Detecting Application Harmful Behavior and Grading Application Risks for Mobile Devices
First Claim
1. A method comprising:
- determining, by a computing system, a permission list from an application;
generating, by the computing system, a set of potential behaviors from the permission list, the set of potential behaviors associated with actions that the application allows when executing on a mobile device, wherein the set of potential behaviors are determined without execution of the application;
determining, by the computing system, functional category information regarding a functional category from a set of application marketplaces that contain the application;
determining, by the computing system, application description information for the application from the set of application marketplaces;
generating, by the computing system, a required behavior list including a set of required behaviors from the functional category information and the application description information;
comparing, by the computing system, the set of required behaviors to the set of potential behaviors to determine a set of security related behaviors, wherein security related behaviors are behaviors found in the set of potential behaviors, but not in the set of required behaviors; and
determining, by the computing system, a security rating based on the set of security related behaviors.
2 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment, a method determines a permission list from an application and generates a set of potential behaviors. The potential behaviors are associated with actions that the application allows when executing on a mobile device where the potential behaviors are determined without execution of the application. The method then determines functional category information regarding a functional category from a set of application marketplaces that contain the application and determines application description information for the application. A required behavior list is generated including a set of required behaviors from the functional category information and the application description information. The method compares the required behaviors to the potential behaviors to determine a set of security related behaviors. The security related behaviors are behaviors found in the potential behaviors, but not in the required behaviors. A security rating is determined based on the set of security related behaviors.
-
Citations
20 Claims
-
1. A method comprising:
-
determining, by a computing system, a permission list from an application; generating, by the computing system, a set of potential behaviors from the permission list, the set of potential behaviors associated with actions that the application allows when executing on a mobile device, wherein the set of potential behaviors are determined without execution of the application; determining, by the computing system, functional category information regarding a functional category from a set of application marketplaces that contain the application; determining, by the computing system, application description information for the application from the set of application marketplaces; generating, by the computing system, a required behavior list including a set of required behaviors from the functional category information and the application description information; comparing, by the computing system, the set of required behaviors to the set of potential behaviors to determine a set of security related behaviors, wherein security related behaviors are behaviors found in the set of potential behaviors, but not in the set of required behaviors; and determining, by the computing system, a security rating based on the set of security related behaviors. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A non-transitory computer-readable storage medium containing instructions, that when executed, control a computer system to be configured for:
-
determining a permission list from an application; generating a set of potential behaviors from the permission list, the set of potential behaviors associated with actions that the application allows when executing on a mobile device, wherein the set of potential behaviors are determined without execution of the application; determining functional category information regarding a functional category from a set of application marketplaces that contain the application; determining application description information for the application from the set of application marketplaces; generating a required behavior list including a set of required behaviors from the functional category information and the application description information; comparing the set of required behaviors to the set of potential behaviors to determine a set of security related behaviors, wherein security related behaviors are behaviors found in the set of potential behaviors, but not in the set of required behaviors; and determining a security rating based on the set of security related behaviors. - View Dependent Claims (15, 16, 17, 18, 19)
-
-
20. An apparatus comprising:
-
one or more computer processors; and a non-transitory computer-readable storage medium comprising instructions, that when executed, control the one or more computer processors to be configured for; determining a permission list from an application; generating a set of potential behaviors from the permission list, the set of potential behaviors associated with actions that the application allows when executing on a mobile device, wherein the set of potential behaviors are determined without execution of the application; determining functional category information regarding a functional category from a set of application marketplaces that contain the application; determining application description information for the application from the set of application marketplaces; generating a required behavior list including a set of required behaviors from the functional category information and the application description information; comparing the set of required behaviors to the set of potential behaviors to determine a set of security related behaviors, wherein security related behaviors are behaviors found in the set of potential behaviors, but not in the set of required behaviors; and determining a security rating based on the set of security related behaviors.
-
Specification