Assessment of Android application's risk behavior based on a sandbox system

doi:10.16511/j.cnki.qhdxxb.2016.25.001

Abstract
Figures/Tables
References
Related Articles
Metrics

Download: PDF(1508 KB)
Export: BibTeX | EndNote | Reference Manager | ProCite | RefWorks

Abstract Android has become the most popular operating system on mobile devices. However, the Android is an open source system with billions of applications. More users are choosing Android, so Android security problems are receiving much attention in the industry. Android of malware is already a major problem and cannot be avoided in the Android ecosystem. This paper describes a sandbox system based on Android 4.1.2 which can dynamically monitor and record application behavior. A risk assessment approach based on behavior analysis is given so that users can get an explicit risk prognosis for an application to improve their safety. Tests on malware and normal application samples verify the effectiveness of this risk assessment approach.

Keywords Android applications sandbox behavior analysis risk assessment

ZTFLH:

TP309.2

Issue Date: 15 May 2016

	Service

	E-mail this article
	E-mail Alert
	RSS
	Articles by authors

	LI Zhoujun
	WU Chunming
	WANG Xiao

Cite this article:

LI Zhoujun,WU Chunming,WANG Xiao. Assessment of Android application's risk behavior based on a sandbox system[J]. Journal of Tsinghua University(Science and Technology), 2016, 56(5): 453-460.

URL:

http://jst.tsinghuajournals.com/EN/10.16511/j.cnki.qhdxxb.2016.25.001 OR http://jst.tsinghuajournals.com/EN/Y2016/V56/I5/453

[1] SCAP中文社区. Android漏洞信息库[Z/OL]. (2013-12-20). http://android.scap.org.cn. The SCAP Community of China. Android vulnerbilities database[Z/OL]. (2013-12-20). http://android.scap.org.cn. (in Chinese)
[2] 赛门铁克安全响应中心. 《互联网安全威胁报告》[Z/OL]. http://www.symantec.com/zh/cn/security_response/publications/threatreport.jsp. Symantec Security and Response Center. A survey of global security threat on the internet[Z/OL]. http://www.symantec.com/zh/cn/security_response/publications/threa-treport.jsp. (in Chinese)
[3] 张玉清, 王凯, 杨欢, 等. Android安全综述[J]. 计算机研究与发展, 2014,51(7):1385-1396. ZHANG Yuqing, WANG Kai, YANG Huan, et al. Survey of Android OS security[J].Journal of Computer Research and Development, 2014,51(7):1385-1396. (in Chinese)
[4] Enck W, Gilbert P, Chun B G, et al. TaintDroid:An information flow tracking system for real-time privacy monitoring on smartphones[J].Communications of the ACM, 2014,57(3):99-106.
[5] Reina A, Fattori A, Cavallaro L. A system call-centric analysis and stimulation technique to automatically reconstruct Android malware behaviors[C]//Proceedings of European Workshop on Systems Security. Prague, Czech Republic:EuroSec, 2013:135-141.
[6] Wei X, Gomez L, Neamtiu I, et al. ProfileDroid:Multi-layer profiling of Android applications[C]//Proceedings of the 18th Annual International Conference on Mobile Computing and Networking. Istanbul, Turkey:ACM, 2012:137-148.
[7] Yan L K, Yin H. DroidScope:Seamlessly reconstructing the OS and dalvik semantic views for dynamic Android malware analysis[C]//Proceedings of the 21st USENIX Conference on Security Symposium. Washington DC, USA:USENIX Security Symposium, 2012:569-584.
[8] Zhang Y, Yang M, Xu B, et al. Vetting undesirable behaviors in Android apps with permission use analysis[C]//Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security. Hangzhou, China:ACM, 2013:611-622.
[9] Chen K Z, Johnson N M, D'Silva V, et al. Contextual policy enforcement in Android applications with permission event graphs[C]//Proceedings of 20th Annual Network & Distributed System Security Symposium. San Diego, USA:NDSS, 2013.
[10] Wu D J, Mao C H, Wei T E, et al. Droidmat:Android malware detection through manifest and API calls tracing[C]//Information Security (Asia JCIS), 2012 Seventh Asia Joint Conference. Tokyo, Japan:IEEE, 2012:62-69.
[11] Bläsing T, Batyuk L, Schmidt A D, et al. An android application sandbox system for suspicious software detection[C]//Malicious and Unwanted Software (MALWARE), 20105th International Conference. Nancy, France:IEEE, 2010:55-62.
[12] Wikipedia. Java native interface[Z/OL]. http://en.wikipedia.org/wiki/Java_Native_Interface.
[13] HAN T S, Kobayashi K. Mathematics of Information and Coding[M]. Washington, DC:American Mathematical Society, 2002.
[14] CM3. CaffeineMark[Z/OL]. http://www.benchmarkhq.ru/cm30/info.html.

[1]	DU Yuji, FU Ming, DUANMU Weike, HOU Longfei, LI Jing. Risk assessment method of gas pipeline networks based on fuzzy analytic hierarchy process and improved coefficient of variation[J]. Journal of Tsinghua University(Science and Technology), 2023, 63(6): 941-950.
[2]	HU Jun, SHU Xueming, XIE Xuecai, YAN Jun, ZHANG Lei. Building fire insurance premium rate based on quantitative risk assessment[J]. Journal of Tsinghua University(Science and Technology), 2023, 63(5): 775-782.
[3]	SHEN Kaixin, HE Zhichao, WENG Wenguo. Synergistic physical effects of domino accidents in the chemical industry[J]. Journal of Tsinghua University(Science and Technology), 2022, 62(10): 1559-1570.
[4]	SHU Xueming, YAN Jun, HU Jun, WU Jinjin, DENG Boyu. Risk assessment model for building fires based on a Bayesian network[J]. Journal of Tsinghua University(Science and Technology), 2020, 60(4): 321-327.
[5]	CHEN Yu, WANG Na, WANG Jindong. An n-fold reduction of linguistic variables based on the triangular fuzzy numbers[J]. Journal of Tsinghua University(Science and Technology), 2017, 57(8): 892-896.
[6]	MA Gang, DU Yuge, YANG Xi, ZHANG Bo, SHI Zhongzhi. Risk assessment expert system for the complex system[J]. Journal of Tsinghua University(Science and Technology), 2016, 56(1): 66-76,82.
[7]	SU Boni, HUANG Hong, ZHANG Nan. Dynamic urban waterlogging risk assessment method based on scenario simulations[J]. Journal of Tsinghua University(Science and Technology), 2015, 55(6): 684-690.
[8]	CHEN Yuanlin, CHAI Yueting, LIU Yi, XU Yang. Transaction rating credibility based on user group preference[J]. Journal of Tsinghua University(Science and Technology), 2015, 55(5): 558-564,571.
[9]	ZHAO Jinlong, TANG Qing, HUANG Hong, SU Boni, LI Yuntao, FU Ming. Quantitative risk assessment of external floating roof tank areas based on the numerical simulations[J]. Journal of Tsinghua University(Science and Technology), 2015, 55(10): 1143-1149.
[10]	Yi LIU,Long LIU,Wangfeng LI,Yebin DONG,Xiuqing ZHANG. Modeling regional atmospheric risks of petrochemical park planning[J]. Journal of Tsinghua University(Science and Technology), 2015, 55(1): 80-86.
[11]	Gang MA, Yuge DU, Jiang RONG, Jiarui GAN, Zhongzhi SHI, Bo AN. Risk assessment of complex information system security based on threat propagation[J]. Journal of Tsinghua University(Science and Technology), 2014, 54(1): 35-43.
[12]	Dejin WANG, Changqing JIANG, Yong PENG. Attack graph generation method based the security domain on industrial control systems[J]. Journal of Tsinghua University(Science and Technology), 2014, 54(1): 44-52.

Viewed

Full text

Abstract

Cited

Shared

Discussed