RAPID-Risk Assessment of Android Permission and Application Programming Interface (API) Call for Android Botnet

  • Authors

    • Zubaile Abdullah
    • Madihah Mohd Saudi
    2018-10-07
    https://doi.org/10.14419/ijet.v7i4.15.21370
  • Android Analysis, Android Botnet, Feature Selection, Risk Assessment.
  • Android applications may pose risks to smartphone users. Most of the current security countermeasures for detecting dangerous apps show some weaknesses. In this paper, a risk assessment method is proposed to evaluate the risk level of Android apps in terms of confidentiality (privacy), integrity (financial) and availability (system). The proposed research performs mathematical analysis of an app and returns a single easy to understand evaluation of the app’s risk level (i.e., Very Low, Low, Moderate, High, and Very High). These schemes have been tested on 2488 samples coming from Google Play and Android botnet dataset. The results show a good accuracy in both identifying the botnet apps and in terms of risk level.

     

  • References

    1. [1] IDC: Smartphone OS Market Share. (n.d.). https://www.idc.com/promo/smartphone-market-share/os.

      [2] Tong, F., & Yan, Z. (2017). A hybrid approach of mobile malware detection in Android. Journal of Parallel and Distributed Computing, 103, 22–31.

      [3] Somarriba, O., Zurutuza, U., Uribeetxeberria, R., Delosières, L., & Nadjm-Tehrani, S. (2016). Detection and visualization of android malware behavior. Journal of Electrical and Computer Engineering, 2016, 1-17.

      [4] Zheng, C., Zhu, S., Dai, S., Gu, G., Gong, X., Han, X., & Zou, W. (2012). Smartdroid: an automatic system for revealing ui-based trigger conditions in android applications. Proceedings of the Second ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 93–104.

      [5] Felt, A. P., Ha, E., Egelman, S., Haney, A., Chin, E., & Wagner, D. (2012). Android permissions: User attention, comprehension, and behavior. Proceedings of the Eighth Symposium on Usable Privacy and Security, pp. 1-14.

      [6] Eslahi, M., Salleh, R., & Anuar, N. B. (2012). Bots and botnets: An overview of characteristics, detection and challenges. Proceedings of the IEEE International Conference on Control System, Computing and Engineering, pp. 349–354.

      [7] Xiang, C., Binxing, F., Lihua, Y., Xiaoyi, L., & Tianning, Z. (2011). Andbot: Towards advanced mobile botnets. Proceedings of the 4th USENIX Conference on Large-Scale Exploits and Emergent Threats, pp. 1-7.

      [8] Yusof, M. Bin, Mohd Saudi, M., & Ridzuan, F. (2017). A systematic review and analysis of mobile botnet detection for GPS exploitation. Advanced Science Letters, 23(5), 4696–4700.

      [9] Enck, W., Ongtang, M., & McDaniel, P. (2009). On lightweight mobile phone application certification. Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 235–245.

      [10] Liang, S., & Du, X. (2014). Permission-combination-based scheme for android mobile malware detection. Proceedings of the IEEE International Conference on Communications, pp. 2301–2306.

      [11] Aafer, Y., Du, W., & Yin, H. (2013). Droidapiminer: Mining api-level features for robust malware detection in android. Proceedings of the International Conference on Security and Privacy in Communication Systems, pp. 86–103.

      [12] Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K., & Siemens, C. (2014). DREBIN: Effective and explainable detection of android malware in your pocket. Proceedings of the Ndss, pp. 23–26.

      [13] Sarma, B., Li, N., Gates, C., Potharaju, R., Nita-rotaru, C., & Molloy, I. (2012). Android permissions: A perspective combining risks and benefits. Proceedings of the Symposium on Access Control Models and Technologies, pp. 13-22.

      [14] Peng, H., Gates, C., Sarma, B., Li, N., Qi, Y., Potharaju, R., Nita-Rotaru, C, & Molloy, I. (2012). Using probabilistic generative models for ranking risks of Android apps. Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 1-12.

      [15] Ye, Y., Wu, L., Hong, Z., & K Huang. (2017). A risk classification based approach for android malware detection. KSII Transactions on Internet and Information Systems, 11(2), 959–981.

      [16] Dini, G., Martinelli, F., Matteucci, I., Petrocchi, M., Saracino, A., & Sgandurra, D. (2018). Risk analysis of Android applications: A user-centric solution. Future Generation Computer Systems, 80, 505–518.

      [17] Stakhanova, N., & Ghorbani, A. A. (2015). Android Botnets: What URLs are telling us. Proceedings of the Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics, pp. 78–91.

      [18] Mahindru, A., & Singh, P. (2017). Dynamic permissions based Android malware detection using machine learning techniques. In Proceedings of the ACM 10th Innovations in Software Engineering Conference, pp. 202–210.

      [19] ApkTool. (n.d.). A tool for reverse engineering Android apk files. https://ibotpeaches.github.io/Apktool/.

      [20] Android Developers. (n.d.). Permissions overview. https://developer.android.com/guide/topics/permissions/overview

      [21] Deepa, K., Radhamani, G., & Vinod, P. (2015). Investigation of feature selection methods for android malware analysis. Procedia Computer Science, 46, 841–848.

      [22] Fereidooni, H., Moonsamy, V., Conti, M., & Batina, L. (2016). Efficient classification of Android Malware in the wild using robust static features. In W. Meng, X. Luo, S. Furnell, & J. Zhou (Eds.), Protecting Mobile Networks and Devices: Challenges and Solutions. Florida: CRC Press, pp. 181–209.

      [23] Karim, A., Salleh, R., & Shah, S. A. A. (2015). DeDroid: A mobile botnet detection approach based on static analysis. Proceedings of the IEEE 12th International Conference on Ubiquitous Intelligence and Computing and IEEE 12th International Conference on Autonomic and Trusted Computing and IEEE 15th International Conference on Scalable Computing and Communications and Its Associated Workshops, pp. 1327–1332.

      [24] Qiao, M., Sung, A. H., & Liu, Q. (2016). Merging permission and api features for android malware detection. Proceedings of the IEEE 5th IIAI International Congress on Advanced Applied Informatics, pp. 566–571.

      [25] Yerima, S. Y., Sezer, S., McWilliams, G., & Muttik, I. (2013). A new android malware detection approach using Bayesian classification. Proceedings of the IEEE 27th International Conference on Advanced Information Networking and Applications, pp. 121–128.

      [26] Felt, A. P., Finifter, M., Chin, E., Hanna, S., & Wagner, D. (2011). A survey of mobile malware in the wild. Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 3–14.

      [27] Jorgensen, Z., Chen, J., Gates, C. S., Li, N., Proctor, R. W., & Yu, T. (2015). Dimensions of risk in mobile applications: A user study. Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, pp. 49–60.

      [28] National Institute of Standards and Technology Gaithersburg. (2012). Guide for conducting risk assessments. NIST Special Publication.

  • Downloads

  • How to Cite

    Abdullah, Z., & Mohd Saudi, M. (2018). RAPID-Risk Assessment of Android Permission and Application Programming Interface (API) Call for Android Botnet. International Journal of Engineering & Technology, 7(4.15), 49-54. https://doi.org/10.14419/ijet.v7i4.15.21370