Kizito, Mark, Homayounvala, Elaheh, Kazemian, Hassan and Araujo, Istteffanny Isloure (2024) Malware detection and analysis in Android applications with mobile security framework (MobsF) using a permission-based approach. In: 12th International Conference on Frontiers of Intelligent Computing: Theory and Applications (FICTA-2024), 6-7 June 2024, London Metropolitan University, London (UK) / Online. (In Press)
This paper examines security concerns in Android applications arising from violations to the principle of least privilege. Using mobile security framework (MobsF), static and dynamic analysis techniques were used in evaluating how non-essential permission groups that are not core to application functions greatly increase risks of unauthorized system access by attackers, data breaches and privacy concerns, enlarged attack surfaces, and hijacking system resources among others. A permission-based approach systematically identifies malware and highlights dangerous permission groups that magnify security risks. The findings of this research study, emphasis meticulous auditing of permissions to prevent security threats in Android applications and to safeguard user-sensitive data. The conducted experiments compared essential core permissions to non-essential ones regarding application functionality and overall system security. It was also noted that background permissions potentially pose a great deal of risk to security when granted without proper rationale as this increases attack surfaces within the application itself.
Restricted to Repository staff only until 5 September 2025.
Download (888kB)
View Item |