Checking App Behavior Against App Descriptions

How do we know a program does what it claims to do? After clustering mined Android apps by their description topics, we identify outliers in each cluster with respect to their API usage. A “weather” app that sends messages thus becomes an anomaly; likewise, a “messaging” app would not be expected to access the current location. Applied on a set of 22,000+ Android applications, our approach identified several anomalies, and classified known malware accurately with high precision and recall; with the help of upcoming test generators, we will identify anomalies in terms of dynamic API usage and information flow

Speaker Details

Andreas Zeller is a full professor for Software Engineering at Saarland University in Saarbrücken, Germany, since 2001. His research concerns the analysis of large software systems and their development process. In 2010, Zeller was inducted as Fellow of the ACM for his contributions to automated debugging and mining software archives. In 2011, he received an ERC Advanced Grant, Europe’s highest and most prestigious individual research grant, for work on specification mining and test case generation. The presented work was conducted with Alessandra Gorla, Ilaria Tavecchia, and Florian Gross

Series:
Microsoft Research Talks
Date:
Speakers:
Andreas Zeller
Affiliation:
Saarland University

Series: Microsoft Research Talks