[1]余 琴,李 涛*,王 颉,等.面向种群的 Android 应用风险评估研究[J].计算机技术与发展,2022,32(12):7-11.[doi:10. 3969 / j. issn. 1673-629X. 2022. 12. 002]
 YU Qin,LI Tao*,WANG Jie,et al.Research on Population-based Android Application Risk Assessment[J].,2022,32(12):7-11.[doi:10. 3969 / j. issn. 1673-629X. 2022. 12. 002]
点击复制

面向种群的 Android 应用风险评估研究()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
32
期数:
2022年12期
页码:
7-11
栏目:
综述
出版日期:
2022-12-10

文章信息/Info

Title:
Research on Population-based Android Application Risk Assessment
文章编号:
1673-629X(2022)12-0007-05
作者:
余 琴1 李 涛2* 王 颉3 万振华3
1. 武汉科技大学 计算机科学与技术学院,湖北 武汉 430065;
2. 智能信息处理与实时工业系统湖北省重点实验室,湖北 武汉 430065;
3. 深圳开源互联网安全技术有限公司,广东 深圳 518000
Author(s):
YU Qin1 LI Tao2* WANG Jie3 WAN Zhen-hua3
1. School of Computer Science and Technology,Wuhan University of Science and Technology,Wuhan 430065,China;
2. Hubei Province Key Laboratory of Intelligent Information Processing and Real-time Industrial System,Wuhan 430065,China;
3. Shenzhen Kaiyuan Internet Security Technology Co. ,Ltd. ,Shenzhen 518000,China
关键词:
Android 应用种群风险评估聚类决策树
Keywords:
Android applicationpopulationrisk assessmentclusteringdecision tree
分类号:
TP316;TP309
DOI:
10. 3969 / j. issn. 1673-629X. 2022. 12. 002
摘要:
应用程序的权限使用情况是进行安全风险评估和检测的重要因素,但权限调用合理性是一个不确定问题。 不同功能的应用程序申请的权限是不同的,单个的应用程序很难判断所申请的权限是否满足最小特权原则。 针对这一问题,提出了一种面向种群的 Android 应用风险评估模型。 从种群的角度,判定申请的权限是否满足此类应用程序的基本特征行为。 首先建立权限使用情况、评分值、下载量、好评率等多维度评价指标体系,对应用程序进行权限特征分析并使用聚类算法实现权限风险评估。 为了提高风险评估聚类结果的可解释性,使用决策树进行调整,增强合理性判定。 对比于仅研究权限使用情况,采用决策树将多方面信息纳入应用程序风险评估的研究范围,实验结果可以进一步准确有效地检测出应用程序的风险程度。
Abstract:
The usage of application permission is an important factor for security risk assessment and detection, but the rationality ofpermission invocation is an uncertain problem. Applications with different functions have different permissions. It is difficult to judgewhether the requested permissions meet the minimum privilege principle for a single application. To solve this problem,we propose apopulation-oriented Android application risk assessment model. From the perspective of population,we determine whether the appliedpermission meets the basic characteristic behavior of such applications. Firstly,a multi-dimensional evaluation index system such as theusage of permission,score,evaluation and downloads is established,the permission characteristics of the application is analyzed,and the clustering algorithm is used to realize the risk assessment of permission. In order to improve the interpretability of clustering results,decision tree is used to adjust and enhance rationality judgment. Compared with only studying the usage of permission,the decision tree isused to bring various information into the research scope of application risk assessment. The experimental results can further accuratelyand effectively detect the risk degree of application.

相似文献/References:

[1]李荣.多重群体遗传算法在装箱问题中的应用研究[J].计算机技术与发展,2007,(09):247.
 LI Rong.Application Study of Multi - Group Genetic Algorithms in Bin- Packing Problem[J].,2007,(12):247.
[2]李刚 薛惠锋 邢书宝[].遗传算法求解精度与种群大小的函数关系[J].计算机技术与发展,2006,(07):96.
 LI Gang,XUE Hui-feng,XING Shu-bao.Function of Genetic Algorithms Solution Precision to Population Size[J].,2006,(12):96.

更新日期/Last Update: 2022-12-10