New paper: Distinguishing between malicious app collusion and benign app collaboration: a machine-learning approach

Yesterday, we published a paper (that was presented at VB2016) on

Android app collusions

: the situation in which two or more apps work together to exfiltrate data from a device using the combined permissions of each app.

Today, we publish a follow-up paper by the same (in fact, slightly larger) group of researchers, affiliated with various UK universities and companies. In it, they describe their method of using machine learning techniques to make the tricky distinction between malicious app collusion and benign app collaboration.

Collusions tend to be difficult to detect, as each app individually will appear benign to most analysis tools, thus careful study is required of a collection of apps as a whole – something which scales very poorly for human analysts. As collusion may have (malicious) applications beyond

Android

apps, the approach may have more general applications too.

You can read the paper online both in

HTML

and

PDF

format.

Posted

March 27, 2018

blog

root

Tags:

acid project, app collusion, application collusion detection, collaboration, colluding apps, collusion, machine learning, mobile apps

New paper: Distinguishing between malicious app collusion and benign app collaboration: a machine-learning approach

Comments

Leave a Reply Cancel reply