Towards a threat assessment framework for apps collusion

Harsha Kumara Kalutarage; Hoang Nga Nguyen; Siraj Ahmed Shaikh

doi:10.1007/s11235-017-0296-1

Towards a threat assessment framework for apps collusion

Harsha Kumara Kalutarage, Hoang Nga Nguyen, Siraj Ahmed Shaikh

Queen's University Belfast

Research output: Contribution to journal › Article › peer-review

11 Citations (Scopus)

65 Downloads (Pure)

Abstract

App collusion refers to two or more apps working together to achieve a malicious goal that they otherwise would not be able to achieve individually. The permissions based security model (PBSM) of Android does not address this threat as it is rather limited to mitigating risks of individual apps. This paper presents a technique for quantifying the collusion threat, essentially the first step towards assessing the collusion risk. The proposed method is useful in finding the collusion candidate of interest which is critical given the high volume of Android apps available. We present our empirical analysis using a classified corpus of over 29000 Android apps provided by Intel SecurityTM.

Original language	English
Pages (from-to)	417-430
Number of pages	14
Journal	Telecommunication Systems
Volume	66
Issue number	3
Early online date	7 Mar 2017
DOIs	https://doi.org/10.1007/s11235-017-0296-1
Publication status	Published - Nov 2017

Bibliographical note

This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecomm ons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.

Keywords

Android security
Apps collusion
Threat assessment
Bayesian
Statistical modelling

Access to Document

10.1007/s11235-017-0296-1Licence: CC BY

PublishedFinal published version, 1.24 MBLicence: CC BY

Cite this

@article{aca43e9114244a2abf75a438a8d99a6a,

title = "Towards a threat assessment framework for apps collusion",

abstract = "App collusion refers to two or more apps working together to achieve a malicious goal that they otherwise would not be able to achieve individually. The permissions based security model (PBSM) of Android does not address this threat as it is rather limited to mitigating risks of individual apps. This paper presents a technique for quantifying the collusion threat, essentially the first step towards assessing the collusion risk. The proposed method is useful in finding the collusion candidate of interest which is critical given the high volume of Android apps available. We present our empirical analysis using a classified corpus of over 29000 Android apps provided by Intel SecurityTM.",

keywords = "Android security, Apps collusion, Threat assessment, Bayesian, Statistical modelling",

author = "Kalutarage, {Harsha Kumara} and Nguyen, {Hoang Nga} and Shaikh, {Siraj Ahmed}",

note = "This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecomm ons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.",

year = "2017",

month = nov,

doi = "10.1007/s11235-017-0296-1",

language = "English",

volume = "66",

pages = "417--430",

journal = "Telecommunication Systems",

issn = "1018-4864",

publisher = "Springer Verlag",

number = "3",

}

TY - JOUR

T1 - Towards a threat assessment framework for apps collusion

AU - Kalutarage, Harsha Kumara

AU - Nguyen, Hoang Nga

AU - Shaikh, Siraj Ahmed

N1 - This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecomm ons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.

PY - 2017/11

Y1 - 2017/11

N2 - App collusion refers to two or more apps working together to achieve a malicious goal that they otherwise would not be able to achieve individually. The permissions based security model (PBSM) of Android does not address this threat as it is rather limited to mitigating risks of individual apps. This paper presents a technique for quantifying the collusion threat, essentially the first step towards assessing the collusion risk. The proposed method is useful in finding the collusion candidate of interest which is critical given the high volume of Android apps available. We present our empirical analysis using a classified corpus of over 29000 Android apps provided by Intel SecurityTM.

AB - App collusion refers to two or more apps working together to achieve a malicious goal that they otherwise would not be able to achieve individually. The permissions based security model (PBSM) of Android does not address this threat as it is rather limited to mitigating risks of individual apps. This paper presents a technique for quantifying the collusion threat, essentially the first step towards assessing the collusion risk. The proposed method is useful in finding the collusion candidate of interest which is critical given the high volume of Android apps available. We present our empirical analysis using a classified corpus of over 29000 Android apps provided by Intel SecurityTM.

KW - Android security

KW - Apps collusion

KW - Threat assessment

KW - Bayesian

KW - Statistical modelling

U2 - 10.1007/s11235-017-0296-1

DO - 10.1007/s11235-017-0296-1

M3 - Article

SN - 1018-4864

SN - 1572-9451

VL - 66

SP - 417

EP - 430

JO - Telecommunication Systems

JF - Telecommunication Systems

IS - 3

ER -

Towards a threat assessment framework for apps collusion

Abstract

Bibliographical note

Keywords

Access to Document

Fingerprint

Cite this