SCANNER: Sequence Clustering of resource Access to find Nearest Neighbors

Author

Neil Wong Hon ChanFollow

Abstract

The Android operating system currently holds 83% of the smartphone market with more than three million applications available on the leading applications (apps) stores.

These apps require a set of permissions on installation and the user has to trust that they behave as expected. This can represent a risk to the user's sensitive information and hence a critical question is how can we track these apps and understand how they are behaving. The current methods to characterize the behavior of applications focus on two types: 1) static analysis, extracting information from the .dex files or the manifest.xml, and 2) dynamic analysis, logging the system calls, control flow or processing sand-boxed execution traces. However, there is a lack of work involving the use of sequential resource access to help reveal critical behavior patterns and find similarly behaving applications.

This work presents SCANNER, a system to analyze the applications' sequential accesses to the various resources on Android devices to cluster similarly behaving applications. We propose to use the Longest Common Subsequence (LCS) to describe the ordered sequences and contrast it with the use of statistical access rates for characterizing application behaviors. Using these features, the applications are clustered to find the nearest neighbors. A set of metrics is defined to quantify how well the neighbors resemble each application and the compactness of the clusters. Our results show that the use of LCS features helps identify similarly behaving applications with resource access patterns that are not necessarily identifiable by using the access rates alone.

Library of Congress Subject Headings

Android (Electronic resource)--Programming; Application software--Testing; Nearest neighbor analysis (Statistics)

Publication Date

9-2015

Document Type

Thesis

Student Type

Graduate

Degree Name

Computer Engineering (MS)

Department, Program, or Center

Computer Engineering (KGCOE)

Advisor

Shanchieh Jay Yang

Advisor/Committee Member

Raymond Ptucha

Advisor/Committee Member

Andres Kwasinski

Comments

Physical copy available from RIT's Wallace Library at QA76.59 .W66 2015

Recommended Citation

Wong Hon Chan, Neil, "SCANNER: Sequence Clustering of resource Access to find Nearest Neighbors" (2015). Thesis. Rochester Institute of Technology. Accessed from
https://repository.rit.edu/theses/8866

Campus

RIT – Main Campus

Plan Codes

CMPE-MS