Checking App Behavior Against App Descriptions

Speaker  Andreas Zeller

Host  Tom Zimmermann

Affiliation  Saarland University

Duration  01:05:26

Date recorded  11 November 2013

How do we know a program does what it claims to do? After clustering mined Android apps by their description topics, we identify outliers in each cluster with respect to their API usage. A “weather” app that sends messages thus becomes an anomaly; likewise, a “messaging” app would not be expected to access the current location. Applied on a set of 22,000+ Android applications, our approach identified several anomalies, and classified known malware accurately with high precision and recall; with the help of upcoming test generators, we will identify anomalies in terms of dynamic API usage and information flow

©2013 Microsoft Corporation. All rights reserved.
> Checking App Behavior Against App Descriptions