| The Android system utilizes a permission-based security model requiring developers to declare what sensitive resources their applications will access.However,the permission over-privilege problem is becoming more and more serious,which brings huge risk for the Android ecosystem.Therefore,in this paper,we present a framework,constructing the iteration model and functionality-permission set model,combining LDA,static analysis and collaborative filtering method to identify the minimum permission set according to the application description.First,LDA is used to extract functionality features from application description information and static analysis is used to detect the API-based permissions for each mobile app.Collaborative filtering is adopted to identify the over-declared permissions so that we can develop an iteration algorithm to generate the minimum permission set.Next,we propose a functionality-permission set based method,excavating the permissions corresponding to the functionality obtained by LDA topics.So we can further identify the minimum permission set corresponding to the application description by facilitating the permission configuration.Finally,we propose a permission over-privilege based approach to make risk evaluation.The experiments based on the apps from Google Play show the effectiveness compared with the previous work: our approach can effectively reduce the permission over-privileged problem and detect the risk applications.In summary,this paper proposes a method to help end users to identify the minimum permission set of Android applications and further make risk evaluation,intending to reduce the risk caused by permission over-privileged problem. |
PDF Full Text Request