No Cover Image

Journal article 688 views 58 downloads

Towards a threat assessment framework for apps collusion

Harsha Kumara Kalutarage Orcid Logo, Hoang Nguyen Orcid Logo, Siraj Shaikh Orcid Logo

Telecommunication Systems, Volume: 66, Issue: 3, Pages: 417 - 430

Swansea University Authors: Hoang Nguyen Orcid Logo, Siraj Shaikh Orcid Logo

  • 61043_VoR.pdf

    PDF | Version of Record

    © The Author(s) 2017. This article is distributed under the terms of the Creative Commons Attribution 4.0 International License

    Download (1.09MB)

Abstract

App collusion refers to two or more apps working together to achieve a malicious goal that they otherwise would not be able to achieve individually. The permissions based security model of Android does not address this threat as it is rather limited to mitigating risks of individual apps. This paper...

Full description

Published in: Telecommunication Systems
ISSN: 1018-4864 1572-9451
Published: Springer Science and Business Media LLC 2017
Online Access: Check full text

URI: https://cronfa.swan.ac.uk/Record/cronfa61043
Tags: Add Tag
No Tags, Be the first to tag this record!
Abstract: App collusion refers to two or more apps working together to achieve a malicious goal that they otherwise would not be able to achieve individually. The permissions based security model of Android does not address this threat as it is rather limited to mitigating risks of individual apps. This paper presents a technique for quantifying the collusion threat, essentially the first step towards assessing the collusion risk. The proposed method is useful in finding the collusion candidate of interest which is critical given the high volume of Android apps available. We present our empirical analysis using a classified corpus of over 29,000 Android apps provided by Intel SecurityTM.
Keywords: Android security; Apps collusion; Threat assessment; Bayesian; Statistical modelling
College: Faculty of Science and Engineering
Funders: This work is as a result of the App Collusion Detection (ACiD) (http://cs.swan.ac.uk/~csmarkus/ACID/) project funded by the Engineering and Physical Sciences Research Council (EPSRC) of the UK under the grant EP/L022656/1 (http://gow.epsrc.ac.uk/NGBOViewGrant.aspx?GrantRef=EP/L022656/1).
Issue: 3
Start Page: 417
End Page: 430