A security assessment method for Android applications based on permission model

Abstract

Permission-based security model of Android restricts applications to access specific resources, but malicious applications can invade more easily in such user-centric pattern. Through the analysis of the Android Permission-based security model and the permission features of Android applications, we establish the permission model to quantify the functional characteristics of the application, and then provide an assessment method in which we use the network visualization techniques and clustering algorithm to determine whether the testing application is potentially malicious application or not so as to help users choose applications before installation. We test the assessment method on 873 applications available online and do the statistic and analysis of the results to find that this method can do efforts in finding potentially malicious applications.