Mining permission patterns for contrasting clean and malicious android applications

Veelasha Moonsamy; Jia Rong; Shaowu Liu

doi:10.1016/j.future.2013.09.014

Mining permission patterns for contrasting clean and malicious android applications

Veelasha Moonsamy, Jia Rong, Shaowu Liu

Research output: Contribution to journal › Article › Research › peer-review

86 Citations (Scopus)

Abstract

An Android application uses a permission system to regulate the access to system resources and users' privacy-relevant information. Existing works have demonstrated several techniques to study the required permissions declared by the developers, but little attention has been paid towards used permissions. Besides, no specific permission combination is identified to be effective for malware detection. To fill these gaps, we have proposed a novel pattern mining algorithm to identify a set of contrast permission patterns that aim to detect the difference between clean and malicious applications. A benchmark malware dataset and a dataset of 1227 clean applications has been collected by us to evaluate the performance of the proposed algorithm. Valuable findings are obtained by analyzing the returned contrast permission patterns.

Original language	English
Pages (from-to)	122-132
Number of pages	11
Journal	Future Generation Computer Systems
Volume	36
DOIs	https://doi.org/10.1016/j.future.2013.09.014
Publication status	Published - 2013
Externally published	Yes

Keywords

Android permission
Biclustering
Contrast mining
Data mining
Permission pattern

Access to Document

10.1016/j.future.2013.09.014

Cite this

@article{1a1ed50ec23d409fb8c05aef2383ddb2,

title = "Mining permission patterns for contrasting clean and malicious android applications",

abstract = "An Android application uses a permission system to regulate the access to system resources and users' privacy-relevant information. Existing works have demonstrated several techniques to study the required permissions declared by the developers, but little attention has been paid towards used permissions. Besides, no specific permission combination is identified to be effective for malware detection. To fill these gaps, we have proposed a novel pattern mining algorithm to identify a set of contrast permission patterns that aim to detect the difference between clean and malicious applications. A benchmark malware dataset and a dataset of 1227 clean applications has been collected by us to evaluate the performance of the proposed algorithm. Valuable findings are obtained by analyzing the returned contrast permission patterns.",

keywords = "Android permission, Biclustering, Contrast mining, Data mining, Permission pattern",

author = "Veelasha Moonsamy and Jia Rong and Shaowu Liu",

year = "2013",

doi = "10.1016/j.future.2013.09.014",

language = "English",

volume = "36",

pages = "122--132",

journal = "Future Generation Computer Systems",

issn = "0167-739X",

publisher = "Elsevier BV",

}

TY - JOUR

T1 - Mining permission patterns for contrasting clean and malicious android applications

AU - Moonsamy, Veelasha

AU - Rong, Jia

AU - Liu, Shaowu

PY - 2013

Y1 - 2013

N2 - An Android application uses a permission system to regulate the access to system resources and users' privacy-relevant information. Existing works have demonstrated several techniques to study the required permissions declared by the developers, but little attention has been paid towards used permissions. Besides, no specific permission combination is identified to be effective for malware detection. To fill these gaps, we have proposed a novel pattern mining algorithm to identify a set of contrast permission patterns that aim to detect the difference between clean and malicious applications. A benchmark malware dataset and a dataset of 1227 clean applications has been collected by us to evaluate the performance of the proposed algorithm. Valuable findings are obtained by analyzing the returned contrast permission patterns.

AB - An Android application uses a permission system to regulate the access to system resources and users' privacy-relevant information. Existing works have demonstrated several techniques to study the required permissions declared by the developers, but little attention has been paid towards used permissions. Besides, no specific permission combination is identified to be effective for malware detection. To fill these gaps, we have proposed a novel pattern mining algorithm to identify a set of contrast permission patterns that aim to detect the difference between clean and malicious applications. A benchmark malware dataset and a dataset of 1227 clean applications has been collected by us to evaluate the performance of the proposed algorithm. Valuable findings are obtained by analyzing the returned contrast permission patterns.

KW - Android permission

KW - Biclustering

KW - Contrast mining

KW - Data mining

KW - Permission pattern

UR - http://www.scopus.com/inward/record.url?scp=84899946083&partnerID=8YFLogxK

U2 - 10.1016/j.future.2013.09.014

DO - 10.1016/j.future.2013.09.014

M3 - Article

AN - SCOPUS:84899946083

SN - 0167-739X

VL - 36

SP - 122

EP - 132

JO - Future Generation Computer Systems

JF - Future Generation Computer Systems

ER -

Mining permission patterns for contrasting clean and malicious android applications

Abstract

Keywords

Access to Document

Other files and links

Cite this