Potential Component Leaks in Android Apps

An Investigation into a New Feature Set for Malware Detection

Li Li, Kevin Allix, Daoyuan Li, Alexandre Bartel, Tegawendé F. Bissyandé, Jacques Klein

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

8 Citations (Scopus)

Abstract

We discuss the capability of a new feature set for malware detection based on potential component leaks (PCLs). PCLs are defined as sensitive data-flows that involve Android inter-component communications. We show that PCLs are common in Android apps and that malicious applications indeed manipulate significantly more PCLs than benign apps. Then, we evaluate a machine learning-based approach relying on PCLs. Experimental validations show high performance for identifying malware, demonstrating that PCLs can be used for discriminating malicious apps from benign apps.

Original languageEnglish
Title of host publicationProceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015
PublisherIEEE, Institute of Electrical and Electronics Engineers
Pages195-200
Number of pages6
ISBN (Electronic)9781467379892
DOIs
Publication statusPublished - 21 Sep 2015
Externally publishedYes
EventIEEE International Conference on Software Quality, Reliability and Security, QRS 2015 - Vancouver, Canada
Duration: 3 Aug 20155 Aug 2015

Conference

ConferenceIEEE International Conference on Software Quality, Reliability and Security, QRS 2015
CountryCanada
CityVancouver
Period3/08/155/08/15

Cite this

Li, L., Allix, K., Li, D., Bartel, A., Bissyandé, T. F., & Klein, J. (2015). Potential Component Leaks in Android Apps: An Investigation into a New Feature Set for Malware Detection. In Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015 (pp. 195-200). [7272932] IEEE, Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/QRS.2015.36
Li, Li ; Allix, Kevin ; Li, Daoyuan ; Bartel, Alexandre ; Bissyandé, Tegawendé F. ; Klein, Jacques. / Potential Component Leaks in Android Apps : An Investigation into a New Feature Set for Malware Detection. Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015. IEEE, Institute of Electrical and Electronics Engineers, 2015. pp. 195-200
@inproceedings{1fd30cc94ed4401b9d7e4f2caeb2e793,
title = "Potential Component Leaks in Android Apps: An Investigation into a New Feature Set for Malware Detection",
abstract = "We discuss the capability of a new feature set for malware detection based on potential component leaks (PCLs). PCLs are defined as sensitive data-flows that involve Android inter-component communications. We show that PCLs are common in Android apps and that malicious applications indeed manipulate significantly more PCLs than benign apps. Then, we evaluate a machine learning-based approach relying on PCLs. Experimental validations show high performance for identifying malware, demonstrating that PCLs can be used for discriminating malicious apps from benign apps.",
author = "Li Li and Kevin Allix and Daoyuan Li and Alexandre Bartel and Bissyand{\'e}, {Tegawend{\'e} F.} and Jacques Klein",
year = "2015",
month = "9",
day = "21",
doi = "10.1109/QRS.2015.36",
language = "English",
pages = "195--200",
booktitle = "Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015",
publisher = "IEEE, Institute of Electrical and Electronics Engineers",
address = "United States of America",

}

Li, L, Allix, K, Li, D, Bartel, A, Bissyandé, TF & Klein, J 2015, Potential Component Leaks in Android Apps: An Investigation into a New Feature Set for Malware Detection. in Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015., 7272932, IEEE, Institute of Electrical and Electronics Engineers, pp. 195-200, IEEE International Conference on Software Quality, Reliability and Security, QRS 2015, Vancouver, Canada, 3/08/15. https://doi.org/10.1109/QRS.2015.36

Potential Component Leaks in Android Apps : An Investigation into a New Feature Set for Malware Detection. / Li, Li; Allix, Kevin; Li, Daoyuan; Bartel, Alexandre; Bissyandé, Tegawendé F.; Klein, Jacques.

Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015. IEEE, Institute of Electrical and Electronics Engineers, 2015. p. 195-200 7272932.

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

TY - GEN

T1 - Potential Component Leaks in Android Apps

T2 - An Investigation into a New Feature Set for Malware Detection

AU - Li, Li

AU - Allix, Kevin

AU - Li, Daoyuan

AU - Bartel, Alexandre

AU - Bissyandé, Tegawendé F.

AU - Klein, Jacques

PY - 2015/9/21

Y1 - 2015/9/21

N2 - We discuss the capability of a new feature set for malware detection based on potential component leaks (PCLs). PCLs are defined as sensitive data-flows that involve Android inter-component communications. We show that PCLs are common in Android apps and that malicious applications indeed manipulate significantly more PCLs than benign apps. Then, we evaluate a machine learning-based approach relying on PCLs. Experimental validations show high performance for identifying malware, demonstrating that PCLs can be used for discriminating malicious apps from benign apps.

AB - We discuss the capability of a new feature set for malware detection based on potential component leaks (PCLs). PCLs are defined as sensitive data-flows that involve Android inter-component communications. We show that PCLs are common in Android apps and that malicious applications indeed manipulate significantly more PCLs than benign apps. Then, we evaluate a machine learning-based approach relying on PCLs. Experimental validations show high performance for identifying malware, demonstrating that PCLs can be used for discriminating malicious apps from benign apps.

UR - http://www.scopus.com/inward/record.url?scp=84962109836&partnerID=8YFLogxK

U2 - 10.1109/QRS.2015.36

DO - 10.1109/QRS.2015.36

M3 - Conference Paper

SP - 195

EP - 200

BT - Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015

PB - IEEE, Institute of Electrical and Electronics Engineers

ER -

Li L, Allix K, Li D, Bartel A, Bissyandé TF, Klein J. Potential Component Leaks in Android Apps: An Investigation into a New Feature Set for Malware Detection. In Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015. IEEE, Institute of Electrical and Electronics Engineers. 2015. p. 195-200. 7272932 https://doi.org/10.1109/QRS.2015.36