A methodology for empirical analysis of permission-based security models and its application to android

David Barrera; Hilmi Gunes Kayacik; Paul Van Oorschot; Anil Somayaji

doi:10.1145/1866307.1866317

A methodology for empirical analysis of permission-based security models and its application to android

David Barrera, Hilmi Gunes Kayacik, Paul Van Oorschot, Anil Somayaji

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Permission-based security models provide controlled access to various system resources. The expressiveness of the permission set plays an important role in providing the right level of granularity in access control. In this work, we present a methodology for the empirical analysis of permission-based security models which makes novel use of the Self-Organizing Map (SOM) algorithm of Kohonen (2001). While the proposed methodology may be applicable to a wide range of architectures, we analyze 1,100 Android applications as a case study.

Original language	English
Title of host publication	Proceedings of the 17th ACM conference on Computer and Communications Security (CCS'10)
Publisher	ACM, Inc.
Pages	73-84
Number of pages	12
ISBN (Print)	9781450302449
DOIs	https://doi.org/10.1145/1866307.1866317
Publication status	Published - 2010

Keywords

access control
visualization
permission-based security
self-organizing maps
smartphone operating systems

Documents and Links

10.1145/1866307.1866317

Cite this

@inproceedings{7a8ad1228b7e40688219f175706cc955,

title = "A methodology for empirical analysis of permission-based security models and its application to android",

abstract = "Permission-based security models provide controlled access to various system resources. The expressiveness of the permission set plays an important role in providing the right level of granularity in access control. In this work, we present a methodology for the empirical analysis of permission-based security models which makes novel use of the Self-Organizing Map (SOM) algorithm of Kohonen (2001). While the proposed methodology may be applicable to a wide range of architectures, we analyze 1,100 Android applications as a case study.",

keywords = "access control, visualization, permission-based security, self-organizing maps, smartphone operating systems",

author = "David Barrera and Kayacik, {Hilmi Gunes} and {Van Oorschot}, Paul and Anil Somayaji",

year = "2010",

doi = "10.1145/1866307.1866317",

language = "English",

isbn = "9781450302449",

pages = "73--84",

booktitle = "Proceedings of the 17th ACM conference on Computer and Communications Security (CCS'10)",

publisher = "ACM, Inc.",

}

A methodology for empirical analysis of permission-based security models and its application to android. / Barrera, David; Kayacik, Hilmi Gunes; Van Oorschot, Paul; Somayaji, Anil.

Proceedings of the 17th ACM conference on Computer and Communications Security (CCS'10). ACM, Inc., 2010. p. 73-84.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - A methodology for empirical analysis of permission-based security models and its application to android

AU - Barrera, David

AU - Kayacik, Hilmi Gunes

AU - Van Oorschot, Paul

AU - Somayaji, Anil

PY - 2010

Y1 - 2010

N2 - Permission-based security models provide controlled access to various system resources. The expressiveness of the permission set plays an important role in providing the right level of granularity in access control. In this work, we present a methodology for the empirical analysis of permission-based security models which makes novel use of the Self-Organizing Map (SOM) algorithm of Kohonen (2001). While the proposed methodology may be applicable to a wide range of architectures, we analyze 1,100 Android applications as a case study.

AB - Permission-based security models provide controlled access to various system resources. The expressiveness of the permission set plays an important role in providing the right level of granularity in access control. In this work, we present a methodology for the empirical analysis of permission-based security models which makes novel use of the Self-Organizing Map (SOM) algorithm of Kohonen (2001). While the proposed methodology may be applicable to a wide range of architectures, we analyze 1,100 Android applications as a case study.

KW - access control

KW - visualization

KW - permission-based security

KW - self-organizing maps

KW - smartphone operating systems

UR - http://www.scopus.com/inward/record.url?eid=2-s2.0-78649990344&partnerID=8YFLogxK

U2 - 10.1145/1866307.1866317

DO - 10.1145/1866307.1866317

M3 - Conference contribution

AN - SCOPUS:78649990344

SN - 9781450302449

SP - 73

EP - 84

BT - Proceedings of the 17th ACM conference on Computer and Communications Security (CCS'10)

PB - ACM, Inc.

ER -

A methodology for empirical analysis of permission-based security models and its application to android

Abstract

Keywords

Documents and Links

Other files and links

Fingerprint

Cite this