ue 15(4): e5

Research Article

Android Apps Risk Evaluation: a methodology

Download198 downloads
  • @ARTICLE{10.4108/ue.1.4.e5,
        author={Andrea Atzeni and Tao Su and Madalina Baltatu and Rosalia D'Alessandro and Giovanni Pessiva},
        title={Android Apps Risk Evaluation: a methodology},
        journal={EAI Endorsed Transactions on Ubiquitous Environments},
        volume={1},
        number={4},
        publisher={ICST},
        journal_a={UE},
        year={2015},
        month={5},
        keywords={Android application analysis, application risk level estimation, fuzzy logic algorithm},
        doi={10.4108/ue.1.4.e5}
    }
    
  • Andrea Atzeni
    Tao Su
    Madalina Baltatu
    Rosalia D'Alessandro
    Giovanni Pessiva
    Year: 2015
    Android Apps Risk Evaluation: a methodology
    UE
    ICST
    DOI: 10.4108/ue.1.4.e5
Andrea Atzeni1, Tao Su1,*, Madalina Baltatu2, Rosalia D'Alessandro2, Giovanni Pessiva3
  • 1: DAUIN, Politecnico di Torino - Corso Duca degli Abruzzi, 24 - 10129 Torino, ITALY
  • 2: Telecom Italia Information Technology Security Lab, Via Reiss Romoli, 274, Torino, ITALY
  • 3: Reply SpA, Via Cardinale Massaia, 83, Torino, ITALY
*Contact email: tao.su@polito.it

Abstract

Android uses a permission-based security model to limit its app's capability. However, the user's decision is almost completely unrelated to the app's risk level due to insucient information. The platform openness and the plethora of available software also make dangerous apps (not necessarily malware) very common. To enhance end-user security awareness, we propose a new approach and tool to evaluate the potential risks of Android app packages. We integrated various static and dynamic analysis techniques into a framework able to detect suspicious activities, map them to ne-grained risk categories and evaluate them with the fuzzy logic algorithm. This tool can retrieve and analyse large quantities of apps automatically and provides a simple logic for other tools to integrate with. Finally, our software has been tested on a large set of real-world samples, both benign and malicious, demonstrating its eciency (4s/app) and a reasonable capacity to evaluate the risk of Android app packages.