Android App behavior-intent inference based on API usage analysis

doi:10.16511/j.cnki.qhdxxb.2017.26.057

Abstract
Figures/Tables
References
Related Articles
Metrics

Download: PDF(3377 KB)
Export: BibTeX | EndNote | Reference Manager | ProCite | RefWorks

Abstract An application behavior intention analysis is presented which analyzes the application program interface (API) usage in the background and the graphic user interface (GUI) state transitions in the foreground of the target App with behavior pattern recognition of the multivariate time series data at runtime. An API usage analysis based behavior intent inferring prototype was developed for Android Apps with static preprocessing, dynamic monitoring and behavior intent inference. This paper examines the effectiveness of the prototype on typical mobile Apps via case studies and validates the practicability and operability of the approach through real-world App profiling.

Keywords data security Android application API usage application behavior dynamic analysis

ZTFLH:

TP309.2

Issue Date: 15 November 2017

	Service

	E-mail this article
	E-mail Alert
	RSS
	Articles by authors

	SHEN Ke
	YE Xiaojun
	LIU Xiaonan
	LI Bin

Cite this article:

SHEN Ke,YE Xiaojun,LIU Xiaonan, et al. Android App behavior-intent inference based on API usage analysis[J]. Journal of Tsinghua University(Science and Technology), 2017, 57(11): 1139-1144.

URL:

http://jst.tsinghuajournals.com/EN/10.16511/j.cnki.qhdxxb.2017.26.057 OR http://jst.tsinghuajournals.com/EN/Y2017/V57/I11/1139

[1]	Arzt S, Rasthofer S, Fritz C, et al. Flowdroid:Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps[J]. ACM SIGPLAN Notices, 2014, 49(6):259-269.
[2]	Li L, Bartel A, Bissyande T F, et al. Iccta:Detecting inter-component privacy leaks in Android Apps[C]//Proceedings of the 37th ICSE. Florence, Italy:IEEE, 2015:280-291.
[3]	Wei F, Roy S, Ou X, et al. Amandroid:A precise and general inter-component data flow analysis framework for security vetting of Android Apps[C]//Proceedings of the 2014 ACM SIGSAC. Scottsdale, AZ, USA:ACM, 2014:1329-1341.
[4]	Yang Z, Yang M, Zhang Y, et al. Appintent:Analyzing sensitive data transmission in Android for privacy leakage detection[C]//Proceedings of the SIGSAC. Berlin, German, 2013:1043-1054.
[5]	Huang J, Zhang X, Tan L, et al. AsDroid:Detecting stealthy behaviors in Android applications by user interface and program behavior contradiction[C]//Proceedings of the 36th ICSE. Hyderabad, India:ACM, 2014:1036-1046.
[6]	Bayer U, Comparetti P M, Hlauschek C, et al. Scalable, behavior-based malware clustering[C]//Network and Distributed System Security Symposium. San Diego, CA, USA:NDSS, 2009:8-11.
[7]	Burguera I, Zurutuza U, Nadjm-Tehrani S. Crowdroid:Behavior-based malware detection system for Android[C]//Proceedings of the Security and Privacy in Smartphones and Mobile Devices. Chicago, IL USA:ACM, 2011:15-26.
[8]	Jang J W, Yun J, Woo J, et al. Android-profiler:Anti-malware system based on behavior profiling of mobile malware[C]//Proceedings of the 23rd WWW. Seoul, Korea:2014:737-738.
[9]	Yan L K, Yin H. Droidscope:Seamlessly reconstructing the os and dalvik semantic views for dynamic Android malware analysis[C]//USENIX Security Symposium. Bellevue, WA, USA:2012:569-584.
[10]	Lantz P. Droidbox:Dynamic analysis of Android Apps[EB/OL].[2017-04-24]. https://github.com/pjlantz/droidbox.
[11]	Hamilton J D. Time Series Analysis[M]. Princeton:Princeton University Press, 1994.
[12]	Winsniewski R, Tumbleson C. Apktool[EB/OL].[2017-04-24]. http://ibotpeaches.github.io/Apktool/. url: http://ibotpeaches.github.io/apktool/.
[13]	Zheng M, Sun M, Lui J. Droidtrace:A ptrace based Android dynamic analysis system with forward ution capability[C]//Proceeding of the IWCMC. Jersey City, NJ, USA:IEEE, 2014:128-133.
[14]	Roberts J M. Virusshare[EB/OL].[2017-04-24]. https://virusshare.com/.

[1]	LUO Rongkang, YU Zhihao, WU Peibao, HOU Zhichao. Dynamic analysis of flexible coupling for an electric wheel with a suspended drive motor[J]. Journal of Tsinghua University(Science and Technology), 2024, 64(1): 25-32.
[2]	WANG Haoran, XIE Hui, CHEN Yongcan, LIU Kang, LI Zhengwen, LI Yonglong. Intelligent detection and numerical simulation analysis of concrete abrasion of astilling basin floor[J]. Journal of Tsinghua University(Science and Technology), 2023, 63(7): 1095-1103.
[3]	WU Qingjian, WU Hongyu, JIANG Zhihong, YANG Yunqiang, YAN Shaoze, TAN Lijie. Control parameter optimization of underwater gliders for underwater fixed-point exploration missions[J]. Journal of Tsinghua University(Science and Technology), 2023, 63(1): 62-70.
[4]	YANG Xie, SHI Lei. Thermodynamic analysis of closed Brayton cycles for space reactor power system[J]. Journal of Tsinghua University(Science and Technology), 2018, 58(9): 821-826.
[5]	FANG Yong, LIU Daosheng, HUANG Cheng. Detecting of fake accounts with hierarchical clustering[J]. Journal of Tsinghua University(Science and Technology), 2017, 57(6): 620-624.
[6]	LI Zhi, YANG Xiaoyong, WANG Jie, ZHANG Zuoyi. Thermodynamic analysis of a Brayton cycle system for a space power reactor[J]. Journal of Tsinghua University(Science and Technology), 2017, 57(5): 537-543,549.
[7]	HAN Xinhui, DING Yijing, WANG Dongqi, LI Tongxin, YE Zhiyuan. Android malicious AD threat analysis and detection techniques[J]. Journal of Tsinghua University(Science and Technology), 2016, 56(5): 468-477.
[8]	LI Zhoujun, WU Chunming, WANG Xiao. Assessment of Android application's risk behavior based on a sandbox system[J]. Journal of Tsinghua University(Science and Technology), 2016, 56(5): 453-460.

Viewed

Full text

Abstract

Cited

Shared

Discussed