android应用分类及安全评估

Eralda Caushaj, Vijayan Sugumaran
{"title":"android应用分类及安全评估","authors":"Eralda Caushaj, Vijayan Sugumaran","doi":"10.1007/s43926-023-00047-0","DOIUrl":null,"url":null,"abstract":"Abstract Current mobile platforms pose many privacy risks for the users. Android applications (apps) request access to device resources and data, such as storage, GPS location, camera, microphone, SMS, phone identity, and network information. Legitimate mobile apps, advertisements (ads), and malware all require access to mobile resources and data to function properly. Therefore, it is difficult for the user to make informed decisions that effectively balance their privacy and app functionality. This study analyzes the Android application permissions, ad networks and the impact on end-user’s privacy. Dangerous combinations of app permissions, and ad networks are used as features in our prediction models to understand the behavior of apps. Our models have a high classification accuracy of 95.9% considering the imbalance in real life between benign and malicious apps. Our assumption that certain app permissions can be a potential threat to the privacy of end users is confirmed to be one of the most impactful features of our prediction models. Since our study considers the impact of ad networks and malware permissions, it will help end-users make more informed decision about the app permissions they grant and understand that the app permissions open doors to more vulnerabilities, and at some point, benign apps can behave maliciously.","PeriodicalId":34751,"journal":{"name":"Discover Internet of Things","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2023-10-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Classification and security assessment of android apps\",\"authors\":\"Eralda Caushaj, Vijayan Sugumaran\",\"doi\":\"10.1007/s43926-023-00047-0\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Abstract Current mobile platforms pose many privacy risks for the users. Android applications (apps) request access to device resources and data, such as storage, GPS location, camera, microphone, SMS, phone identity, and network information. Legitimate mobile apps, advertisements (ads), and malware all require access to mobile resources and data to function properly. Therefore, it is difficult for the user to make informed decisions that effectively balance their privacy and app functionality. This study analyzes the Android application permissions, ad networks and the impact on end-user’s privacy. Dangerous combinations of app permissions, and ad networks are used as features in our prediction models to understand the behavior of apps. Our models have a high classification accuracy of 95.9% considering the imbalance in real life between benign and malicious apps. Our assumption that certain app permissions can be a potential threat to the privacy of end users is confirmed to be one of the most impactful features of our prediction models. Since our study considers the impact of ad networks and malware permissions, it will help end-users make more informed decision about the app permissions they grant and understand that the app permissions open doors to more vulnerabilities, and at some point, benign apps can behave maliciously.\",\"PeriodicalId\":34751,\"journal\":{\"name\":\"Discover Internet of Things\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-10-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Discover Internet of Things\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1007/s43926-023-00047-0\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Discover Internet of Things","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1007/s43926-023-00047-0","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

摘要

当前的移动平台给用户带来了诸多隐私风险。Android应用程序(app)请求访问设备资源和数据,如存储、GPS位置、摄像头、麦克风、短信、电话身份和网络信息。合法的移动应用程序、广告和恶意软件都需要访问移动资源和数据才能正常运行。因此,用户很难做出明智的决定,有效地平衡他们的隐私和应用程序的功能。本研究分析了Android应用程序权限、广告网络及其对终端用户隐私的影响。应用权限和广告网络的危险组合被用作我们预测模型的特征,以理解应用的行为。考虑到现实生活中良性和恶意应用之间的不平衡,我们的模型具有95.9%的高分类准确率。我们假设某些应用程序权限可能对最终用户的隐私构成潜在威胁,这被证实是我们预测模型中最具影响力的特征之一。由于我们的研究考虑了广告网络和恶意软件权限的影响,它将帮助最终用户对他们授予的应用权限做出更明智的决定,并了解应用权限为更多漏洞打开了大门,在某种程度上,良性应用可能会表现出恶意行为。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Classification and security assessment of android apps
Abstract Current mobile platforms pose many privacy risks for the users. Android applications (apps) request access to device resources and data, such as storage, GPS location, camera, microphone, SMS, phone identity, and network information. Legitimate mobile apps, advertisements (ads), and malware all require access to mobile resources and data to function properly. Therefore, it is difficult for the user to make informed decisions that effectively balance their privacy and app functionality. This study analyzes the Android application permissions, ad networks and the impact on end-user’s privacy. Dangerous combinations of app permissions, and ad networks are used as features in our prediction models to understand the behavior of apps. Our models have a high classification accuracy of 95.9% considering the imbalance in real life between benign and malicious apps. Our assumption that certain app permissions can be a potential threat to the privacy of end users is confirmed to be one of the most impactful features of our prediction models. Since our study considers the impact of ad networks and malware permissions, it will help end-users make more informed decision about the app permissions they grant and understand that the app permissions open doors to more vulnerabilities, and at some point, benign apps can behave maliciously.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Discover Internet of Things
Discover Internet of Things Internet of Things (IoT)-
CiteScore
7.50
自引率
0.00%
发文量
6
审稿时长
28 days
期刊介绍: Discover Internet of Things is part of the Discover journal series committed to providing a streamlined submission process, rapid review and publication, and a high level of author service at every stage. It is an open access, community-focussed journal publishing research from across all fields relevant to the Internet of Things (IoT), providing cutting-edge and state-of-art research findings to researchers, academicians, students, and engineers. Discover Internet of Things is a broad, open access journal publishing research from across all fields relevant to IoT. Discover Internet of Things covers concepts at the component, hardware, and system level as well as programming, operating systems, software, applications and other technology-oriented research topics. The journal is uniquely interdisciplinary because its scope spans several research communities, ranging from computer systems to communication, optimisation, big data analytics, and application. It is also intended that articles published in Discover Internet of Things may help to support and accelerate Sustainable Development Goal 9: ‘Build resilient infrastructure, promote inclusive and sustainable industrialization and foster innovation’. Discover Internet of Things welcomes all observational, experimental, theoretical, analytical, mathematical modelling, data-driven, and applied approaches that advance the study of all aspects of IoT research.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信