Permission Request Pattern Recognition in Android Malware Applications

Permission Request Pattern Recognition in Android Malware Applications

Ahmed Ben Ayed (University of the Cumberlands, Williamsburg, KY, USA)
DOI: 10.4018/IJSITA.2017010103
OnDemand PDF Download:
No Current Special Offers


This article discusses that smartphone systems have known a huge evolution in terms of their capacities and functionalities. Therefore, they are used extensively for professional and personal work. Since smartphones became popular, cybercriminals and Malware developers have shown an extensive interest in the smartphone's system. Therefore, the protection of these devices is very important. Since Malware has to be granted some permissions to achieve its goals, the author believes those permissions could be a useful characteristic in helping detect malicious applications. However, the usefulness of such features is not yet confirmed. This research consists of an examination of three hundred eighty-seven different Android-Based Malware applications in order to determine if there is a permission request pattern. This article presents a complete analysis of permission requests in Android malicious applications using the Self-Organizing Maps.
Article Preview


Smartphones are predominantly communication devices with additional computing power built in (Beale, 2005). In the United States over eighty-seven percent of Americans own a cell phone and more than fifty percent use their phones to access the Internet (Brenner, 2013). Smartphone usage is experiencing growth. Smartphone ownership consisted of forty-five percent in 2012 (Brenner, 2013), and rose to sixty-four percent by October 2014 (Smith, 2015). The computing power built into smartphones enables it to offer a wide range of services such as accessing the Internet, playing games, and using the phone to store such personal data as photos, videos, calendar events, etc. This range of features offered by smartphones makes it very attractive to users and a good and cheap alternative to personal computers. A research done by (Smith, 2015), found that ten percent of Americans that own a smartphone do not have the Internet at home, and fifteen percent of smartphone owners depend mainly on their phones to access the Internet (Smith, 2015). The accessibility, convenience, and the wide range of features smartphones offer have made them appealing not only for personal use, but also extending into use by the business world. Android smartphones are becoming more and more powerful and enriched with sensitive information that could be used to harm the user in case of a security breach. On the other hand, the Android operating system is considered the most-used mobile operating system on the market. This gives cyber-criminals a profound opportunity to find and exploit breaches in such a widely used system. The Android system uses a multi-process system where each application has its own space to execute its code. Applications are restricted on what actions they can perform and what kind of information they can access; however, this permission mechanism relies entirely on the users to figure out if the permission requested is appropriate for the application to ask for. For example, many Torch applications that are available on the official Android market were criticized over what experts considered excessive permission requests. Tens of millions of people have downloaded applications like the “Super-Bright” application, which was requesting unusual permissions such as the ability to delete applications, track the user's location, access the user’s Bluetooth, etc. Another research (Snoopwall, 2014), summarized privacy and risk analyses of the top ten Android Flashlight applications, and found that the average number of permission requests for those applications was about ten permissions. Those permission requests included some dangerous permissions such as the ability to delete and modify the contents of USB storage, to receive data from the Internet, modify system settings, and record audio and video. None of these permissions have anything to do with the description of the functionality of the application as described by the developing company. However, that did not stop thousands and thousands of users from installing and running these kinds of applications on their Android phones.

On the official Android market alone about twenty-two thousand applications are added every single month. A study conducted in 2014 by the Pew Research Center analyzed over one million applications, showed applications requested more than two hundred and thirty-five different kinds of permissions, with the average number of permission requests at about five permissions per application. All applications studied were downloaded from the official Android market (Olmstead & Atkinson, 2016).

Many scholars have used permission requests to classify applications according to the degree of harm they could cause, while others have used them to develop solutions to detect Malware applications.

Complete Article List

Search this Journal:
Open Access Articles: Forthcoming
Volume 10: 4 Issues (2019)
Volume 9: 4 Issues (2018)
Volume 8: 4 Issues (2017)
Volume 7: 4 Issues (2016)
Volume 6: 4 Issues (2015)
Volume 5: 4 Issues (2014)
Volume 4: 4 Issues (2013)
Volume 3: 4 Issues (2012)
Volume 2: 4 Issues (2011)
Volume 1: 4 Issues (2010)
View Complete Journal Contents Listing