection scheme. Typically, we show that simply picking a random set of known malware to train a malware detector, as it is done in many assessment scenarios from the literature, yields significantly biased results. In the process of assessing the extent of this impact through various experiments, we were also able to confirm a number of intuitive assumptions about Android malware. For instance, we discuss the existence of Android malware lineages and how they could impact the performance of malware detection in the wild.

“…There are several studies on how the permissions are used by Android apps. In [13], Barrera et al did an empirical analysis of the permission-based security models by analyzing 1,100 most popular Android apps using the Self-Organizing Map (SOM) algorithm. They found that among the defined permissions only a small portion of them are actively used by developers.…”

Section: Related Workmentioning

confidence: 99%

Quantitative Security Risk Assessment of Android Permissions and Applications

Wang

Zheng

Sun

et al. 2013

Abstract. The booming of the Android platform in recent years has attracted the attention of malware developers. However, the permissionsbased model used in Android system to prevent the spread of malware, has shown to be ineffective. In this paper, we propose DroidRisk, a framework for quantitative security risk assessment of both Android permissions and applications (apps) based on permission request patterns from benign apps and malware, which aims to improve the efficiency of Android permission system. Two data sets with 27,274 benign apps from Google Play and 1,260 Android malware samples were used to evaluate the effectiveness of DroidRisk. The results demonstrate that DroidRisk can generate more reliable risk signal for warning the potential malicious activities compared with existing methods. We show that DroidRisk can also be used to alleviate the overprivilege problem and improve the user attention to the risks of Android permissions and apps.