On lightweight mobile phone application certification

William Enck, MacHigar Ongtang, Patrick McDaniel

Research output: Chapter in Book/Report/Conference proceedingConference contribution

816 Scopus citations


Users have begun downloading an increasingly large number of mobile phone applications in response to advancements in handsets and wireless networks. The increased number of applications results in a greater chance of installing Trojans and similar malware. In this paper, we propose the Kirin security service for Android, which performs lightweight certification of applications to mitigate malware at install time. Kirin certification uses security rules, which are templates designed to conservatively match undesirable properties in security configuration bundled with applications. We use a variant of security requirements engineering techniques to perform an in-depth security analysis of Android to produce a set of rules that match malware characteristics. In a sample of 311 of the most popular applications downloaded from the official Android Market, Kirin and our rules found 5 applications that implement dangerous functionality and therefore should be installed with extreme caution. Upon close inspection, another five applications asserted dangerous rights, but were within the scope of reasonable functional needs. These results indicate that security configuration bundled with Android applications provides practical means of detecting malware.

Original languageEnglish (US)
Title of host publicationCCS'09 - Proceedings of the 16th ACM Conference on Computer and Communications Security
Number of pages11
StatePublished - 2009
Event16th ACM Conference on Computer and Communications Security, CCS'09 - Chicago, IL, United States
Duration: Nov 9 2009Nov 13 2009

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221


Other16th ACM Conference on Computer and Communications Security, CCS'09
Country/TerritoryUnited States
CityChicago, IL

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Networks and Communications


Dive into the research topics of 'On lightweight mobile phone application certification'. Together they form a unique fingerprint.

Cite this