Android application classification and anomaly detection with graph-based permission patterns

摘要

Android is one of the mobile market leaders, offering more than a million applications on Google Play store. Google checks the application for known malware, but applications abusively collecting users' data and requiring access to sensitive services not related to functionalities are still present on the market. A permission system is a user-centric security solution against abusive applications and malware that has been unsuccessful: users are incapable of understanding and judging the permissions required by each application and often ignore on-installation warnings. State-of-the-art shows that the current permission system is inappropriate for end-users. However, Android permission lists do provide information about the application's behavior and may be suitable for automatic application analysis. Identifying key permissions for functionalities and expected permission requests can help leverage abnormal application behavior and provide a simpler risk warning for users. Applications with similar functionalities are grouped into categories on Google Play and this work therefore analyzes permission requests by category.