Android Application Install-time Permission Validation and Run-time Malicious Pattern Detection

dc.contributor.authorMa, Zhongminen
dc.contributor.committeechairClancy, Thomas Charles IIIen
dc.contributor.committeememberSilva, Luiz A.en
dc.contributor.committeememberLou, Wenjingen
dc.contributor.departmentElectrical and Computer Engineeringen
dc.date.accessioned2014-02-01T09:00:11Zen
dc.date.available2014-02-01T09:00:11Zen
dc.date.issued2014-01-31en
dc.description.abstractThe open source structure of Android applications introduces security vulnerabilities that can be readily exploited by third-party applications. We address certain vulnerabilities at both installation and runtime using machine learning. Effective classification techniques with neural networks can be used to verify the application categories on installation. We devise a novel application category verification methodology that involves machine learning the application permissions and estimating the likelihoods of different categories. To detect malicious patterns in runtime, we present a Hidden Markov Model (HMM) method to analyze the activity usage by tracking Intent log information. After applying our technique to nearly 1,700 popular third-party Android applications and malware, we report that a major portion of the category declarations were judged correctly. This demonstrates the effectiveness of neural network decision engines in validating Android application categories. The approach, using HMM to analyze the Intent log for the detection of malicious runtime behavior, is new. The test results show promise with a limited input dataset (69.7% accuracy). To improve the performance, further work will be carried out to: increase the dataset size by adding game applications, to optimize Baum-Welch algorithm parameters, and to balance the size of the Intent sequence. To better emulate the participant's usage, some popular applications can be selected in advance, and the remainder can be randomly chosen.en
dc.description.degreeMaster of Scienceen
dc.format.mediumETDen
dc.identifier.othervt_gsexam:1860en
dc.identifier.urihttp://hdl.handle.net/10919/25238en
dc.publisherVirginia Techen
dc.rightsIn Copyrighten
dc.rights.urihttp://rightsstatements.org/vocab/InC/1.0/en
dc.subjectAndroiden
dc.subjectSecurityen
dc.subjectAndroid Permission Labelen
dc.subjectMachine Learning Neural Networken
dc.subjectActionen
dc.subjectIntenten
dc.subjectIntent Logen
dc.subjectHidden Markov Modelen
dc.titleAndroid Application Install-time Permission Validation and Run-time Malicious Pattern Detectionen
dc.typeThesisen
thesis.degree.disciplineComputer Engineeringen
thesis.degree.grantorVirginia Polytechnic Institute and State Universityen
thesis.degree.levelmastersen
thesis.degree.nameMaster of Scienceen

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Ma_Z_T_2014.pdf
Size:
1.08 MB
Format:
Adobe Portable Document Format

Collections