Abstract
Security-sensitive behaviors in Android applications (apps for short) may or may not be malicious. We propose that a fundamental difference between malicious and benign behaviors is that their corresponding user intentions are different, i.e., whether there is an association between the app behavior and user intention. The user knows and wants this behavior to happen. Based on this discovery, we first design and realize IBdroid, which can precisely monitor user inter-faces, user actions and security-sensitive behaviors of apps. Then the user intention features, which can perceive the correlations between user intention and app behavior from time, process, semantic and data perspectives, are extracted from the records obtained by IBdroid. Finally, an approach using user intention features is proposed to differentiate benign and malicious behaviors. In our evaluations, we correctly identify 333 out of 354 security-sensitive behaviors, achieving 96.43% precision and 91.53% recall, the experimental result demonstrates that our approach can effectively and accurately detect and block malicious behaviors of Android apps.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
