Estimating Security Risks of Android Apps Using Information Gain

With the rapid growth of developing malwares in Android platform as the widest used mobile operating system, knowing security risk of an application (app) can be helpful for warning users regarding the use of potential malicious applications. The security risk of an Android app can be estimated using its requested permissions. In this paper, the concept of critical permissions is precisely re-defined according to the abuse of permissions by previously known Android malwares. Based on this definition and analysis of requested permissions of the large numbers of malwares and benign apps, a new criterion is proposed to measure the security risk of the apps. In this criterion, informative permissions have higher impact on the resulting measured security risk values of the apps. Experimental evaluations show the superiority of the proposed criterion with respect to previously proposed ones in terms of detection rete and generalization capability.