5th International Symposium on Digital Forensic and Security (ISDFS), Tirgu Mures, Romania, 26 - 28 April 2017
Application permissions at the core of Android security mechanism are the first leading transparent feature for users to assess any mobile application before download or installation and for experts to analyse any malware. Representing vast, dispersed permissions and achieving clarity is not a trivial matter. In this study, we first examined Android permissions, their groups and formal representations with the limitations. We also surveyed limited studies on clustering/visualization of permissions. We grouped 251 Android permissions into 12 clusters semantically and mimed a new visualization approach that looks more conventional to both end users and experts and helps comprehending permissions easily and quickly. We applied the proposed clustering and visualization on calculated discriminative malign permissions concept for malware analysis and demonstrated potential effectiveness of the approach. Our approach improves expressing and understanding of large number of mobile application permissions in a better context, provides more understanding and insight, and helps interpreting or inferring interesting patterns related to permissions for malware classification.