【作者】 谢永恒； 孔华锋； 姚宣霞； 姚诚；

【Author】 XIE Yongheng;KONG Huafeng;YAO Xuanxia;YAO Cheng;Run Technologies Co.,Ltd.Beijing;The Third Research Institute of Ministry of Public Security;Department of Computer Science,School of Computer and Communication Engineering,University of Science and Technology Beijing;China CITIC Bank Corporation Limited;

【机构】 北京锐安科技有限公司； 公安部第三研究所； 北京科技大学计算机与通信工程学院计算机系； 中信银行股份有限公司；

【摘要】 针对Android应用良莠不齐的现象和其权限特征,基于攻击树模型,对Android应用程序进行恶意风险的评估。首先基于已有的研究成果计算了被恶意程序申请的前24种权限的基本恶意风险;然后根据费用消耗和隐私窃取两类恶意程序的运行机制,分别提取其权限特征;最后,基于费用消耗类程序的权限特征构建了攻击树模型,采用匹配方法对基础恶意性进行了评估,结合行为影响和隐蔽程度确定程序的恶意风险值。实验表明该方法能对AndroidAPP的恶意性进行有效评估。更多还原

【Abstract】 Considering that there are many malicious Android APP and they can be characterized by the requested permissions,a risk assessment method based on the attack tree is proposed.Firstly,the basic risk is evaluated for each of the top 24 permissions requested by malwares on the basis of existing research achievements.And then,the permission features are abstracted for the consumptions and privacy stealing malwares according to their running mechanism.At last,the attack tree for consumptions malware is constructed to evaluate the basic risk of the APP.The experiment results show proposed risk assessment method can assessment Android APP effectively.更多还原