Runtime Permission Issues in Android Apps: Taxonomy, Practices, and Ways Forward

Wang, Ying; Wang, Yibo; Wang, Sinan; Liu, Yepang; Chen, Xu; Cheung, Shing-Chi; Yu, Hai; Zhu, Zhiliang

doi:10.48550/arxiv.2106.13012

Cited by 1 publication

(1 citation statement)

References 33 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Refs. [38,39] addressed these issues. Fortunately, the runtime permission issue affects the performance of our method very little because every Android app should declare at install time all permission requests (including runtime permissions) in AndroidManifest.xml, from which our method extracts permission request information.…”

Section: Android Permission Modelmentioning

confidence: 99%

Machine-Learning-Based Android Malware Family Classification Using Built-In and Custom Permissions

Kim

Hwang

et al. 2021

Applied Sciences

View full text Add to dashboard Cite

Malware family classification is grouping malware samples that have the same or similar characteristics into the same family. It plays a crucial role in understanding notable malicious patterns and recovering from malware infections. Although many machine learning approaches have been devised for this problem, there are still several open questions including, “Which features, classifiers, and evaluation metrics are better for malware familial classification”? In this paper, we propose a machine learning approach to Android malware family classification using built-in and custom permissions. Each Android app must declare proper permissions to access restricted resources or to perform restricted actions. Permission declaration is an efficient and obfuscation-resilient feature for malware analysis. We developed a malware family classification technique using permissions and conducted extensive experiments with several classifiers on a well-known dataset, DREBIN. We then evaluated the classifiers in terms of four metrics: macrolevel F1-score, accuracy, balanced accuracy (BAC), and the Matthews correlation coefficient (MCC). BAC and the MCC are known to be appropriate for evaluating imbalanced data classification. Our experimental results showed that: (i) custom permissions had a positive impact on classification performance; (ii) even when the same classifier and the same feature information were used, there was a difference up to 3.67% between accuracy and BAC; (iii) LightGBM and AdaBoost performed better than other classifiers we considered.

show abstract

Section: Android Permission Modelmentioning

confidence: 99%