VTechWorks staff will be away for the Thanksgiving holiday beginning at noon on Wednesday, November 27, through Friday, November 29. We will resume normal operations on Monday, December 2. Thank you for your patience.
 

Understanding Application Behaviours for Android Security: A Systematic Characterization

dc.contributor.authorCai, Haipengen
dc.contributor.authorRyder, Barbara G.en
dc.contributor.departmentComputer Scienceen
dc.date.accessioned2016-06-30T14:10:38Zen
dc.date.available2016-06-30T14:10:38Zen
dc.date.issued2016en
dc.description.abstractIn contrast to most existing research on Android focusing on specific security issues, there is little broad understanding of Android application run-time characteristics and their security implications. To mitigate this gap, we present the first dynamic characterization study of Android applications that targets such a broad understanding for Android security. Through lightweight method-level profiling, we have collected 33GB traces of method calls and inter-component communication (ICC) from 114 popular Android applications on Google Play and 61 communicating pairs among them that enabled an extensive empirical investigation of the run-time behaviours of Android applications. Our study revealed that (1) the Android framework was the target of 88.3% of all calls during application executions, (2) callbacks accounted for merely 3% of the total method calls, (3) 75% of ICCs did not carry any data payloads with those doing so preferring bundles over URIs, (4) 85% of sensitive data sources and sinks targeted one or two top categories of information or operations which were also most likely to constitute data leaks. We discuss the security implications of our findings to secure development and effective security defense of modern Android applications.en
dc.identifier.trnumberTR-16-05en
dc.identifier.urihttp://hdl.handle.net/10919/71678en
dc.language.isoenen
dc.publisherDepartment of Computer Science, Virginia Polytechnic Institute & State Universityen
dc.relation.ispartofComputer Science Technical Reportsen
dc.rightsIn Copyrighten
dc.rights.urihttp://rightsstatements.org/vocab/InC/1.0/en
dc.subjectComputer securityen
dc.subjectGoogle Playen
dc.subjectMobile applicationsen
dc.subjectAndroid frameworken
dc.subjectCybersecurityen
dc.titleUnderstanding Application Behaviours for Android Security: A Systematic Characterizationen
dc.typeTechnical reporten
dc.type.dcmitypeTexten

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
cairyder_techreport.pdf
Size:
424.02 KB
Format:
Adobe Portable Document Format
License bundle
Now showing 1 - 1 of 1
Name:
license.txt
Size:
1.5 KB
Format:
Item-specific license agreed upon to submission
Description: