Classified risk assessment method of Android application based  on multi-factor clustering selection

CHAO Fan, YANG Zhi, DU Xuehui, HAN Bing

doi:10.11959/j.issn.2096−109x.2021023

网络与信息安全学报 (Apr 2021)

Classified risk assessment method of Android application based on multi-factor clustering selection

CHAO Fan, YANG Zhi, DU Xuehui, HAN Bing

Affiliations

CHAO Fan, YANG Zhi, DU Xuehui, HAN Bing: Information Engineering University, Zhengzhou 450001, China

DOI: https://doi.org/10.11959/j.issn.2096−109x.2021023
Journal volume & issue: Vol. 7, no. 2
pp. 161 – 173

Abstract

Read online

Most existing risk assessments of Android applications directly assign weights to factors according to experience, and calculate security risks by counting the frequency statistics of few factors. A new method for risk assessment of Android applications is proposed, which can provide both quantitative and qualitative assessment. This method integrates multiple risk factors such as system permissions, API calls, the action properties of Intent Filter, and data flow. The risks of factors are assigned based on their risk classification and addition, and the weights of factor subsets are distributed based on hierarchical clustering. Experiments show that the assessment results can effectively reflect the real security risks of Android applications.

Published in 网络与信息安全学报

ISSN: 2096-109X (Print)
Publisher: POSTS&TELECOM PRESS Co., LTD
Country of publisher: China
LCC subjects: Science: Mathematics: Instruments and machines: Electronic computers. Computer science
Website: http://www.infocomm-journal.com/cjnis/CN/2096-109X/home.shtml

About the journal

Abstract

Keywords