Journal article 720 views 64 downloads
Towards a threat assessment framework for apps collusion
Harsha Kumara Kalutarage 
,
Hoang Nguyen ,
Siraj Shaikh
,
Hoang Nguyen ,
Siraj Shaikh
Telecommunication Systems, Volume: 66, Issue: 3, Pages: 417 - 430
Swansea University Authors:
Hoang Nguyen , Siraj Shaikh
-
PDF | Version of Record
© The Author(s) 2017. This article is distributed under the terms of the Creative Commons Attribution 4.0 International License
Download (1.09MB)
DOI (Published version): 10.1007/s11235-017-0296-1
Abstract
App collusion refers to two or more apps working together to achieve a malicious goal that they otherwise would not be able to achieve individually. The permissions based security model of Android does not address this threat as it is rather limited to mitigating risks of individual apps. This paper...
| Published in: | Telecommunication Systems |
|---|---|
| ISSN: | 1018-4864 1572-9451 |
| Published: |
Springer Science and Business Media LLC
2017
|
| Online Access: |
Check full text
|
| URI: | https://cronfa.swan.ac.uk/Record/cronfa61043 |
| first_indexed |
2022-10-14T15:13:47Z |
|---|---|
| last_indexed |
2023-01-13T19:21:36Z |
| id |
cronfa61043 |
| recordtype |
SURis |
| fullrecord |
<?xml version="1.0"?><rfc1807><datestamp>2022-12-15T16:07:50.8532118</datestamp><bib-version>v2</bib-version><id>61043</id><entry>2022-09-05</entry><title>Towards a threat assessment framework for apps collusion</title><swanseaauthors><author><sid>cb24d5c5080534dc5b5e3390f24dd422</sid><ORCID>0000-0003-0260-1697</ORCID><firstname>Hoang</firstname><surname>Nguyen</surname><name>Hoang Nguyen</name><active>true</active><ethesisStudent>false</ethesisStudent></author><author><sid>50117e8faac2d0937989e14847105704</sid><ORCID>0000-0002-0726-3319</ORCID><firstname>Siraj</firstname><surname>Shaikh</surname><name>Siraj Shaikh</name><active>true</active><ethesisStudent>false</ethesisStudent></author></swanseaauthors><date>2022-09-05</date><deptcode>MACS</deptcode><abstract>App collusion refers to two or more apps working together to achieve a malicious goal that they otherwise would not be able to achieve individually. The permissions based security model of Android does not address this threat as it is rather limited to mitigating risks of individual apps. This paper presents a technique for quantifying the collusion threat, essentially the first step towards assessing the collusion risk. The proposed method is useful in finding the collusion candidate of interest which is critical given the high volume of Android apps available. We present our empirical analysis using a classified corpus of over 29,000 Android apps provided by Intel SecurityTM.</abstract><type>Journal Article</type><journal>Telecommunication Systems</journal><volume>66</volume><journalNumber>3</journalNumber><paginationStart>417</paginationStart><paginationEnd>430</paginationEnd><publisher>Springer Science and Business Media LLC</publisher><placeOfPublication/><isbnPrint/><isbnElectronic/><issnPrint>1018-4864</issnPrint><issnElectronic>1572-9451</issnElectronic><keywords>Android security; Apps collusion; Threat assessment; Bayesian; Statistical modelling</keywords><publishedDay>1</publishedDay><publishedMonth>11</publishedMonth><publishedYear>2017</publishedYear><publishedDate>2017-11-01</publishedDate><doi>10.1007/s11235-017-0296-1</doi><url/><notes/><college>COLLEGE NANME</college><department>Mathematics and Computer Science School</department><CollegeCode>COLLEGE CODE</CollegeCode><DepartmentCode>MACS</DepartmentCode><institution>Swansea University</institution><apcterm/><funders>This work is as a result of the App Collusion Detection (ACiD) (http://cs.swan.ac.uk/~csmarkus/ACID/) project funded by the Engineering and Physical Sciences Research Council (EPSRC) of the UK under the grant EP/L022656/1 (http://gow.epsrc.ac.uk/NGBOViewGrant.aspx?GrantRef=EP/L022656/1).</funders><projectreference/><lastEdited>2022-12-15T16:07:50.8532118</lastEdited><Created>2022-09-05T22:38:12.4967336</Created><path><level id="1">Faculty of Science and Engineering</level><level id="2">School of Mathematics and Computer Science - Computer Science</level></path><authors><author><firstname>Harsha Kumara</firstname><surname>Kalutarage</surname><orcid>0000-0001-6430-9558</orcid><order>1</order></author><author><firstname>Hoang</firstname><surname>Nguyen</surname><orcid>0000-0003-0260-1697</orcid><order>2</order></author><author><firstname>Siraj</firstname><surname>Shaikh</surname><orcid>0000-0002-0726-3319</orcid><order>3</order></author></authors><documents><document><filename>61043__25458__66862b924d45499192e782a8d2fb1aed.pdf</filename><originalFilename>61043_VoR.pdf</originalFilename><uploaded>2022-10-14T16:11:27.2334575</uploaded><type>Output</type><contentLength>1143684</contentLength><contentType>application/pdf</contentType><version>Version of Record</version><cronfaStatus>true</cronfaStatus><documentNotes>© The Author(s) 2017. This article is distributed under the terms of the Creative Commons Attribution 4.0 International License</documentNotes><copyrightCorrect>true</copyrightCorrect><language>eng</language><licence>http://creativecommons.org/licenses/by/4.0</licence></document></documents><OutputDurs/></rfc1807> |
| spelling |
2022-12-15T16:07:50.8532118 v2 61043 2022-09-05 Towards a threat assessment framework for apps collusion cb24d5c5080534dc5b5e3390f24dd422 0000-0003-0260-1697 Hoang Nguyen Hoang Nguyen true false 50117e8faac2d0937989e14847105704 0000-0002-0726-3319 Siraj Shaikh Siraj Shaikh true false 2022-09-05 MACS App collusion refers to two or more apps working together to achieve a malicious goal that they otherwise would not be able to achieve individually. The permissions based security model of Android does not address this threat as it is rather limited to mitigating risks of individual apps. This paper presents a technique for quantifying the collusion threat, essentially the first step towards assessing the collusion risk. The proposed method is useful in finding the collusion candidate of interest which is critical given the high volume of Android apps available. We present our empirical analysis using a classified corpus of over 29,000 Android apps provided by Intel SecurityTM. Journal Article Telecommunication Systems 66 3 417 430 Springer Science and Business Media LLC 1018-4864 1572-9451 Android security; Apps collusion; Threat assessment; Bayesian; Statistical modelling 1 11 2017 2017-11-01 10.1007/s11235-017-0296-1 COLLEGE NANME Mathematics and Computer Science School COLLEGE CODE MACS Swansea University This work is as a result of the App Collusion Detection (ACiD) (http://cs.swan.ac.uk/~csmarkus/ACID/) project funded by the Engineering and Physical Sciences Research Council (EPSRC) of the UK under the grant EP/L022656/1 (http://gow.epsrc.ac.uk/NGBOViewGrant.aspx?GrantRef=EP/L022656/1). 2022-12-15T16:07:50.8532118 2022-09-05T22:38:12.4967336 Faculty of Science and Engineering School of Mathematics and Computer Science - Computer Science Harsha Kumara Kalutarage 0000-0001-6430-9558 1 Hoang Nguyen 0000-0003-0260-1697 2 Siraj Shaikh 0000-0002-0726-3319 3 61043__25458__66862b924d45499192e782a8d2fb1aed.pdf 61043_VoR.pdf 2022-10-14T16:11:27.2334575 Output 1143684 application/pdf Version of Record true © The Author(s) 2017. This article is distributed under the terms of the Creative Commons Attribution 4.0 International License true eng http://creativecommons.org/licenses/by/4.0 |
| title |
Towards a threat assessment framework for apps collusion |
| spellingShingle |
Towards a threat assessment framework for apps collusion Hoang Nguyen Siraj Shaikh |
| title_short |
Towards a threat assessment framework for apps collusion |
| title_full |
Towards a threat assessment framework for apps collusion |
| title_fullStr |
Towards a threat assessment framework for apps collusion |
| title_full_unstemmed |
Towards a threat assessment framework for apps collusion |
| title_sort |
Towards a threat assessment framework for apps collusion |
| author_id_str_mv |
cb24d5c5080534dc5b5e3390f24dd422 50117e8faac2d0937989e14847105704 |
| author_id_fullname_str_mv |
cb24d5c5080534dc5b5e3390f24dd422_***_Hoang Nguyen 50117e8faac2d0937989e14847105704_***_Siraj Shaikh |
| author |
Hoang Nguyen Siraj Shaikh |
| author2 |
Harsha Kumara Kalutarage Hoang Nguyen Siraj Shaikh |
| format |
Journal article |
| container_title |
Telecommunication Systems |
| container_volume |
66 |
| container_issue |
3 |
| container_start_page |
417 |
| publishDate |
2017 |
| institution |
Swansea University |
| issn |
1018-4864 1572-9451 |
| doi_str_mv |
10.1007/s11235-017-0296-1 |
| publisher |
Springer Science and Business Media LLC |
| college_str |
Faculty of Science and Engineering |
| hierarchytype |
|
| hierarchy_top_id |
facultyofscienceandengineering |
| hierarchy_top_title |
Faculty of Science and Engineering |
| hierarchy_parent_id |
facultyofscienceandengineering |
| hierarchy_parent_title |
Faculty of Science and Engineering |
| department_str |
School of Mathematics and Computer Science - Computer Science{{{_:::_}}}Faculty of Science and Engineering{{{_:::_}}}School of Mathematics and Computer Science - Computer Science |
| document_store_str |
1 |
| active_str |
0 |
| description |
App collusion refers to two or more apps working together to achieve a malicious goal that they otherwise would not be able to achieve individually. The permissions based security model of Android does not address this threat as it is rather limited to mitigating risks of individual apps. This paper presents a technique for quantifying the collusion threat, essentially the first step towards assessing the collusion risk. The proposed method is useful in finding the collusion candidate of interest which is critical given the high volume of Android apps available. We present our empirical analysis using a classified corpus of over 29,000 Android apps provided by Intel SecurityTM. |
| published_date |
2017-11-01T08:14:26Z |
| _version_ |
1821392520044609536 |
| score |
11.047804 |