تخمین مخاطرات امنیتی نرم افزارهای اندروید با استفاده از بهره اطلاعاتی

نویسنده

دانشگاه هوایی شهید ستاری

چکیده

با گسترش روز افزون بدافزارها در اندروید به عنوان پرکاربردترین سیستم عامل همراه، دانستن میزان خطر امنیتی هر نرم‌افزار می‌تواند در اعلام هشدار به کاربر نسبت به استفاده از بدافزارهای احتمالی، مؤثر باشد. مخاطرات امنیتی نرم افزارهای اندروید از طریق مجوزهای درخواستی آنها قابل تخمین است. در این مقاله با توجه به میزان سوء استفاده از مجوزهای درخواستی توسط بدافزارهای شناخته شده قبلی، مفهوم مجوز بحرانی به صورت دقیقتری تعریف شده است. بر اساس این تعریف و با تحلیل مجوزهای درخواستی توسط بدافزارها و نرم افزارهای مفید شناخته شده، معیار جدیدی به منظور اندازه‌گیری خطر امنیتی نرم‌افزارهای اندروید ارائه شده است. در این معیار مجوزهایی اثر بیشتری در محاسبه مقدار خطر امنیتی دارند که بهره اطلاعاتی بیشتری در تمایز بدافزارها داشته باشند. آزمایشهای صورت گرفته نشان دهنده نرخ تشخیص بالاتر و قابلیت تعمیم‌پذیری بیشتر معیار ارائه شده نسبت به معیارهای قبلی است.

کلیدواژه‌ها


C. Wilson, “Botnets, cybercrime, and cyberterrorism: Vulnerabilities and policy issues for congress,” Washington, DC, 2008.
C. S. Gates, J. Chen, N. Li, and R. W. Proctor, “Effective risk communication for android apps,” Dependable and Secure Computing, IEEE Transactions on, vol. 11, no. 3, 2014, pp. 252-265.
C. S. Gates, N. Li, H. Peng, B. Sarma, Y. Qi, R. Potharaju, and I. Molloy, “Generating summary risk scores for mobile applications,” Dependable and Secure Computing, IEEE Transactions on, vol. 11, no. 3, pp. 238-251, 2014.
E. Chin, A. P. Felt, V. Sekar, and D. Wagner, “Measuring user confidence in smartphone security and privacy,” In Proceedings of the Eighth Symposium on Usable Privacy and Security, ACM, July 2012.
A. P. Felt, K. Greenwood, and D. Wagner, “The effectiveness of application permissions,” In Proceedings of the 2nd USENIX conference on Web application development, p. 7, June 2011.
A. P. Felt, E. Ha, S. Egelman, A. Haney, E. Chin, and D. Wagner, “Android permissions: User attention, comprehension, and behavior,” Tech. Rep. UCB/EECS-2012-26, UC Berkeley, 2012.
P. G. Kelley, S. Consolvo, L. F. Cranor, J. Jung, N. Sadeh, and D. Wetherall, “A conundrum of permissions: installing applications on an android smartphone,” In Financial Cryptography and Data Security, Springer Berlin Heidelberg, pp. 68-79, 2012.
P. G. Kelley, L. F. Cranor, and N. Sadeh, “Privacy as part of the app decision-making process,” In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, ACM, pp. 3393-3402, April 2013.
H. Peng, C. Gates, B. Sarma, N. Li, Y. Qi, R. Potharaju, and I. Molloy, “Using probabilistic generative models for ranking risks of android apps,” In Proceedings of the 2012 ACM conference on Computer and communications security, ACM, pp. 241-252, October 2012.
D. Geneiatakis, I. N. Fovino, I. Kounelis, and P. Stirparo, “A Permission verification approach for android mobile applications,” Computers & Security, vo49, pp.192-205, 2015.
B. P. Sarma, N. Li, C. Gates, R. Potharaju, C. Nita-Rotaru, and I. Molloy, “Android permissions: a perspective combining risks and benefits,” In Proceedings of the 17th ACM symposium on Access Control Models and Technologies, June 2012, pp. 13-22.
L. Cen, C. Gates, L.Si, and N. Li, “A probabilistic discriminative model for android malware detection with decompiled source code,” In Dependable and Secure Computing, IEEE Transactions on, vol. 12, no. 4, 2015, pp. 400-412.
A. Desnos, “Android: Static analysis using similarity distance,” In System Science (HICSS), 2012 45th Hawaii International Conference on, January 2012, pp. 5394-5403.
A. D. Schmidt, R. Bye, H. G. Schmidt, J. Clausen, O. Kiraz, K. Yüksel, and S. Albayrak, “Static analysis of executables for collaborative malware detection on android,” In Communications, 2009. ICC'09. IEEE International Conference on, June 2009, pp. 1-5.
Y. Zhou, Z. Wang, W. Zhou, and X. Jiang, “Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets,” In NDSS, vol. 25, no. 4, pp. 50-52, February 2012.
Y. Aafer, W. Du, and H. Yin, “Droid API Miner: Mining API-level features for robust malware detection in android,” In Security and Privacy in Communication Networks, pp. 86-103, 2013.
M. Christodorescu, S. Jha, and C. Kruegel, “Mining specifications of malicious behavior,” In Proceedings of the 1st India software engineering conference, ACM, pp. 5-14, February 2008.
K. Rieck, T. Holz, C. Willems, P. Düssel, and P. Laskov, “Learning and classification of malware behavior,” In Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 108-125, 2008.
A. Shabtai and Y. Elovici, “Applying behavioral detection on android-based devices,” In Mobile Wireless Middleware, Operating Systems and Applications, pp. 235-249, 2010.
I. Burguera, U. Zurutuza, and S. Nadjm-Tehrani, “Crowdroid: behavior-based malware detection system for android,” In Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, pp. 15-26, October 2011.
Y. Zhou, and X. Jiang, “Dissecting android malware: Characterization and evolution”, In Security and Privacy (SP), 2012 IEEE Symposium on, May 2012, pp. 95-109.
D. Barrera, H. G. Kayacik, P. C. van Oorschot, and A. Somayaji, “A methodology for empirical analysis of permission-based security models and its application to android,” In Proceedings of the 17th ACM conference on Computer and communications security, pp. 73-84, October 2010.
W. Enck, D. Octeau, P. McDaniel, and S. Chaudhuri, “A Study of Android Application Security,” In USENIX security symposium, vol. 2, p. 2, August 2011.
W. Enck, M. Ongtang, and P. McDaniel, “On lightweight mobile phone application certification,” In Proceedings of the 16th ACM conference on Computer and communications security, pp. 235-245, November 2009.
S. Chakradeo, B. Reaves, P. Traynor, and W. Enck, “Mast: triage for market-scale mobile malware analysis,” In Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks, pp. 13-24, April 2013.
K. W. Y. Au, Y. F. Zhou, Z. Huang, and D. Lie, “Pscout: analyzing the android permission specification,” In Proceedings of the 2012 ACM conference on Computer and communications security, October 2012, pp. 217-228.
R. Quinlan, “Learning efficient classification procedures,” Machine Learning: an artificial intelligence approach, Michalski, Carbonell & Mitchell (eds.), Morgan Kaufmann, pp. 463-482, 1983.
S. Koochaki and M. Abdollahi Azgomi, “A Method for Fluid Modeling of the Propagation Behavior of Malware In Scale-Free Networks,” Journal of Electronical & Cyber Defence, vol. 4, no. 4, pp. 1-10, 2017 (In Persian).