Internal report (Reports)
A Study of Potential Component Leaks in Android Apps
Li, Li; Allix, Kevin; Li, Daoyuan et al.


Full Text
Author preprint (1.4 MB)

All documents in ORBilu are protected by a user license.

Send to


Abstract :
[en] We discuss the capability of a new feature set for malware detection based on potential component leaks (PCLs). PCLs are defined as sensitive data-flows that involve Android inter-component communications. We show that PCLs are common in Android apps and that malicious applications indeed manipulate significantly more PCLs than benign apps. Then, we evaluate a machine learning-based approach relying on PCLs. Experimental validation show high performance with 95% precision for identifying malware, demonstrating that PCLs can be used for discriminating malicious apps from benign apps. By further investigating the generalization ability of this feature set, we highlight an issue often overlooked in the Android malware detection community: Qualitative aspects of training datasets have a strong impact on a malware detector’s performance. Furthermore, this impact cannot be overcome by simply increasing the Quantity of training material.
Disciplines :
Computer science
Author, co-author :
Li, Li ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Allix, Kevin 
Li, Daoyuan 
Bartel, Alexandre
Bissyande, Tegawendé François D Assise  
Klein, Jacques ;  University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
Language :
Title :
A Study of Potential Component Leaks in Android Apps
Publication date :
June 2015
Publisher :
SnT Centre - University of Luxembourg
Funders :
FNR - Fonds National de la Recherche [LU]
Available on ORBilu :
since 07 March 2016


Number of views
144 (2 by Unilu)
Number of downloads
172 (8 by Unilu)


Similar publications

Contact ORBilu