Towards a threat assessment framework for apps collusion

Harsha Kumara Kalutarage, Hoang Nga Nguyen, Siraj Ahmed Shaikh

Research output: Contribution to journalArticle

8 Citations (Scopus)
42 Downloads (Pure)

Abstract

App collusion refers to two or more apps working together to achieve a malicious goal that they otherwise would not be able to achieve individually. The permissions based security model (PBSM) of Android does not address this threat as it is rather limited to mitigating risks of individual apps. This paper presents a technique for quantifying the collusion threat, essentially the first step towards assessing the collusion risk. The proposed method is useful in finding the collusion candidate of interest which is critical given the high volume of Android apps available. We present our empirical analysis using a classified corpus of over 29000 Android apps provided by Intel SecurityTM.
Original languageEnglish
Pages (from-to)417-430
Number of pages14
JournalTelecommunication Systems
Volume66
Issue number3
Early online date7 Mar 2017
DOIs
Publication statusPublished - Nov 2017

Bibliographical note

This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecomm ons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.

Keywords

  • Android security
  • Apps collusion
  • Threat assessment
  • Bayesian
  • Statistical modelling

Fingerprint Dive into the research topics of 'Towards a threat assessment framework for apps collusion'. Together they form a unique fingerprint.

  • Cite this