Cargando…
A Modified FlowDroid Based on Chi-Square Test of Permissions
Android devices are currently widely used in many fields, such as automatic control, embedded systems, the Internet of Things and so on. At the same time, Android applications (apps) always use multiple permissions, and permissions can be abused by malicious apps that disclose users’ privacy or brea...
Autores principales: | , , , , |
---|---|
Formato: | Online Artículo Texto |
Lenguaje: | English |
Publicado: |
MDPI
2021
|
Materias: | |
Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7912706/ https://www.ncbi.nlm.nih.gov/pubmed/33573210 http://dx.doi.org/10.3390/e23020174 |
_version_ | 1783656637488168960 |
---|---|
author | Kang, Hongzhaoning Liu, Gang Wu, Zhengping Tian, Yumin Zhang, Lizhi |
author_facet | Kang, Hongzhaoning Liu, Gang Wu, Zhengping Tian, Yumin Zhang, Lizhi |
author_sort | Kang, Hongzhaoning |
collection | PubMed |
description | Android devices are currently widely used in many fields, such as automatic control, embedded systems, the Internet of Things and so on. At the same time, Android applications (apps) always use multiple permissions, and permissions can be abused by malicious apps that disclose users’ privacy or breach the secure storage of information. FlowDroid has been extensively studied as a novel and highly precise static taint analysis for Android applications. Aiming at the problem of complex detection and false alarms in FlowDroid, an improved static detection method based on feature permission and risk rating is proposed. Firstly, the Chi-square test is used to extract correlated permissions related to malicious apps, and mutual information is used to cluster the permissions to generate feature permission clusters. Secondly, risk calculation method based on permissions and combinations of permissions are proposed to identify dangerous data flows. Experiments show that this method can significantly improve detection efficiency while maintaining the accuracy of dangerous data flow detection. |
format | Online Article Text |
id | pubmed-7912706 |
institution | National Center for Biotechnology Information |
language | English |
publishDate | 2021 |
publisher | MDPI |
record_format | MEDLINE/PubMed |
spelling | pubmed-79127062021-02-28 A Modified FlowDroid Based on Chi-Square Test of Permissions Kang, Hongzhaoning Liu, Gang Wu, Zhengping Tian, Yumin Zhang, Lizhi Entropy (Basel) Article Android devices are currently widely used in many fields, such as automatic control, embedded systems, the Internet of Things and so on. At the same time, Android applications (apps) always use multiple permissions, and permissions can be abused by malicious apps that disclose users’ privacy or breach the secure storage of information. FlowDroid has been extensively studied as a novel and highly precise static taint analysis for Android applications. Aiming at the problem of complex detection and false alarms in FlowDroid, an improved static detection method based on feature permission and risk rating is proposed. Firstly, the Chi-square test is used to extract correlated permissions related to malicious apps, and mutual information is used to cluster the permissions to generate feature permission clusters. Secondly, risk calculation method based on permissions and combinations of permissions are proposed to identify dangerous data flows. Experiments show that this method can significantly improve detection efficiency while maintaining the accuracy of dangerous data flow detection. MDPI 2021-01-30 /pmc/articles/PMC7912706/ /pubmed/33573210 http://dx.doi.org/10.3390/e23020174 Text en © 2021 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/). |
spellingShingle | Article Kang, Hongzhaoning Liu, Gang Wu, Zhengping Tian, Yumin Zhang, Lizhi A Modified FlowDroid Based on Chi-Square Test of Permissions |
title | A Modified FlowDroid Based on Chi-Square Test of Permissions |
title_full | A Modified FlowDroid Based on Chi-Square Test of Permissions |
title_fullStr | A Modified FlowDroid Based on Chi-Square Test of Permissions |
title_full_unstemmed | A Modified FlowDroid Based on Chi-Square Test of Permissions |
title_short | A Modified FlowDroid Based on Chi-Square Test of Permissions |
title_sort | modified flowdroid based on chi-square test of permissions |
topic | Article |
url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7912706/ https://www.ncbi.nlm.nih.gov/pubmed/33573210 http://dx.doi.org/10.3390/e23020174 |
work_keys_str_mv | AT kanghongzhaoning amodifiedflowdroidbasedonchisquaretestofpermissions AT liugang amodifiedflowdroidbasedonchisquaretestofpermissions AT wuzhengping amodifiedflowdroidbasedonchisquaretestofpermissions AT tianyumin amodifiedflowdroidbasedonchisquaretestofpermissions AT zhanglizhi amodifiedflowdroidbasedonchisquaretestofpermissions AT kanghongzhaoning modifiedflowdroidbasedonchisquaretestofpermissions AT liugang modifiedflowdroidbasedonchisquaretestofpermissions AT wuzhengping modifiedflowdroidbasedonchisquaretestofpermissions AT tianyumin modifiedflowdroidbasedonchisquaretestofpermissions AT zhanglizhi modifiedflowdroidbasedonchisquaretestofpermissions |