Detection of app collusion potential using logic programming
- Submitting institution
-
City, University of London
- Unit of assessment
- 12 - Engineering
- Output identifier
- 435
- Type
- D - Journal article
- DOI
-
10.1016/j.jnca.2017.12.008
- Title of journal
- Journal of Network and Computer Applications
- Article number
- -
- First page
- 88
- Volume
- 105
- Issue
- -
- ISSN
- 1084-8045
- Open access status
- Compliant
- Month of publication
- December
- Year of publication
- 2017
- URL
-
-
- Supplementary information
-
-
- Request cross-referral to
- -
- Output has been delayed by COVID-19
- No
- COVID-19 affected output statement
- -
- Forensic science
- No
- Criminology
- No
- Interdisciplinary
- No
- Number of additional authors
-
3
- Research group(s)
-
-
- Proposed double-weighted
- No
- Reserve for an output with double weighting
- No
- Additional information
- This paper proposes and evaluates new methods for detecting malicious colluding Android apps. It anticipates a new threat, colluding apps, which are difficult to detect because their malicious behaviour occurs only when multiple apps cooperate. This work resulted from a collaboration of three universities and McAfee Security. Classifier was demonstrated and given to McAfee for implementation in their Global Threat Management System. It also reports the first real world case of colluding apps. Detection rules are defined after studying collusion methods and evaluated for a large dataset of 50,174 Android apps provided by McAfee
- Author contribution statement
- -
- Non-English
- No
- English abstract
- -