期刊文献+

基于多重对应分析的Android应用安全等级评估 被引量:3

The Security Level Assessment Model for Android Application Based on Multiple Correspondence Analysis
原文传递
导出
摘要 随着Android移动终端的普及,Android操作系统已经成为了越来越多的恶意软件攻击的目标。然而不同恶意软件的威胁程度是不同的,例如窃取用户银行账户的应用的威胁性要远大于读取用户联系人的应用的威胁性。因此本文针对这个问题提出了Android手机应用安全等级评估的模型,可以为用户使用的Android手机应用提供不同安全评级。模型首先基于正负相关的卡方检验算法得到安全属性安全值,重点利用多重对应分析方法得到安全属性组合安全值,最后根据前面获得的安全值评定Android手机应用安全等级。通过关联规则实验对安全等级评估模型进行验证,对安全属性安全值和安全属性组合安全值进行分析,实验结果表明该模型是准确有效的。 With the popularity of android smart-phone, the android OS has being become the target of more and more malwares. However, different malwares have different threat. For example, stealing users' bank account information poses a greater threat than the application to load users' contacts. So this paper provides an assessment model of android application security level, providing different security levels for different android applications. Firstly, our model obtains the security value of security attribute by the Chi-square test based on positive and negative correlation and then uses multiple correspondence analysis method to get security value of security attribute combination. Finally, we assess the security level of android applications according to the security values before. We validate the security level of the assessment model with the association rules, analyze the security value of security attribute and the security value of security attribute combination, the experimental results show that our model is accurate and effective.
出处 《电子技术(上海)》 2016年第8期72-78,共7页 Electronic Technology
基金 安徽省自然科学基金项目(No.11040606M131)
关键词 ANDROID操作系统 多重对应分析 安全等级评估模型 安全值 安全属性 Android Os multiple correspondence analysis security level assessment model security values safety attributes
  • 相关文献

参考文献18

  • 1Adamo J M. Data mining for association rules and sequential patterns:sequential and parallel algorithrns[M].Springer Science & Business Media,2012.
  • 2Shabtai A, Kanonov U, Elovici Y, et al. "Andromaly": a behavioral malware detection framework for android devices[J]. Journal of Intelligent Information Systems, 2012, 38(1): 161-190.
  • 3Kraus L, Wechsung I, Moller S. Using Statistical Information to Communicate Android PermissionRisks to Users[C]//Socio-Technical Aspects in Security and Trust (STAST), 2014 Workshop on. IEEE, 2014: 48-55.
  • 4Sanz B, Santos I, Laorden C, et al. On the automatic categorisation of android applications[C] //Consumer Communications and Networking Conference (CCNC), 2012 IEEE. IEEE, 2012: 149-153.
  • 5Gallo R, Hongo P, Dahab R, et al. Security and system architecture:comparison of Android customizations[C]//Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks.ACM, 2015: 12.
  • 6Chia P H, Yamarnoto Y, Asokan N. Is this app safe?: a large scale study on application permissions and risk signals[C]//Proceedings of the 21 st international conference on World Wide Web. ACM, 2012: 311-320.
  • 7Peng H, Gates C, Sarma B, et al. Using probabilistic generative models for ranking risks of android apps[C]//Proceedings of the 2012 ACM conference on Computer and communications security. ACM, 2012: 241-252.
  • 8Zhou Y, Wang Z, Zhou W, et al. Hey, You, Get Off of My Market:Detecting Malicious Apps in Official and Alternative Android Market-s[C]//NDSS. 2012.
  • 9Chakradeo S, Reaves B, Traynor P, et al. Mast: triage for market-scale mobile malware analysis[C] //proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks. ACM, 2013:13-24.
  • 10Barrera D, Kayacik H G, van Oorschot P C, et al. A methodology for empirical analysis of permission-based security models and its application to android [C] // Proceedings of the 17th ACM conference on Computer and communications security. ACM, 2010: 73-84.

同被引文献16

引证文献3

二级引证文献4

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部