An integrated static detection and analysis framework for android

The security and privacy issues of android system have attracted a lot of attention from both industry and academia in recent years. Static detection is one typical method to analyze malicious code. However, existing single static detection method can introduce high false alarm rate and is only appropriate for a limited scope. In this paper, we propose an integrated static detection framework, which consists of four layers of filtering mechanisms, that is, the message digest (MD5) values, the combination of malicious permissions, the dangerous permissions, and the dangerous intention, respectively. An intuitive threat-degree model is proposed especially on dangerous permissions detection. Furthermore, we implement a prototype system ASE and validate its feasibility, performance and scalability. A comprehensive evaluation shows that the proposed framework has obvious advantages especially in efficiency, granularity, layers, and correctness.