Abstract
The Android market is booming, and the unique identification of user devices by APPs helps track attackers. Although Google has designed unique identifiers such as IMEI, users’ permission is required to obtain such identifiers. There are currently some methods to forge such identifiers through the Android emulator. To resist identifier forgery attacks and accurately identify Android devices, in this paper, we propose a zero-permission detection framework for an Android device called DroidFP, which does not require any permissions to generate an Android fingerprint. DroidFP consists of emulator detection and Android device identification, which uses GRU to associate the fingerprint changes for the same device. We collected actual device data and emulators data using data enhancement to expand the dataset to 16200. Experiment results show that emulator detection is essential, and DroidFP has high robustness and accuracy in device identification.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
Our feature set is publicly available at https://github.com/ImCaviar/DroidFP.
References
Sung, K., Huang, J., Corner, M.D., Levine, B.N.: Re-identification of mobile devices using real-time bidding advertising networks. In: Proceedings of the 26th Annual International Conference on Mobile Computing and Networking, pp. 1–13 (2020)
Anti-emulator. https://github.com/strazzere/anti-emulator
Thanasis, P., Giannis, V., Elias, A., Michalis, P., Sotiris, I.: Rage against the virtual machine: hindering dynamic analysis of Android malware. In: Proceedings of the 7th EUROSEC, Amsterdam, pp.5:1–5:6 (2014)
EasyProtector. https://github.com/lamster2018/EasyProtector
Dey, S., Roy, N., Xu, W., Choudhury, R.R., Nelakuditi, S.: AccelPrint: imperfections of accelerometers make smartphones trackable. In: NDSS. Citeseer (2014)
Wu, W., Wu, J., Wang, Y., Ling, Z., Yang, M.: Efficient fingerprinting-based android device identification with zero-permission identifiers. IEEE Access 4, 8073–8083 (2016)
Irolla, P., Filiol, E.: Glassbox: dynamic analysis platform for malware android applications on real devices. arXiv preprint arXiv:1609.04718 (2016)
Wu, W.C., Hung, S.H.: DroidDolphin: a dynamic android malware detection framework using big data and machine learning. In: Proceedings of the 2014 Conference on Research in Adaptive and Convergent Systems, pp. 247–252 (2014)
Google play services — google developers. https://developers.google.com/android
Acknowledgements
We thank the reviewers for their valuable comments and suggestions. This work is supported by the Youth Innovation Promotion Association CAS (No.2019163), the Strategic Priority Research Program of Chinese Academy of Sciences (No. XDC02040100), the Key Laboratory of Network Assessment Technology at Chinese Academy of Sciences and Beijing Key Laboratory of Network security and Protection Technology.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Liu, X., Zhao, W., Chen, L., Liu, Q. (2022). DroidFP: A Zero-Permission Detection Framework for Android Devices Based on Gated Recurrent Unit. In: Su, C., Sakurai, K., Liu, F. (eds) Science of Cyber Security. SciSec 2022. Lecture Notes in Computer Science, vol 13580. Springer, Cham. https://doi.org/10.1007/978-3-031-17551-0_24
Download citation
DOI: https://doi.org/10.1007/978-3-031-17551-0_24
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-17550-3
Online ISBN: 978-3-031-17551-0
eBook Packages: Computer ScienceComputer Science (R0)