TY - JOUR
T1 - On Identification of Intrusive Applications
T2 - A Step Toward Heuristics-Based Adaptive Security Policy
AU - Mohsen, Fadi
AU - Rauf, Usman
AU - Lavric, Victor
AU - Kokushkin, Alexander
AU - Wei, Zhiyuan
AU - Martinez, Adalynn
N1 - Publisher Copyright:
© 2013 IEEE.
PY - 2024/3/14
Y1 - 2024/3/14
N2 - Android is widely recognized as one of the leading mobile operating systems globally. As the popularity and usage of Android OS and third-party application stores continue to soar, the process of developing and publishing applications has become increasingly accessible. However, the absence of a robust filtering mechanism to ensure that applications only request appropriate and secure permissions poses a significant concern. While extensive research has been conducted on malware analysis, the realm of intrusive applications remains largely unexplored. The lack of defensive measures to promptly identify invasive applications tilts the balance in favor of malicious actors and developers who may embed intrusive behavior within their products. It is imperative to develop new monitoring tools and techniques that address these privacy gaps. In light of this, we propose a Continuous Threat Monitoring Framework (CTMF) designed to safeguard mobile users from intrusive apps both before and after installation. Our framework, implemented and evaluated in the Android environment, offers practical deployability without imposing excessive overhead. It fills the void by considering the changes occurring within an app while it remains on a user's device, setting it apart from existing anti-intrusiveness solutions primarily focusing on app installation.
AB - Android is widely recognized as one of the leading mobile operating systems globally. As the popularity and usage of Android OS and third-party application stores continue to soar, the process of developing and publishing applications has become increasingly accessible. However, the absence of a robust filtering mechanism to ensure that applications only request appropriate and secure permissions poses a significant concern. While extensive research has been conducted on malware analysis, the realm of intrusive applications remains largely unexplored. The lack of defensive measures to promptly identify invasive applications tilts the balance in favor of malicious actors and developers who may embed intrusive behavior within their products. It is imperative to develop new monitoring tools and techniques that address these privacy gaps. In light of this, we propose a Continuous Threat Monitoring Framework (CTMF) designed to safeguard mobile users from intrusive apps both before and after installation. Our framework, implemented and evaluated in the Android environment, offers practical deployability without imposing excessive overhead. It fills the void by considering the changes occurring within an app while it remains on a user's device, setting it apart from existing anti-intrusiveness solutions primarily focusing on app installation.
KW - android applications
KW - Insider threats
KW - intrusive applications
KW - mobile security
KW - threat analysis
UR - http://www.scopus.com/inward/record.url?scp=85187373394&partnerID=8YFLogxK
U2 - 10.1109/ACCESS.2024.3373202
DO - 10.1109/ACCESS.2024.3373202
M3 - Article
AN - SCOPUS:85187373394
SN - 2169-3536
VL - 12
SP - 37586
EP - 37599
JO - IEEE Access
JF - IEEE Access
ER -