Potential Component Leaks in Android Apps: An Investigation into a New Feature Set for Malware Detection

Li Li; Kevin Allix; Daoyuan Li; Alexandre Bartel; Tegawendé F. Bissyandé; Jacques Klein

doi:10.1109/QRS.2015.36

Potential Component Leaks in Android Apps

An Investigation into a New Feature Set for Malware Detection

Li Li, Kevin Allix, Daoyuan Li, Alexandre Bartel, Tegawendé F. Bissyandé, Jacques Klein

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

8 Citations (Scopus)

Abstract

We discuss the capability of a new feature set for malware detection based on potential component leaks (PCLs). PCLs are defined as sensitive data-flows that involve Android inter-component communications. We show that PCLs are common in Android apps and that malicious applications indeed manipulate significantly more PCLs than benign apps. Then, we evaluate a machine learning-based approach relying on PCLs. Experimental validations show high performance for identifying malware, demonstrating that PCLs can be used for discriminating malicious apps from benign apps.

Original language	English
Title of host publication	Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015
Publisher	IEEE, Institute of Electrical and Electronics Engineers
Pages	195-200
Number of pages	6
ISBN (Electronic)	9781467379892
DOIs	https://doi.org/10.1109/QRS.2015.36
Publication status	Published - 21 Sep 2015
Externally published	Yes
Event	IEEE International Conference on Software Quality, Reliability and Security, QRS 2015 - Vancouver, Canada Duration: 3 Aug 2015 → 5 Aug 2015

Conference

Conference	IEEE International Conference on Software Quality, Reliability and Security, QRS 2015
Country	Canada
City	Vancouver
Period	3/08/15 → 5/08/15

Cite this

Li, L., Allix, K., Li, D., Bartel, A., Bissyandé, T. F., & Klein, J. (2015). Potential Component Leaks in Android Apps: An Investigation into a New Feature Set for Malware Detection. In Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015 (pp. 195-200). [7272932] IEEE, Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/QRS.2015.36

Li, Li ; Allix, Kevin ; Li, Daoyuan ; Bartel, Alexandre ; Bissyandé, Tegawendé F. ; Klein, Jacques. / Potential Component Leaks in Android Apps : An Investigation into a New Feature Set for Malware Detection. Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015. IEEE, Institute of Electrical and Electronics Engineers, 2015. pp. 195-200

@inproceedings{1fd30cc94ed4401b9d7e4f2caeb2e793,

title = "Potential Component Leaks in Android Apps: An Investigation into a New Feature Set for Malware Detection",

abstract = "We discuss the capability of a new feature set for malware detection based on potential component leaks (PCLs). PCLs are defined as sensitive data-flows that involve Android inter-component communications. We show that PCLs are common in Android apps and that malicious applications indeed manipulate significantly more PCLs than benign apps. Then, we evaluate a machine learning-based approach relying on PCLs. Experimental validations show high performance for identifying malware, demonstrating that PCLs can be used for discriminating malicious apps from benign apps.",

author = "Li Li and Kevin Allix and Daoyuan Li and Alexandre Bartel and Bissyand{\'e}, {Tegawend{\'e} F.} and Jacques Klein",

year = "2015",

month = "9",

day = "21",

doi = "10.1109/QRS.2015.36",

language = "English",

pages = "195--200",

booktitle = "Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015",

publisher = "IEEE, Institute of Electrical and Electronics Engineers",

address = "United States of America",

}

Li, L, Allix, K, Li, D, Bartel, A, Bissyandé, TF & Klein, J 2015, Potential Component Leaks in Android Apps: An Investigation into a New Feature Set for Malware Detection. in Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015., 7272932, IEEE, Institute of Electrical and Electronics Engineers, pp. 195-200, IEEE International Conference on Software Quality, Reliability and Security, QRS 2015, Vancouver, Canada, 3/08/15. https://doi.org/10.1109/QRS.2015.36

Potential Component Leaks in Android Apps : An Investigation into a New Feature Set for Malware Detection. / Li, Li; Allix, Kevin; Li, Daoyuan; Bartel, Alexandre; Bissyandé, Tegawendé F.; Klein, Jacques.

Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015. IEEE, Institute of Electrical and Electronics Engineers, 2015. p. 195-200 7272932.

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

TY - GEN

T1 - Potential Component Leaks in Android Apps

T2 - An Investigation into a New Feature Set for Malware Detection

AU - Li, Li

AU - Allix, Kevin

AU - Li, Daoyuan

AU - Bartel, Alexandre

AU - Bissyandé, Tegawendé F.

AU - Klein, Jacques

PY - 2015/9/21

Y1 - 2015/9/21

N2 - We discuss the capability of a new feature set for malware detection based on potential component leaks (PCLs). PCLs are defined as sensitive data-flows that involve Android inter-component communications. We show that PCLs are common in Android apps and that malicious applications indeed manipulate significantly more PCLs than benign apps. Then, we evaluate a machine learning-based approach relying on PCLs. Experimental validations show high performance for identifying malware, demonstrating that PCLs can be used for discriminating malicious apps from benign apps.

AB - We discuss the capability of a new feature set for malware detection based on potential component leaks (PCLs). PCLs are defined as sensitive data-flows that involve Android inter-component communications. We show that PCLs are common in Android apps and that malicious applications indeed manipulate significantly more PCLs than benign apps. Then, we evaluate a machine learning-based approach relying on PCLs. Experimental validations show high performance for identifying malware, demonstrating that PCLs can be used for discriminating malicious apps from benign apps.

UR - http://www.scopus.com/inward/record.url?scp=84962109836&partnerID=8YFLogxK

U2 - 10.1109/QRS.2015.36

DO - 10.1109/QRS.2015.36

M3 - Conference Paper

SP - 195

EP - 200

BT - Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015

PB - IEEE, Institute of Electrical and Electronics Engineers

ER -

Li L, Allix K, Li D, Bartel A, Bissyandé TF, Klein J. Potential Component Leaks in Android Apps: An Investigation into a New Feature Set for Malware Detection. In Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015. IEEE, Institute of Electrical and Electronics Engineers. 2015. p. 195-200. 7272932 https://doi.org/10.1109/QRS.2015.36

Access to Document

10.1109/QRS.2015.36

Link to publication in Scopus