Towards a threat assessment framework for apps collusion

Harsha Kumara Kalutarage, Hoang Nga Nguyen, Siraj Ahmed Shaikh

    Research output: Contribution to journalArticlepeer-review

    11 Citations (Scopus)
    65 Downloads (Pure)


    App collusion refers to two or more apps working together to achieve a malicious goal that they otherwise would not be able to achieve individually. The permissions based security model (PBSM) of Android does not address this threat as it is rather limited to mitigating risks of individual apps. This paper presents a technique for quantifying the collusion threat, essentially the first step towards assessing the collusion risk. The proposed method is useful in finding the collusion candidate of interest which is critical given the high volume of Android apps available. We present our empirical analysis using a classified corpus of over 29000 Android apps provided by Intel SecurityTM.
    Original languageEnglish
    Pages (from-to)417-430
    Number of pages14
    JournalTelecommunication Systems
    Issue number3
    Early online date7 Mar 2017
    Publication statusPublished - Nov 2017

    Bibliographical note

    This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecomm, which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.


    • Android security
    • Apps collusion
    • Threat assessment
    • Bayesian
    • Statistical modelling


    Dive into the research topics of 'Towards a threat assessment framework for apps collusion'. Together they form a unique fingerprint.

    Cite this