A Dynamic Countermeasure Method to Android Malware by User Approval

Android malware is increasing and flooded with malware which disguise as popular applications and execute malicious attacks within the scope of permissions which was approved by users. Such malware can be prevented by confirming all risky permissions. However confirming permissions is not full preparation for preventing infection, because of defective Android Permission System. Several functions which should be restricted are often not restricted by appropriate permissions. Moreover, applications can go beyond the approved permission by using Intent. This paper proposes a dynamic approval system. When an application executes an action which requires the permission, the proposed system shows a user such adequate information that he/she can judge whether the application is malicious or not. So he/she can determine whether to grant an application´s action. The aim of the proposal system is to make fine grained application controllability, so that users can protect their personal valuable information from malware.