Abstract Privacy analysis techniques for mobile apps are mostly based on system-centric data originating from well-defined system API calls. But these apps may also collect sensitive information via their unstructured input sources that elude privacy analysis. The consequence is that users are unable to determine the extent to which apps may impact on their privacy when downloaded and installed on mobile devices. To this end, we present a privacy analysis framework for unstructured input. Our approach leverages app meta-data descriptions and taxonomy of sensitive information, to identify sensitive unstructured user input. The outcome is an understanding of the level of user privacy risk posed by an app based on its unstructured user input request. Subsequently, we evaluate the usefulness of the unstructured sensitive user input for malware detection. We evaluate our methods using 175K benign apps and 175K malware APKs. The outcome highlights that malicious app detector built on unstructured sensitive user achieve an average balance accuracy of 0.996 demonstrated with Trojan-Banker and Trojan-SMS when the malware family and target applications are known and balanced accuracy of 0.70 with generic malware.

中文翻译：

---

使用非结构化用户输入请求进行恶意软件检测

摘要 移动应用程序的隐私分析技术主要基于源自明确定义的系统 API 调用的以系统为中心的数据。但这些应用程序也可能通过其未进行隐私分析的非结构化输入源来收集敏感信息。结果是用户无法确定应用程序在下载并安装到移动设备上时对其隐私的影响程度。为此，我们提出了一个非结构化输入的隐私分析框架。我们的方法利用应用程序元数据描述和敏感信息分类来识别敏感的非结构化用户输入。结果是根据应用程序的非结构化用户输入请求了解应用程序带来的用户隐私风险级别。随后，我们评估了非结构化敏感用户输入对恶意软件检测的有用性。我们使用 175K 良性应用程序和 175K 恶意软件 APK 评估我们的方法。结果突出表明，当恶意软件家族和目标应用程序已知时，基于非结构化敏感用户的恶意应用程序检测器实现了 0.996 的平均平衡准确度，使用 Trojan-Banker 和 Trojan-SMS 证明，使用通用恶意软件的平衡准确度为 0.70。