Toggle navigation
Home
About
About Journal
Historical Evolution
Indexed In
Awards
Reference Index
Editorial Board
Journal Online
Archive
Project Articles
Most Download Articles
Most Read Articles
Instruction
Contribution Column
Author Guidelines
Template
FAQ
Copyright Agreement
Expenses
Academic Integrity
Contact
Contact Us
Location Map
Subscription
Advertisement
中文
Journals
Publication Years
Keywords
Search within results
(((CAO Tianjie[Author]) AND 1[Journal]) AND year[Order])
AND
OR
NOT
Title
Author
Institution
Keyword
Abstract
PACS
DOI
Please wait a minute...
For Selected:
Download Citations
EndNote
Ris
BibTeX
Toggle Thumbnails
Select
Risk assessment method of Android application based on permission
BU Tongtong, CAO Tianjie
Journal of Computer Applications 2019, 39 (
1
): 131-135. DOI:
10.11772/j.issn.1001-9081.2018071643
Abstract
(
697
)
PDF
(874KB)(
506
)
Knowledge map
Save
Focusing on the problems existing in Android permission mechanism and poor capability of traditional measurement methods of Android software security, a risk assessment method of Android APP based on permission was proposed. Firstly, the system permissions declared by application, the permissions obtained through static analysis and custom permissions were extracted by reverse-engineering analysis of application. At the same time, the permissions used by executing application were extracted through dynamic detection. Secondly, quantitative risk assessment of applications was performed from three aspects:permission combination of hiding malicious intent, "over-privilege" problem and custom permission vulnerability. Finally, the Analytic Hierarchy Process (AHP) evaluation model was adopted to calculate the weights of three aspects above for estimating risk value of application. In addition, custom permission data set and permissions combination dataset with hiding malicious intent were built by training 6245 software samples collected from application store and VirusShare. The experimental results show that the proposed method can assess risk value of application software more accurately compared with Androguard.
Reference
|
Related Articles
|
Metrics
Select
Malware detection approach based on non-user operating sequence
LUO Wenshuang, CAO Tianjie
Journal of Computer Applications 2018, 38 (
1
): 56-60. DOI:
10.11772/j.issn.1001-9081.2017071835
Abstract
(
407
)
PDF
(1013KB)(
400
)
Knowledge map
Save
Considering rapid growth of Android malware and poor capability of detecting malware, a static detection method based on non-user operation sequences was proposed. Firstly, the Application Programming Interface (API) call information of malware was extracted by reverse engineering analysis. Secondly, the malware's function-call graph was established by using breadth-first traversal algorithm; then, non-user operation sequence was extracted from the function-call graph to form malicious behavior database. Finally, the similarity of the detected sample and non-user operation sequence in the malicious behavior database was calculated by using the edit distance algorithm for malware identification. In the detection of 360 malicious samples and 300 normal samples, the proposed method could reach the recall rate of 90.8% and the accuracy rate of 90.3%. Compared with the Android malware detection system Androguard, the recall rate of the proposed method increased by 30 percentage points in the detection of malicious samples; and compared with the FlowDroid method, the precision rate increased by 11 percentage points in the detection of normal sample and the recall rate increased by 4.4 percentage points in the detection of malicious samples. The experimental results show that the proposed method improves the recall rate of malware detection and promotes the detection effect of malware.
Reference
|
Related Articles
|
Metrics
Select
Lightweight protocol with anonymity for Ad Hoc network based on bilinear pairings
LIANG Yumin CAO Tianjie
Journal of Computer Applications 2013, 33 (
12
): 3402-3405.
Abstract
(
568
)
PDF
(767KB)(
390
)
Knowledge map
Save
Lots of anonymous protocols for Ad Hoc network have been proposed to enforce the anonymity of the nodes in the network. However, most of the protocols utilize many asymmetric key computations which consume vast time and resources, thus, these protocols are not so suitable for those nodes in Ad Hoc network with limited power and poor computational ability. Hence, a new lightweight protocol with anonymity for Ad Hoc network was proposed. The new protocol ensured many security features and anonymity; most importantly, it employed bilinear pairings to realize the authenticated key exchange. Compared with other protocols, the proposed protocol is more efficient in routing construction by lowering the computing time to large extent and reducing the asymmetric key computation.
Related Articles
|
Metrics
Select
DPCS2017+49+Malware detection approach based on non-user operating sequences
CAO Tianjie
Accepted: 31 July 2017