Android devices are currently widely used in many fields, such as automatic control, embedded systems, the Internet of Things and so on. At the same time, Android applications (apps) always use multiple permissions, and permissions can be abused by malicious apps that disclose users' privacy or breach the secure storage of information. FlowDroid has been extensively studied as a novel and highly precise static taint analysis for Android applications. Aiming at the problem of complex detection and false alarms in FlowDroid, an improved static detection method based on feature permission and risk rating is proposed. Firstly, the Chi-square test is used to extract correlated permissions related to malicious apps, and mutual information is used to cluster the permissions to generate feature permission clusters. Secondly, risk calculation method based on permissions and combinations of permissions are proposed to identify dangerous data flows. Experiments show that this method can significantly improve detection efficiency while maintaining the accuracy of dangerous data flow detection.
Keywords: Chi-square test; FlowDroid; automatic control; mutual information; permission; static detection.