摘要
应用程序的权限使用情况是进行安全风险评估和检测的重要因素,但权限调用合理性是一个不确定问题。不同功能的应用程序申请的权限是不同的,单个的应用程序很难判断所申请的权限是否满足最小特权原则。针对这一问题,提出了一种面向种群的Android应用风险评估模型。从种群的角度,判定申请的权限是否满足此类应用程序的基本特征行为。首先建立权限使用情况、评分值、下载量、好评率等多维度评价指标体系,对应用程序进行权限特征分析并使用聚类算法实现权限风险评估。为了提高风险评估聚类结果的可解释性,使用决策树进行调整,增强合理性判定。对比于仅研究权限使用情况,采用决策树将多方面信息纳入应用程序风险评估的研究范围,实验结果可以进一步准确有效地检测出应用程序的风险程度。
The usage of application permission is an important factor for security risk assessment and detection,but the rationality of permission invocation is an uncertain problem.Applications with different functions have different permissions.It is difficult to judge whether the requested permissions meet the minimum privilege principle for a single application.To solve this problem,we propose a population-oriented Android application risk assessment model.From the perspective of population,we determine whether the applied permission meets the basic characteristic behavior of such applications.Firstly,a multi-dimensional evaluation index system such as the usage of permission,score,evaluation and downloads is established,the permission characteristics of the application is analyzed,and the clustering algorithm is used to realize the risk assessment of permission.In order to improve the interpretability of clustering results,decision tree is used to adjust and enhance rationality judgment.Compared with only studying the usage of permission,the decision tree is used to bring various information into the research scope of application risk assessment.The experimental results can further accurately and effectively detect the risk degree of application.
作者
余琴
李涛
王颉
万振华
YU Qin;LI Tao;WANG Jie;WAN Zhen-hua(School of Computer Science and Technology,Wuhan University of Science and Technology,Wuhan 430065,China;Hubei Province Key Laboratory of Intelligent Information Processing and Real-time Industrial System,Wuhan 430065,China;Shenzhen Kaiyuan Internet Security Technology Co.,Ltd.,Shenzhen 518000,China)
出处
《计算机技术与发展》
2022年第12期7-11,共5页
Computer Technology and Development
基金
国家自然科学基金资助项目(61702383)
湖北省教育厅重大项目(17ZD014)。
关键词
ANDROID应用
种群
风险评估
聚类
决策树
Android application
population
risk assessment
clustering
decision tree
