Malicious Privacy Invasive Android Application Detection Using Machine Learning-Based Permission Analysis Technique

Permissions are a key factor in protecting the privacy of users within the android system. Since it is often not clear why applications require access to certain permissions, app descriptions provided by developers should clarify to users why their apps need those dangerous permissions. Identifying accurately the presence of permission usage details in app descriptions is a difficult task due to the lack of established quality standards and different ways developers may convey information related to permissions requirements. In this work, we used permission analysis technique to detect malicious privacy invasive apps by identifying critical discrepancies between application description and its permissions requirements. Further, apps are categorized into different risk levels using K-means and SVM machine learning algorithms. Out of 1005 applications analyzed using our system, 938 were found to be having at least 1 suspicious dangerous permission requirement.