1 / 27

A multi- Criteria - based Evaluation of Android Application

A multi- Criteria - based Evaluation of Android Application . Andrea Saracino , G . Dini, F. Martinelli, I. Matteucci, M.Petrocchi , D . Sgandurra. InTrust 2012. Android. Largest Market Share. Plethora of applications. Several marketplace. Official. Unofficial. 61%.

mele
Download Presentation

A multi- Criteria - based Evaluation of Android Application

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. A multi-Criteria-basedEvaluation of Android Application Andrea Saracino, G. Dini, F. Martinelli, I. Matteucci, M.Petrocchi, D. Sgandurra InTrust 2012

  2. Android • Largest Market Share. • Plethora of applications. • Several marketplace. • Official. • Unofficial. 61%

  3. Can we trust them?? • Android is the platform with the largest increase of malware attacks. • More than 37 malware families specific for Android. • Malware found even in official markets.

  4. Android Security Native security mechanisms? • Sandboxing • Permissions

  5. The Permission System • Access Controlmechanism. • Declaredbyappdeveloperin Manifest file.

  6. The Permission System (1) • Who takes the decision on Application Security? • THE USER!!

  7. The Permission System (2) • Several users do not understand or care about permissions. • The user can only accept all the permissions or abort the installation. • Too rough grained permissions. • Permission overdeclaration.

  8. What we propose • A threat based classification of Android Permissions. • A threat index to assess the hazardousness of an application. • A multi-criteria decision system to help the user in understanding whether an application is secure or not.

  9. Type of threats • Each permission receives a threat score on three parameters. • ACCESS_COARSE_LOCATION • Privacy: 0.6 • System: 0 • Money: 0 • These parameters simply describe which security aspect is threatened by the application’s permissions.

  10. Privacy Threat • Permissions that allow an application to: • Read Contacts • Read text messages • Access user’s accounts and passwords • Read IMEI and location

  11. Money Threat • Permissions that allow an application to: • Perform phone calls. • Send SMS messages. • Use the internet connection. • Modify connection settings.

  12. System Threat • Permissions that allow an application to: • Install/Uninstall applications on the phone. • Enable/Disable connection interfaces (Wi-Fi, Bluetooth, … ). • Switch on/off the smartphone screen.

  13. ThreatLevels High Threat Moderate to High Threat Moderate Threat Low – To –Moderate Threat LowThreat No Threat

  14. Threat Score • Extraction of permissions from the manifest for each application. • Computation of a global threat score. • Ranges from 1 - no permissions required - to 15 - all permissions required. • An application with a score higher than 7 is considered a very dangerous application. • Developer should declare only the necessaries permissions. (Contrast Overdeclaration).

  15. Assessment of App Security • Permissions may not be sufficient to decide whether an application is secure or not. • Applications that really needs several permissions. • Malware that does not require dangerous permissions. • Add more criteria to assess the app quality. • Use of a Multi-Criteria decision System.

  16. Multi-Criteria Decision (1) • Analytic Hierarchic Process (AHP) • Gives an objective decision using subjective criteria. • Highly flexible and customizable.

  17. AnalyticHierarchicProcess

  18. Multi Criteria Decision (2) • Criteria • Global threat score • Developer Reputation • Marketplace • Number of downloads • User Rating

  19. Final Decision • An application can be considered by AHP as: • Trusted: Secure and Reliable. • Deceptive: Bogus or generally low quality application. • Untrusted: Shows several security issues.

  20. ComparisonMatrices • Tellhowmuch a decision (alternative) isrelevant with respect to a criterion. • Example: Top Developer

  21. Example: Baseball Superstar • Two versions of the same game, Vers. A, Vers. B. • Threat score: • Vers. A: 1 • Vers. B: 7,3 • AHP decide that Vers. A is trusted, Vers. B is untrusted. • Vers. B is trojanized by the Geinimi malware.

  22. Example: Skype • Skype requires several permissions to work properly. (Threat Score: 6,8). • Market: Official • Downloads: More than 10 millions. • Rating: 4 / 5 • AHP decision: Trusted!

  23. Results • 180 Android applications coming from different marketplaces.

  24. Conclusions • We have defined a simple but effective permission classification system. • We provide the user with an app analysis tool: • Static (computation can be performed offline). • Easily understandable. • Force developers to carefully choose the required permissions.

  25. Future Works • Inclusion of a reputation parameters based on user feedbacks. • Test the system on a larger application set, with different settings for AHP. • Inclusion of sub-criteria in the AHP decision system.

  26. Thanks! andrea.saracino@iit.cnr.it

More Related