Cargando…
Towards a threat assessment framework for apps collusion
App collusion refers to two or more apps working together to achieve a malicious goal that they otherwise would not be able to achieve individually. The permissions based security model of Android does not address this threat as it is rather limited to mitigating risks of individual apps. This paper...
| Autores principales: | , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
Springer US
2017
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6961490/ https://www.ncbi.nlm.nih.gov/pubmed/32009772 http://dx.doi.org/10.1007/s11235-017-0296-1 |
| _version_ | 1783488004907597824 |
|---|---|
| author | Kalutarage, Harsha Kumara Nguyen, Hoang Nga Shaikh, Siraj Ahmed |
| author_facet | Kalutarage, Harsha Kumara Nguyen, Hoang Nga Shaikh, Siraj Ahmed |
| author_sort | Kalutarage, Harsha Kumara |
| collection | PubMed |
| description | App collusion refers to two or more apps working together to achieve a malicious goal that they otherwise would not be able to achieve individually. The permissions based security model of Android does not address this threat as it is rather limited to mitigating risks of individual apps. This paper presents a technique for quantifying the collusion threat, essentially the first step towards assessing the collusion risk. The proposed method is useful in finding the collusion candidate of interest which is critical given the high volume of Android apps available. We present our empirical analysis using a classified corpus of over 29,000 Android apps provided by Intel Security(TM). |
| format | Online Article Text |
| id | pubmed-6961490 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2017 |
| publisher | Springer US |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-69614902020-01-29 Towards a threat assessment framework for apps collusion Kalutarage, Harsha Kumara Nguyen, Hoang Nga Shaikh, Siraj Ahmed Telecommun Syst Article App collusion refers to two or more apps working together to achieve a malicious goal that they otherwise would not be able to achieve individually. The permissions based security model of Android does not address this threat as it is rather limited to mitigating risks of individual apps. This paper presents a technique for quantifying the collusion threat, essentially the first step towards assessing the collusion risk. The proposed method is useful in finding the collusion candidate of interest which is critical given the high volume of Android apps available. We present our empirical analysis using a classified corpus of over 29,000 Android apps provided by Intel Security(TM). Springer US 2017-03-07 2017 /pmc/articles/PMC6961490/ /pubmed/32009772 http://dx.doi.org/10.1007/s11235-017-0296-1 Text en © The Author(s) 2017 Open AccessThis article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made. |
| spellingShingle | Article Kalutarage, Harsha Kumara Nguyen, Hoang Nga Shaikh, Siraj Ahmed Towards a threat assessment framework for apps collusion |
| title | Towards a threat assessment framework for apps collusion |
| title_full | Towards a threat assessment framework for apps collusion |
| title_fullStr | Towards a threat assessment framework for apps collusion |
| title_full_unstemmed | Towards a threat assessment framework for apps collusion |
| title_short | Towards a threat assessment framework for apps collusion |
| title_sort | towards a threat assessment framework for apps collusion |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6961490/ https://www.ncbi.nlm.nih.gov/pubmed/32009772 http://dx.doi.org/10.1007/s11235-017-0296-1 |
| work_keys_str_mv | AT kalutarageharshakumara towardsathreatassessmentframeworkforappscollusion AT nguyenhoangnga towardsathreatassessmentframeworkforappscollusion AT shaikhsirajahmed towardsathreatassessmentframeworkforappscollusion |