This thesis investigates the permissions requested by Android applications, and the possibility of identifying suspicious applications based only on information presented to the user before an application is downloaded. During the course of this project, a large data set consisting of applications published on Google Play and three different third-party Android application markets was collected over a two-month period. These applications are analysed using manual pattern recognition and k-means clustering, focusing on the permissions they request. The pattern analysis is based on a smaller data set consisting of confirmed malicious applications. The method is evaluated based on its ability to recognise malicious potential in the analysed applications. The k-means clustering analysis takes the whole data set into consideration, in the attempt of uncovering suspicious patterns. This method is evaluated based on its ability to uncover distinct suspicious permission patterns and the findings acquired after further analysis of the clustering results.
| Identifer | oai:union.ndltd.org:UPSALLA1/oai:DiVA.org:ntnu-18898 |
| Date | January 2012 |
| Creators | Boksasp, Trond, Utnes, Eivind |
| Publisher | Norges teknisk-naturvitenskapelige universitet, Institutt for telematikk, Norges teknisk-naturvitenskapelige universitet, Institutt for telematikk, Institutt for telematikk |
| Source Sets | DiVA Archive at Upsalla University |
| Language | English |
| Detected Language | English |
| Type | Student thesis, info:eu-repo/semantics/bachelorThesis, text |
| Format | application/pdf |
| Rights | info:eu-repo/semantics/openAccess |
Page generated in 0.0015 seconds