Journal of Computer Applications ›› 2019, Vol. 39 ›› Issue (1): 131-135.DOI: 10.11772/j.issn.1001-9081.2018071643

Previous Articles     Next Articles

Risk assessment method of Android application based on permission

BU Tongtong, CAO Tianjie   

  1. School of Computer Science and Technology, China University of Mining and Technology, Xuzhou Jiangsu 221116, China
  • Received:2018-07-19 Revised:2018-08-15 Online:2019-01-10 Published:2019-01-21
  • Supported by:
    This work is partially supported by the National Natural Science Foundation of China (61303263).

基于权限的Android应用风险评估方法

卜同同, 曹天杰   

  1. 中国矿业大学 计算机科学与技术学院, 江苏 徐州 221116
  • 通讯作者: 卜同同
  • 作者简介:卜同同(1991-),女,江苏徐州人,硕士研究生,CCF会员,主要研究方向:移动终端安全、网络安全;曹天杰(1967-),男,江苏徐州人,教授,博士,主要研究方向:密码学、信息安全。
  • 基金资助:
    国家自然科学基金资助项目(61303263)。

Abstract: Focusing on the problems existing in Android permission mechanism and poor capability of traditional measurement methods of Android software security, a risk assessment method of Android APP based on permission was proposed. Firstly, the system permissions declared by application, the permissions obtained through static analysis and custom permissions were extracted by reverse-engineering analysis of application. At the same time, the permissions used by executing application were extracted through dynamic detection. Secondly, quantitative risk assessment of applications was performed from three aspects:permission combination of hiding malicious intent, "over-privilege" problem and custom permission vulnerability. Finally, the Analytic Hierarchy Process (AHP) evaluation model was adopted to calculate the weights of three aspects above for estimating risk value of application. In addition, custom permission data set and permissions combination dataset with hiding malicious intent were built by training 6245 software samples collected from application store and VirusShare. The experimental results show that the proposed method can assess risk value of application software more accurately compared with Androguard.

Key words: Android security, risk assessment, application permission, quantitative assessment, static analysis, dynamic detection

摘要: 针对Android权限机制存在的问题以及传统的应用风险等级评估方法的不足,提出了一种基于权限的Android应用风险评估方法。首先,通过对应用程序进行逆向工程分析,提取出应用程序声明的系统权限、静态分析的权限以及自定义的权限,和通过动态检测获取应用程序执行使用到的权限;然后,从具有恶意倾向的组合权限、"溢权"问题和自定义权限三个方面对应用程序进行量性风险评估;最后,采用层次分析法(AHP)计算上述三个方面的权重,评估应用的风险值。对6245个软件样本进行训练,构建自定义权限数据集和具有恶意倾向的权限组合数据集。实验结果表明,与Androguard相比,所提方法能更精确地评估应用软件的风险值。

关键词: Android安全, 风险评估, 应用权限, 量性评估, 静态分析, 动态检测

CLC Number: