Towards a threat assessment framework for apps collusion.

Kalutarage, Harsha Kumara; Nguyen, Hoang Nga; Shaikh, Siraj Ahmed

doi:10.1007/s11235-017-0296-1

Towards a threat assessment framework for apps collusion.

Kalutarage, Harsha Kumara; Nguyen, Hoang Nga; Shaikh, Siraj Ahmed

Authors

Dr Harsha Kalutarage h.kalutarage@rgu.ac.uk
Associate Professor

Hoang Nga Nguyen

Siraj Ahmed Shaikh

Abstract

App collusion refers to two or more apps working together to achieve a malicious goal that they otherwise would not be able to achieve individually. The permissions based security model of Android does not address this threat as it is rather limited to mitigating risks of individual apps. This paper presents a technique for quantifying the collusion threat, essentially the first step towards assessing the collusion risk. The proposed method is useful in finding the collusion candidate of interest which is critical given the high volume of Android apps available. We present our empirical analysis using a classified corpus of over 29,000 Android apps provided by Intel SecurityTM.

Citation

KALUTARAGE, H.K., NGUYEN, H.N. and SHAIKH, S.A. 2017. Towards a threat assessment framework for apps collusion. Telecommunication systems [online], 66(3), pages 417-430. Available from: https://doi.org/10.1007/s11235-017-0296-1

Journal Article Type	Article
Acceptance Date	Mar 7, 2017
Online Publication Date	Mar 7, 2017
Publication Date	Nov 30, 2017
Deposit Date	Jan 17, 2020
Publicly Available Date	Jan 17, 2020
Journal	Telecommunication Systems
Print ISSN	1018-4864
Electronic ISSN	1572-9451
Publisher	Springer
Peer Reviewed	Peer Reviewed
Volume	66
Issue	3
Pages	417-430
DOI	https://doi.org/10.1007/s11235-017-0296-1
Keywords	Android security; Apps collusion; Threat assessment; Bayesian; Statistical modelling
Public URL	https://rgu-repository.worktribe.com/output/816396