Detecting malware and evaluating risk of app using Android permission-API system

The popularity and widely use of cellphone have greatly stimulated the spread of the apps. Meanwhile, security issues are increasing quickly, particularly for Android based devices. In this paper, through analyzing the android permissions system and android API system, we want to find out the relationship between permissions and APIs. Furthermore, we propose an approach to detect message intercepting malware. The contribution of this paper is threefold: first, we perform static analysis on the app to extract permissions and system APIs. In order to avoid permissions and APIs over declaration, we build java function call graph and find the system APIs been used; secondly, we proposed a light weight method to dynamic find out and update the relationship between permissions and APIs; third, we proposed a dynamic controlled method to detect android malwares. This proposed method is verified by extensive experiments.