Empirical Analysis of Static Code Metrics for Predicting Risk Scores in Android Applications

Alenezi, Mamdouh; Almomani, Iman

doi:10.1007/978-3-319-78753-4_8

Cited by 8 publications

(8 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In a recent work, Rahman et al find that static code metrics, extracted from the source code of Android applications (eg, number of lines, functional complexity, and McCabe's complexity), might be used effectively to predict multiple levels of security and privacy risk for Android applications. In a similar effort, Alenezi and colleagues use SonarQube to extract code metrics from 1407 Android applications and study the most influential static code metrics that contribute in predicting security vulnerabilities. Wei et al demonstrate that component cohesion and coupling metrics are also effective in predicting vulnerabilities at component level.…”

Section: Related Workmentioning

confidence: 99%

An exploratory study on the evolution of Android malware quality

Mercaldo

Sorbo

Visaggio

et al. 2018

J Software Evolu Process

View full text Add to dashboard Cite

In the context of software engineering, product software quality measures how well a software artifact is designed and coded. Software products must satisfy nonfunctional properties (eg, reliability, usability, understandability, and maintainability), in order to make maintenance and evolution sustainable in the long period. Software evolution is an issue of interest for the malware writers, too, for 2 reasons. First, to evade detection with the minimum effort, malware writers use to produce “variants,” which are obtained by applying little changes to existing malware. Morevoer, recent studies demonstrated that malware is increasingly improving evasion strategies and infection mechanisms and is using more and more complex payloads. This suggests that malware writers are devoting relevant efforts and skills for producing high‐quality software. For this reason, we wonder whether malware writers are devoting effort to improve the structural quality of their code, too, as it happens in the development of goodware. To investigate this question, we (1) characterize a dataset containing about 20 000 Android applications, divided into goodware and malware ones, relying on the Android API version they require, and (2) compute software quality metrics, divided into 4 categories (ie, dimensional, complexity, object‐oriented, and Android‐oriented metrics) for apps belonging to each population. We then identify evolution trends of these metrics in malware and goodware. The results of our study demonstrate that goodware and malicious applications exhibit similar evolution trends for some of the quality indicators, suggesting that malware writers care about the overall quality of their code. Code quality could be considered an indirect measure of how many and how fast variants of existing malware will be released in the wild.

show abstract

Section: Related Workmentioning

confidence: 99%

An exploratory study on the evolution of Android malware quality

Mercaldo

Sorbo

Visaggio

et al. 2018

J Software Evolu Process

View full text Add to dashboard Cite

show abstract

“…Based on the findings of the surveys and interviews conducted in [111] related to intervention for long-term software security, the importance of having an automated code analysis tool to identify vulnerabilities of the written codes has been identified. The empirical analysis conducted in [112] identified the static software metrics' correlation and the most informative metrics which can be used to find code vulnerability related to Android source codes.…”

Section: Machine Learning Methods To Detect Code Vulnerabilitiesmentioning

confidence: 99%

Android Mobile Malware Detection Using Machine Learning: A Systematic Review

2021

View full text Add to dashboard Cite

With the increasing use of mobile devices, malware attacks are rising, especially on Android phones, which account for 72.2% of the total market share. Hackers try to attack smartphones with various methods such as credential theft, surveillance, and malicious advertising. Among numerous countermeasures, machine learning (ML)-based methods have proven to be an effective means of detecting these attacks, as they are able to derive a classifier from a set of training examples, thus eliminating the need for an explicit definition of the signatures when developing malware detectors. This paper provides a systematic review of ML-based Android malware detection techniques. It critically evaluates 106 carefully selected articles and highlights their strengths and weaknesses as well as potential improvements. Finally, the ML-based methods for detecting source code vulnerabilities are discussed, because it might be more difficult to add security after the app is deployed. Therefore, this paper aims to enable researchers to acquire in-depth knowledge in the field and to identify potential future research and development directions.

show abstract

“…(i) the minimum API Level required for the application to run (min sdk), (ii) the specific API Level that the application targets (target sdk), (iii) the number of classes (classes), (iv) the number of packages (packages), (v) the number of interfaces (interfaces), (vi) the number of annotated classes (annotations), and (vii) the number of public classes (public classes). While the numbers of classes of different types determine the size of an app, which plays an important role in determining the security of the app (i.e., more classes mean a larger attack surface [3]), the API Levels indicators are strictly connected with the app security [60].…”

Section: Photosmentioning

confidence: 99%

Exposed! A case study on the vulnerability-proneness of Google Play Apps

Sorbo

Panichella

2021

Empir Software Eng

View full text Add to dashboard Cite

Mobile applications are used for accomplishing everyday life activities, such as shopping, banking, and social communications. To leverage the features of mobile apps, users often need to share sensitive information. However, recent research demonstrated that most of such apps present critical security and privacy defects. In this context, we define as vulnerabilityproneness the risk level(s) that users meet in downloading specific apps, to better understand whether (1) users select apps with lower risk levels and if (2) vulnerability-proneness of an app might affect its success. We use as proxy to measure such risk level the "number of different types of potential security issues exhibited by the app". We conjecture that the vulnerabilityproneness levels may vary based on (i) the types of data handled by the app, and (ii) the operations for which the app is supposed to be used. Hence, we investigate how the vulnerability-proneness of apps varies when observing (i) different app categories, and (ii) apps with different success levels. Finally, to increase the awareness of both users and developers on the vulnerabilityproneness of apps, we evaluate the extent to which contextual information provided by the app market can be exploited to estimate the vulnerabilityproneness levels of mobile apps. Results of our study show that apps in the Medical category exhibit the lowest levels of vulnerability-proneness. Besides, while no strong relations between vulnerability-proneness and average rating are observed, apps with a higher number of downloads tend to have higher vulnerability-proneness levels, but lower vulnerability-proneness density. Fi-* Corresponding author.

show abstract

Empirical Analysis of Static Code Metrics for Predicting Risk Scores in Android Applications

Cited by 8 publications

References 26 publications

An exploratory study on the evolution of Android malware quality

An exploratory study on the evolution of Android malware quality

Android Mobile Malware Detection Using Machine Learning: A Systematic Review

Exposed! A case study on the vulnerability-proneness of Google Play Apps

Contact Info

Product

Resources

About