Contextual approach for identifying malicious Inter-Component privacy leaks in Android apps

Zhang, Daojuan; Guo, Yuanfang; Guo, Dianjie; Wang, Rui; Yu, Guangming

doi:10.1109/iscc.2017.8024534

Cited by 4 publications

(1 citation statement)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For example, IccTA's experiment showed the detection of 2395 ICC leaks in 337 apps in a set of 15,000 Google Play apps stores. Furthermore, Iccchecker [12] leveraged the context information triggered by sensitive behaviors and set up a classification algorithm with multiple benchmarks, identifying four apps with ICC-based privacy leakage actions among 168 Google Play apps (2.3%) and 31 malwares from 49 samples (63.3%).…”

Section: Static Analysismentioning

confidence: 99%

SAMLDroid: A Static Taint Analysis and Machine Learning Combined High-Accuracy Method for Identifying Android Apps with Location Privacy Leakage Risks

Zhang

Xiao

et al. 2021

Entropy

View full text Add to dashboard Cite

Insecure applications (apps) are increasingly used to steal users’ location information for illegal purposes, which has aroused great concern in recent years. Although the existing methods, i.e., static and dynamic taint analysis, have shown great merit for identifying such apps, which mainly rely on statically analyzing source code or dynamically monitoring the location data flow, identification accuracy is still under research, since the analysis results contain a certain false positive or true negative rate. In order to improve the accuracy and reduce the misjudging rate in the process of vetting suspicious apps, this paper proposes SAMLDroid, a combined method of static code analysis and machine learning for identifying Android apps with location privacy leakage, which can effectively improve the identification rate compared with existing methods. SAMLDroid first uses static analysis to scrutinize source code to investigate apps with location acquiring intentions. Then it exploits a well-trained classifier and integrates an app’s multiple features to dynamically analyze the pattern and deliver the final verdict about the app’s property. Finally, it is proved by conducting experiments, that the accuracy rate of SAMLDroid is up to 98.4%, which is nearly 20% higher than Apparecium.

show abstract

Section: Static Analysismentioning

confidence: 99%