IEEE Access (Jan 2024)
On Identification of Intrusive Applications: A Step Toward Heuristics-Based Adaptive Security Policy
Abstract
Android is widely recognized as one of the leading mobile operating systems globally. As the popularity and usage of Android OS and third-party application stores continue to soar, the process of developing and publishing applications has become increasingly accessible. However, the absence of a robust filtering mechanism to ensure that applications only request appropriate and secure permissions poses a significant concern. While extensive research has been conducted on malware analysis, the realm of intrusive applications remains largely unexplored. The lack of defensive measures to promptly identify invasive applications tilts the balance in favor of malicious actors and developers who may embed intrusive behavior within their products. It is imperative to develop new monitoring tools and techniques that address these privacy gaps. In light of this, we propose a Continuous Threat Monitoring Framework (CTMF) designed to safeguard mobile users from intrusive apps both before and after installation. Our framework, implemented and evaluated in the Android environment, offers practical deployability without imposing excessive overhead. It fills the void by considering the changes occurring within an app while it remains on a user’s device, setting it apart from existing anti-intrusiveness solutions primarily focusing on app installation.
Keywords