Towards a threat assessment framework for apps collusion

Harsha Kumara Kalutarage, Hoang Nga Nguyen, Siraj Ahmed Shaikh

Research output: Contribution to journalArticle

4 Citations (Scopus)
41 Downloads (Pure)

Abstract

App collusion refers to two or more apps working together to achieve a malicious goal that they otherwise would not be able to achieve individually. The permissions based security model (PBSM) of Android does not address this threat as it is rather limited to mitigating risks of individual apps. This paper presents a technique for quantifying the collusion threat, essentially the first step towards assessing the collusion risk. The proposed method is useful in finding the collusion candidate of interest which is critical given the high volume of Android apps available. We present our empirical analysis using a classified corpus of over 29000 Android apps provided by Intel SecurityTM.
Original languageEnglish
Pages (from-to)417-430
Number of pages14
JournalTelecommunication Systems
Volume66
Issue number3
Early online date7 Mar 2017
DOIs
Publication statusPublished - Nov 2017

Fingerprint

Application programs
Android (operating system)

Bibliographical note

This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecomm ons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.

Keywords

  • Android security
  • Apps collusion
  • Threat assessment
  • Bayesian
  • Statistical modelling

Cite this

Towards a threat assessment framework for apps collusion. / Kalutarage, Harsha Kumara; Nguyen, Hoang Nga; Shaikh, Siraj Ahmed.

In: Telecommunication Systems, Vol. 66, No. 3, 11.2017, p. 417-430.

Research output: Contribution to journalArticle

@article{aca43e9114244a2abf75a438a8d99a6a,
title = "Towards a threat assessment framework for apps collusion",
abstract = "App collusion refers to two or more apps working together to achieve a malicious goal that they otherwise would not be able to achieve individually. The permissions based security model (PBSM) of Android does not address this threat as it is rather limited to mitigating risks of individual apps. This paper presents a technique for quantifying the collusion threat, essentially the first step towards assessing the collusion risk. The proposed method is useful in finding the collusion candidate of interest which is critical given the high volume of Android apps available. We present our empirical analysis using a classified corpus of over 29000 Android apps provided by Intel SecurityTM.",
keywords = "Android security, Apps collusion, Threat assessment, Bayesian, Statistical modelling",
author = "Kalutarage, {Harsha Kumara} and Nguyen, {Hoang Nga} and Shaikh, {Siraj Ahmed}",
note = "This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecomm ons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.",
year = "2017",
month = "11",
doi = "10.1007/s11235-017-0296-1",
language = "English",
volume = "66",
pages = "417--430",
journal = "Telecommunication Systems",
issn = "1018-4864",
publisher = "Springer Verlag",
number = "3",

}

TY - JOUR

T1 - Towards a threat assessment framework for apps collusion

AU - Kalutarage, Harsha Kumara

AU - Nguyen, Hoang Nga

AU - Shaikh, Siraj Ahmed

N1 - This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecomm ons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.

PY - 2017/11

Y1 - 2017/11

N2 - App collusion refers to two or more apps working together to achieve a malicious goal that they otherwise would not be able to achieve individually. The permissions based security model (PBSM) of Android does not address this threat as it is rather limited to mitigating risks of individual apps. This paper presents a technique for quantifying the collusion threat, essentially the first step towards assessing the collusion risk. The proposed method is useful in finding the collusion candidate of interest which is critical given the high volume of Android apps available. We present our empirical analysis using a classified corpus of over 29000 Android apps provided by Intel SecurityTM.

AB - App collusion refers to two or more apps working together to achieve a malicious goal that they otherwise would not be able to achieve individually. The permissions based security model (PBSM) of Android does not address this threat as it is rather limited to mitigating risks of individual apps. This paper presents a technique for quantifying the collusion threat, essentially the first step towards assessing the collusion risk. The proposed method is useful in finding the collusion candidate of interest which is critical given the high volume of Android apps available. We present our empirical analysis using a classified corpus of over 29000 Android apps provided by Intel SecurityTM.

KW - Android security

KW - Apps collusion

KW - Threat assessment

KW - Bayesian

KW - Statistical modelling

U2 - 10.1007/s11235-017-0296-1

DO - 10.1007/s11235-017-0296-1

M3 - Article

VL - 66

SP - 417

EP - 430

JO - Telecommunication Systems

JF - Telecommunication Systems

SN - 1018-4864

IS - 3

ER -