Skip to Main content Skip to Navigation
New interface
Conference papers

Quantitative Security Risk Assessment of Android Permissions and Applications

Abstract : The booming of the Android platform in recent years has attracted the attention of malware developers. However, the permissions-based model used in Android system to prevent the spread of malware, has shown to be ineffective. In this paper, we propose DroidRisk, a framework for quantitative security risk assessment of both Android permissions and applications (apps) based on permission request patterns from benign apps and malware, which aims to improve the efficiency of Android permission system. Two data sets with 27,274 benign apps from Google Play and 1,260 Android malware samples were used to evaluate the effectiveness of DroidRisk. The results demonstrate that DroidRisk can generate more reliable risk signal for warning the potential malicious activities compared with existing methods. We show that DroidRisk can also be used to alleviate the overprivilege problem and improve the user attention to the risks of Android permissions and apps.
Document type :
Conference papers
Complete list of metadata
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Wednesday, March 15, 2017 - 5:15:44 PM
Last modification on : Thursday, March 16, 2017 - 9:24:25 AM
Long-term archiving on: : Friday, June 16, 2017 - 3:10:53 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Yang Wang, Jun Zheng, Chen Sun, Srinivas Mukkamala. Quantitative Security Risk Assessment of Android Permissions and Applications. 27th Data and Applications Security and Privacy (DBSec), Jul 2013, Newark, NJ, United States. pp.226-241, ⟨10.1007/978-3-642-39256-6_15⟩. ⟨hal-01490707⟩



Record views


Files downloads