PACS: Pemission Abuse Checking System for Android Applictions based on Review Mining

摘要

The openness and freedom of Android system improve the proliferation of Android applications. According to recent statistics, more than 2.6 million various applications are released in Google Play Store. Unfortunately, due to the limitation of developers' knowledge and the lack of strict development specifications, the quality of the apps can not be guaranteed. This may lead to potential security problems, especially for the over requirements of the apps' permissions, which is called Permission Abuse Problem. Although some previous studies have already analyzed the permission system, investigated the effectiveness of permission model and attempted to resolve the problem, it still needs an effective and practical concentrated method to detect the permission abuse problem. In this paper, we present PACS (Permission Abuse Checking System) based on data and frequent itemsets mining technique to bring an improvement by using the apps' reviews and descriptions. PACS firstly classifies the apps into different categories by mining the apps' meta-data, e.g., the reviews, descriptions, etc. Then, it obtains the maximum frequent itemsets and constructs the permission feature database. Finally, we evaluate PACS on detecting unknown applications of the abused permission. The experiment results show that 726 out of 935 applications, which account for about 77.6%, are suffering from the Permission Abuse Problem. By comparing with the previous tools, PACS has better performances.