Potential Component Leaks in Android Apps: An Investigation into a New Feature Set for Malware Detection

Li Li; Kevin Allix; Daoyuan Li; Alexandre Bartel; Tegawendé F. Bissyandé; Jacques Klein

doi:10.1109/QRS.2015.36

Potential Component Leaks in Android Apps: An Investigation into a New Feature Set for Malware Detection

Li Li
, Kevin Allix
, Daoyuan Li
, Alexandre Bartel
, Tegawendé F. Bissyandé
, Jacques Klein

University of Luxembourg
Technische Universität Darmstadt

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

24 Scopus citations

Abstract

We discuss the capability of a new feature set for malware detection based on potential component leaks (PCLs). PCLs are defined as sensitive data-flows that involve Android inter-component communications. We show that PCLs are common in Android apps and that malicious applications indeed manipulate significantly more PCLs than benign apps. Then, we evaluate a machine learning-based approach relying on PCLs. Experimental validations show high performance for identifying malware, demonstrating that PCLs can be used for discriminating malicious apps from benign apps.

Original language	English
Title of host publication	Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	195-200
Number of pages	6
ISBN (Electronic)	9781467379892
DOIs	https://doi.org/10.1109/QRS.2015.36
State	Published - 21 Sep 2015
Externally published	Yes
Event	IEEE International Conference on Software Quality, Reliability and Security, QRS 2015 - Vancouver, Canada Duration: 3 Aug 2015 → 5 Aug 2015

Publication series

Name	Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015

Conference

Conference	IEEE International Conference on Software Quality, Reliability and Security, QRS 2015
Country/Territory	Canada
City	Vancouver
Period	3/08/15 → 5/08/15

Access to Document

10.1109/QRS.2015.36

Cite this

Li, L., Allix, K., Li, D., Bartel, A., Bissyandé, T. F., & Klein, J. (2015). Potential Component Leaks in Android Apps: An Investigation into a New Feature Set for Malware Detection. In Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015 (pp. 195-200). Article 7272932 (Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/QRS.2015.36

Li, Li ; Allix, Kevin ; Li, Daoyuan et al. / Potential Component Leaks in Android Apps : An Investigation into a New Feature Set for Malware Detection. Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015. Institute of Electrical and Electronics Engineers Inc., 2015. pp. 195-200 (Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015).

@inproceedings{3182129b046d4fcb911e6bab1b762d07,

title = "Potential Component Leaks in Android Apps: An Investigation into a New Feature Set for Malware Detection",

abstract = "We discuss the capability of a new feature set for malware detection based on potential component leaks (PCLs). PCLs are defined as sensitive data-flows that involve Android inter-component communications. We show that PCLs are common in Android apps and that malicious applications indeed manipulate significantly more PCLs than benign apps. Then, we evaluate a machine learning-based approach relying on PCLs. Experimental validations show high performance for identifying malware, demonstrating that PCLs can be used for discriminating malicious apps from benign apps.",

author = "Li Li and Kevin Allix and Daoyuan Li and Alexandre Bartel and Bissyand{\'e}, \{Tegawend{\'e} F.\} and Jacques Klein",

note = "Publisher Copyright: {\textcopyright} 2015 IEEE.; IEEE International Conference on Software Quality, Reliability and Security, QRS 2015 ; Conference date: 03-08-2015 Through 05-08-2015",

year = "2015",

month = sep,

day = "21",

doi = "10.1109/QRS.2015.36",

language = "英语",

series = "Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "195--200",

booktitle = "Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015",

address = "美国",

}

Li, L, Allix, K, Li, D, Bartel, A, Bissyandé, TF & Klein, J 2015, Potential Component Leaks in Android Apps: An Investigation into a New Feature Set for Malware Detection. in Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015., 7272932, Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015, Institute of Electrical and Electronics Engineers Inc., pp. 195-200, IEEE International Conference on Software Quality, Reliability and Security, QRS 2015, Vancouver, Canada, 3/08/15. https://doi.org/10.1109/QRS.2015.36

Potential Component Leaks in Android Apps: An Investigation into a New Feature Set for Malware Detection. / Li, Li; Allix, Kevin; Li, Daoyuan et al.
Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015. Institute of Electrical and Electronics Engineers Inc., 2015. p. 195-200 7272932 (Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Potential Component Leaks in Android Apps

T2 - IEEE International Conference on Software Quality, Reliability and Security, QRS 2015

AU - Li, Li

AU - Allix, Kevin

AU - Li, Daoyuan

AU - Bartel, Alexandre

AU - Bissyandé, Tegawendé F.

AU - Klein, Jacques

PY - 2015/9/21

Y1 - 2015/9/21

N2 - We discuss the capability of a new feature set for malware detection based on potential component leaks (PCLs). PCLs are defined as sensitive data-flows that involve Android inter-component communications. We show that PCLs are common in Android apps and that malicious applications indeed manipulate significantly more PCLs than benign apps. Then, we evaluate a machine learning-based approach relying on PCLs. Experimental validations show high performance for identifying malware, demonstrating that PCLs can be used for discriminating malicious apps from benign apps.

AB - We discuss the capability of a new feature set for malware detection based on potential component leaks (PCLs). PCLs are defined as sensitive data-flows that involve Android inter-component communications. We show that PCLs are common in Android apps and that malicious applications indeed manipulate significantly more PCLs than benign apps. Then, we evaluate a machine learning-based approach relying on PCLs. Experimental validations show high performance for identifying malware, demonstrating that PCLs can be used for discriminating malicious apps from benign apps.

UR - https://www.scopus.com/pages/publications/84962109836

U2 - 10.1109/QRS.2015.36

DO - 10.1109/QRS.2015.36

M3 - 会议稿件

AN - SCOPUS:84962109836

T3 - Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015

SP - 195

EP - 200

BT - Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 3 August 2015 through 5 August 2015

ER -

Li L, Allix K, Li D, Bartel A, Bissyandé TF, Klein J. Potential Component Leaks in Android Apps: An Investigation into a New Feature Set for Malware Detection. In Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015. Institute of Electrical and Electronics Engineers Inc. 2015. p. 195-200. 7272932. (Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015). doi: 10.1109/QRS.2015.36

Potential Component Leaks in Android Apps: An Investigation into a New Feature Set for Malware Detection

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this