Reference : A Study of Potential Component Leaks in Android Apps
Reports : Internal report
Engineering, computing & technology : Computer science
A Study of Potential Component Leaks in Android Apps
Li, Li mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Allix, Kevin []
Li, Daoyuan []
Bartel, Alexandre []
Bissyande, Tegawendé François D Assise []
Klein, Jacques mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
SnT Centre - University of Luxembourg
[en] We discuss the capability of a new feature set for malware detection based on potential component leaks (PCLs). PCLs are defined as sensitive data-flows that involve Android inter-component communications. We show that PCLs are common in Android apps and that malicious applications indeed manipulate significantly more PCLs than benign apps. Then, we evaluate a machine learning-based approach relying on PCLs. Experimental validation show high performance with 95% precision for identifying malware, demonstrating that PCLs can be used for discriminating malicious apps from benign apps.
By further investigating the generalization ability of this feature set, we highlight an issue often overlooked in the Android malware detection community: Qualitative aspects of training datasets have a strong impact on a malware detector’s performance. Furthermore, this impact cannot be overcome by simply increasing the Quantity of training material.
Fonds National de la Recherche - FnR
Researchers ; Professionals ; Students ; General public ; Others

File(s) associated to this reference

Fulltext file(s):

Open access
li2015study.pdfAuthor preprint1.37 MBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.