ACCUSE is a tool that analyzes Android apps and assigns them risk levels related to their permissions and data access. It extracts metadata on over 11,000 apps from the Google Play Store, including permissions, downloads, and ratings. It then clusters apps based on their permissions and calculates three risk levels - normal, dangerous, and system - related to different permission types. ACCUSE also factors in app popularity and ratings to dampen the assigned risk for preloaded apps and highly rated apps. The tool allows analyzing apps with similar functions to see variations in their risk assessments and compares its risk model to others from previous research.
A Secure and Reliable Document Management System is Essential.docx
Β
ACCUSE: Helping Users to minimize Android App Privacy Concerns
1. ACCUSE: Helping Users to minimize Android App Privacy
Concerns
4th IEEE/ACM International Conference on Mobile Software Engineering and Systems
May 22-23, Buenos Aires (Argentina)
Presented by :
Majda Moussa, Giulio Antoniol, Massimiliano di Penta and Giovanni Beltrame
2. ο± Problem Statement: Why it is not like driving a car?
User Data
=
User
Developers
Apps
Approach ConclusionIntroduction Results
2
10. For the 50 Malware apps: Compute the ranges [min R, max R], [min D, max D].
Generate 10 sub-intervals, out of the computed ranges, and record the
percentage (P) of the 50 apps in each subinterval .
According to P, compute RF and PF by generating random values for ratings and
downloads in the different sub-intervals.
β’ Market Dataset: ~ 11 700 apps form Google-Play.
β’ Malware Dataset: ~ 900 apps from VirusShare and ~ 50 form Google-Play.
ο± Datasets
ο± Missed Information for Malware dataset
ConclusionResultsApproachIntroduction
10
11. ο± To what extent apps with the same functionality exhibit different risk levels using ACCUSE?
ConclusionApproach ResultsIntroduction
11
12. ο± How does ACCUSE compare with the risk model proposed by Peng et al. [3]?
ConclusionApproach ResultsIntroduction
12
ACCUSE (RF and PF belief weights of 100% βw1 = 10, w2 = 100 and w3 =1000) compared to
the generative models (BNB, PNB and HMNB).
13. ο± How does ACCUSE compare with the risk model proposed by Peng et al. [3]?
ConclusionApproach ResultsIntroduction
13
AUC distribution obtained throughout the random generation process of malware
apps rating information.
14. ο± ACCUSE (Android Confidentiality Concern User Support systEm) allows:
ο± Work-in-progress is devoted to:
β’ Extend the study to further apps and malware.
β’ Assess the ACCUSE usefulness through a user study
β’ Implement it as a real-time social media feedback mechanisms.
β’ differently weighting the importance of different classes of Android
permissions.
β’ damping the risk of apps based on their rating and popularity.
β’ plotting the risk using heat colors in a three dimensional space (NORMAL,
DANGEROUS and SYSTEM risk).
ResultsApproach ConclusionIntroduction
14