Abstract
Nowadays, Android applications declare as many permissions as possible to provide more function for the users, which also poses severe security threat to them. Although many Android malware detection methods based on permissions have been developed, they are ineffective when malicious applications declare few dangerous permissions or when the dangerous permissions declared by malicious applications are similar with those declared by benign applications. This limitation is attributed to the use of too few information for classification. We propose a new method named fine-grained dangerous permission (FDP) method for detecting Android malicious applications, which gathers features that better represent the difference between malicious applications and benign applications. Among these features, the fine-grained feature of dangerous permissions applied in components is proposed for the first time. We evaluate 1700 benign applications and 1600 malicious applications and demonstrate that FDP achieves a TP rate of 94.5%. Furthermore, compared with other related detection approaches, FDP can detect more malware families and only requires 15.205 s to analyze one application on average, which demonstrates its applicability for practical implementation.
Highlights
Smartphones have become an integral part of our day-to-day life
Experiments with 1700 benign applications from Xiaomi markets and 1600 malicious applications demonstrate the effectiveness of fine-grained dangerous permission (FDP), which achieves a TP rate of 94.5% and only requires 15.052 s to analyze an application on average. e main contributions of our work can be summarized as follows: (1) We propose a new method to perform Android malware detection based on fine-grained permission mechanism, which represents the difference between malicious applications and benign applications as the features of machine learning, including the information of the dangerous permissions used in the components for the first time
As malicious applications are positive samples and benign applications are negative samples in our evaluation, we present four types of values. t pos is the number of malicious applications correctly identified as malicious applications; f neg is the number of malicious applications incorrectly identified as benign applications; t neg is the number of benign applications correctly identified as benign applications; and f pos is the number of benign applications incorrectly identified as malicious applications: TP
Summary
Smartphones have become an integral part of our day-to-day life. New data for December 2018 shows that Android remains the most popular mobile operating system, with a worldwide market share of 75.16% [1]. With over one million Android applications in major app stores, applications such as WeChat, TikTok, and mobile banking applications are used in our daily life and continue to play an increasingly important role. Most of these applications have access to users’ private information such as their location, credit card, and contact information. Almost all applications access the users’ private data, this provides users with better personalized services [2]. It may result in information leakage of private data and economic loss [3]. Android malicious applications keep emerging endlessly, and this security issue has gained increasing attention in the industry and academic fields [4]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
